Re: [clamav-users] Database updated over unencrypted connection?
Arnaud Jacques wrote: The .cvd files have an internal cryptographic signature that's checked by freshclam and clamd/clamscan. If freshclam and/or clamd accepts the files, you can be assured they are official and unmodified. This is built into clam; no external tools are called. Thanks, this is basically what I wanted to know. Good to hear that there's a verification of the data happening. Thanks to everybody who shared thoughts and knowledge on this topic. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Database updated over unencrypted connection?
Leonardo Rodrigues wrote: the databases are digitally signed, and any modification, such in a man-in-the-middle attack, would break the signature and freshclam would refuse to run the files. Sounds good. Can you please explain how this works in detail? Apt places GPG keys in the system and uses them to verify downloaded data. It doesn't seem that ClamAV placed any GPG keys in my system. So how is the verification happening? Thanks ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml