subject:"\[clamav\-users\] Feature request\: show checksums of virus databases on the clamav.net website"

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-30 Thread Reindl Harald




Am 30.09.2016 um 04:51 schrieb Alexey Salmin:

Thanks for your replies.

My particular use case is a network that is physically disconnected
from the internet. Storage devices are allowed though, so I bring a
fresh virus database from time to time. It's used to run nightly scans
on shared network filesystems where malware occasionally show up. I
guess it comes from storage devices too and that was mostly fixed by
installing USB Disk Security on Windows machines. However it only
helps from autoruns, not from infected binaries, so scheduled scans
are still needed (and I think that's a good practice anyway).

Long story short: what is the recommended way to handle this scenario?
I'm thinking of setting up a local mirror on the internet-capable
machine and then take CVDs from there (with checksums or whatsoever)


use freshclam on whatever machine and take /var/lib/clamav/ to the 
destination machine - smart setups with more than one machine are doing 
that by rsync that folder to the other machines while freshclam runs on 
a admin-server instead produce multiple traffic for clamav 
infrastructure (the same for locations like /usr/shareGeoIP)



On Fri, Sep 30, 2016 at 6:40 AM, Reindl Harald <h.rei...@thelounge.net> wrote:


Am 30.09.2016 um 01:20 schrieb SCOTT PACKARD:


Some of us clamav users are behind rather substantial proxies and can't
pull them easily.
It's nice to have a place to download them.  Just FYI.



sorry, but in that case these problems needs to be solved with the fools of
admins (or that admins replaced) responsible for only one part of the
infrastructure, blocking anything for security reasons and then at the same
time blocking update sof security software which is just pervert


-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On
Behalf Of Joel Esler (jesler)
Sent: Thursday, September 29, 2016 3:23 PM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] Feature request: show checksums of virus
databases on the clamav.net website

We really don’t want people downloading the cvd’s through the browser
directly on the website.  We really want to encourage people to use
Freshclam to do this.

--
Joel Esler
Manager
Talos Group
http://www.talosintelligence.com

On Sep 29, 2016, at 12:21 PM, Alexey Salmin
<alexey.sal...@gmail.com<mailto:alexey.sal...@gmail.com>> wrote:

Sorry if this had been proposed before, nothing showed up in my search.

I suggest to display checksums (MD5, SHA or both) on the website next
to CVD download links on the
www.clamav.net/downloads<http://www.clamav.net/downloads> page. This will
provide a user with:
1) A simple way to check if files were updated since the last
download. It takes time to fetch the main.cvd. I realize that this
should be possible with a custom HTTP query but it's not convenient in
case you're simply using a browser to get the file.
2) A quick and a standard way to validate the integrity of the file,
without going into CVD internals and digital signatures


___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml



--

Reindl Harald
the lounge interactive design GmbH
A-1060 Vienna, Hofmühlgasse 17
CTO / CISO / Software-Development
m: +43 676 40 221 40
p: +43 1 595 3999 33
http://www.thelounge.net/
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-29 Thread Paul Kosinski

Is the reason you don't want people downloading the CVDs directly
because that approach doesn't distribute the load, or do you have
some changes in mind for Freshclam that are incompatible with simple
direct downloading?

I'd hate to see ClamAV going the way of smartphones and tablets, with
specialized "apps" using opaque protocols replacing HTML and other open
protocols. (Not to mention that recent smartphones seem only to allow
MTP and similar restrictive protocols, as opposed to having the device
export its complete file system over USB like earlier Androids did.)

On Thu, 29 Sep 2016 22:22:32 +
"Joel Esler (jesler)"  wrote:

> We really don’t want people downloading the cvd’s through the browser
> directly on the website.  We really want to encourage people to use
> Freshclam to do this.
> 
> --
> Joel Esler
> Manager
> Talos Group
> http://www.talosintelligence.com
> 
> On Sep 29, 2016, at 12:21 PM, Alexey Salmin
> > wrote:
> 
> Sorry if this had been proposed before, nothing showed up in my
> search.
> 
> I suggest to display checksums (MD5, SHA or both) on the website next
> to CVD download links on the
> www.clamav.net/downloads page. This
> will provide a user with: 1) A simple way to check if files were
> updated since the last download. It takes time to fetch the main.cvd.
> I realize that this should be possible with a custom HTTP query but
> it's not convenient in case you're simply using a browser to get the
> file. 2) A quick and a standard way to validate the integrity of the
> file, without going into CVD internals and digital signatures.
> 
> Thank you,
> Alexey
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-29 Thread Al Varnell

If you are able to download from the web site to a media that can be brought in 
(not the most secure situation, of course) then simply use the same computer 
you are using to download these updates to run freshclam, copy the already 
verified database of CVD/CLD’s and problem solved.

-Al-

On Thu, Sep 29, 2016 at 07:51 PM, Alexey Salmin wrote:
> 
> Thanks for your replies.
> 
> My particular use case is a network that is physically disconnected
> from the internet. Storage devices are allowed though, so I bring a
> fresh virus database from time to time. It's used to run nightly scans
> on shared network filesystems where malware occasionally show up. I
> guess it comes from storage devices too and that was mostly fixed by
> installing USB Disk Security on Windows machines. However it only
> helps from autoruns, not from infected binaries, so scheduled scans
> are still needed (and I think that's a good practice anyway).
> 
> Long story short: what is the recommended way to handle this scenario?
> I'm thinking of setting up a local mirror on the internet-capable
> machine and then take CVDs from there (with checksums or whatsoever).
> 
> PS You may wonder if I'm the fool admin mentioned above but that's not
> the case (at least the admin part). I'm a user of this network who
> volunteered to help with the malware problem with no budget or means
> to change security rules.
> 
> Alexey
> 
> On Fri, Sep 30, 2016 at 6:40 AM, Reindl Harald <h.rei...@thelounge.net> wrote:
>> 
>> Am 30.09.2016 um 01:20 schrieb SCOTT PACKARD:
>>> 
>>> Some of us clamav users are behind rather substantial proxies and can't
>>> pull them easily.
>>> It's nice to have a place to download them.  Just FYI.
>> 
>> 
>> sorry, but in that case these problems needs to be solved with the fools of
>> admins (or that admins replaced) responsible for only one part of the
>> infrastructure, blocking anything for security reasons and then at the same
>> time blocking update sof security software which is just pervert
>> 
>>> -Original Message-
>>> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On
>>> Behalf Of Joel Esler (jesler)
>>> Sent: Thursday, September 29, 2016 3:23 PM
>>> To: ClamAV users ML <clamav-users@lists.clamav.net>
>>> Subject: Re: [clamav-users] Feature request: show checksums of virus
>>> databases on the clamav.net website
>>> 
>>> We really don’t want people downloading the cvd’s through the browser
>>> directly on the website.  We really want to encourage people to use
>>> Freshclam to do this.
>>> 
>>> --
>>> Joel Esler
>>> Manager
>>> Talos Group
>>> http://www.talosintelligence.com
>>> 
>>> On Sep 29, 2016, at 12:21 PM, Alexey Salmin
>>> <alexey.sal...@gmail.com<mailto:alexey.sal...@gmail.com>> wrote:
>>> 
>>> Sorry if this had been proposed before, nothing showed up in my search.
>>> 
>>> I suggest to display checksums (MD5, SHA or both) on the website next
>>> to CVD download links on the
>>> www.clamav.net/downloads<http://www.clamav.net/downloads> page. This will
>>> provide a user with:
>>> 1) A simple way to check if files were updated since the last
>>> download. It takes time to fetch the main.cvd. I realize that this
>>> should be possible with a custom HTTP query but it's not convenient in
>>> case you're simply using a browser to get the file.
>>> 2) A quick and a standard way to validate the integrity of the file,
>>> without going into CVD internals and digital signatures
>> 
>> ___
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> 
>> http://www.clamav.net/contact.html#ml
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
> 
> http://www.clamav.net/contact.html#ml

-Al-
-- 
Al Varnell
Mountain View, CA






smime.p7s
Description: S/MIME cryptographic signature
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-29 Thread Alexey Salmin

Thanks for your replies.

My particular use case is a network that is physically disconnected
from the internet. Storage devices are allowed though, so I bring a
fresh virus database from time to time. It's used to run nightly scans
on shared network filesystems where malware occasionally show up. I
guess it comes from storage devices too and that was mostly fixed by
installing USB Disk Security on Windows machines. However it only
helps from autoruns, not from infected binaries, so scheduled scans
are still needed (and I think that's a good practice anyway).

Long story short: what is the recommended way to handle this scenario?
I'm thinking of setting up a local mirror on the internet-capable
machine and then take CVDs from there (with checksums or whatsoever).

PS You may wonder if I'm the fool admin mentioned above but that's not
the case (at least the admin part). I'm a user of this network who
volunteered to help with the malware problem with no budget or means
to change security rules.

Alexey

On Fri, Sep 30, 2016 at 6:40 AM, Reindl Harald <h.rei...@thelounge.net> wrote:
>
> Am 30.09.2016 um 01:20 schrieb SCOTT PACKARD:
>>
>> Some of us clamav users are behind rather substantial proxies and can't
>> pull them easily.
>> It's nice to have a place to download them.  Just FYI.
>
>
> sorry, but in that case these problems needs to be solved with the fools of
> admins (or that admins replaced) responsible for only one part of the
> infrastructure, blocking anything for security reasons and then at the same
> time blocking update sof security software which is just pervert
>
>> -Original Message-
>> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On
>> Behalf Of Joel Esler (jesler)
>> Sent: Thursday, September 29, 2016 3:23 PM
>> To: ClamAV users ML <clamav-users@lists.clamav.net>
>> Subject: Re: [clamav-users] Feature request: show checksums of virus
>> databases on the clamav.net website
>>
>> We really don’t want people downloading the cvd’s through the browser
>> directly on the website.  We really want to encourage people to use
>> Freshclam to do this.
>>
>> --
>> Joel Esler
>> Manager
>> Talos Group
>> http://www.talosintelligence.com
>>
>> On Sep 29, 2016, at 12:21 PM, Alexey Salmin
>> <alexey.sal...@gmail.com<mailto:alexey.sal...@gmail.com>> wrote:
>>
>> Sorry if this had been proposed before, nothing showed up in my search.
>>
>> I suggest to display checksums (MD5, SHA or both) on the website next
>> to CVD download links on the
>> www.clamav.net/downloads<http://www.clamav.net/downloads> page. This will
>> provide a user with:
>> 1) A simple way to check if files were updated since the last
>> download. It takes time to fetch the main.cvd. I realize that this
>> should be possible with a custom HTTP query but it's not convenient in
>> case you're simply using a browser to get the file.
>> 2) A quick and a standard way to validate the integrity of the file,
>> without going into CVD internals and digital signatures
>
> ___
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-29 Thread Reindl Harald



Am 30.09.2016 um 01:20 schrieb SCOTT PACKARD:

Some of us clamav users are behind rather substantial proxies and can't pull 
them easily.
It's nice to have a place to download them.  Just FYI.


sorry, but in that case these problems needs to be solved with the fools 
of admins (or that admins replaced) responsible for only one part of the 
infrastructure, blocking anything for security reasons and then at the 
same time blocking update sof security software which is just pervert



-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
Joel Esler (jesler)
Sent: Thursday, September 29, 2016 3:23 PM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] Feature request: show checksums of virus databases 
on the clamav.net website

We really don’t want people downloading the cvd’s through the browser directly 
on the website.  We really want to encourage people to use Freshclam to do this.

--
Joel Esler
Manager
Talos Group
http://www.talosintelligence.com

On Sep 29, 2016, at 12:21 PM, Alexey Salmin 
<alexey.sal...@gmail.com<mailto:alexey.sal...@gmail.com>> wrote:

Sorry if this had been proposed before, nothing showed up in my search.

I suggest to display checksums (MD5, SHA or both) on the website next
to CVD download links on the 
www.clamav.net/downloads<http://www.clamav.net/downloads> page. This will
provide a user with:
1) A simple way to check if files were updated since the last
download. It takes time to fetch the main.cvd. I realize that this
should be possible with a custom HTTP query but it's not convenient in
case you're simply using a browser to get the file.
2) A quick and a standard way to validate the integrity of the file,
without going into CVD internals and digital signatures

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-29 Thread SCOTT PACKARD

Some of us clamav users are behind rather substantial proxies and can't pull 
them easily.
It's nice to have a place to download them.  Just FYI.

-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
Joel Esler (jesler)
Sent: Thursday, September 29, 2016 3:23 PM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] Feature request: show checksums of virus databases 
on the clamav.net website

We really don’t want people downloading the cvd’s through the browser directly 
on the website.  We really want to encourage people to use Freshclam to do this.

--
Joel Esler
Manager
Talos Group
http://www.talosintelligence.com

On Sep 29, 2016, at 12:21 PM, Alexey Salmin 
<alexey.sal...@gmail.com<mailto:alexey.sal...@gmail.com>> wrote:

Sorry if this had been proposed before, nothing showed up in my search.

I suggest to display checksums (MD5, SHA or both) on the website next
to CVD download links on the 
www.clamav.net/downloads<http://www.clamav.net/downloads> page. This will
provide a user with:
1) A simple way to check if files were updated since the last
download. It takes time to fetch the main.cvd. I realize that this
should be possible with a custom HTTP query but it's not convenient in
case you're simply using a browser to get the file.
2) A quick and a standard way to validate the integrity of the file,
without going into CVD internals and digital signatures.

Thank you,
Alexey
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-29 Thread Joel Esler (jesler)

We really don’t want people downloading the cvd’s through the browser directly 
on the website.  We really want to encourage people to use Freshclam to do this.

--
Joel Esler
Manager
Talos Group
http://www.talosintelligence.com

On Sep 29, 2016, at 12:21 PM, Alexey Salmin 
> wrote:

Sorry if this had been proposed before, nothing showed up in my search.

I suggest to display checksums (MD5, SHA or both) on the website next
to CVD download links on the 
www.clamav.net/downloads page. This will
provide a user with:
1) A simple way to check if files were updated since the last
download. It takes time to fetch the main.cvd. I realize that this
should be possible with a custom HTTP query but it's not convenient in
case you're simply using a browser to get the file.
2) A quick and a standard way to validate the integrity of the file,
without going into CVD internals and digital signatures.

Thank you,
Alexey
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Feature request: show checksums of virus databases on the clamav.net website

2016-09-29 Thread Alexey Salmin

Sorry if this had been proposed before, nothing showed up in my search.

I suggest to display checksums (MD5, SHA or both) on the website next
to CVD download links on the www.clamav.net/downloads page. This will
provide a user with:
1) A simple way to check if files were updated since the last
download. It takes time to fetch the main.cvd. I realize that this
should be possible with a custom HTTP query but it's not convenient in
case you're simply using a browser to get the file.
2) A quick and a standard way to validate the integrity of the file,
without going into CVD internals and digital signatures.

Thank you,
Alexey
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

Re: [clamav-users] Feature request: show checksums of virus databases on the clamav.net website

[clamav-users] Feature request: show checksums of virus databases on the clamav.net website

8 matches

Site Navigation

Mail list logo

Footer information