Updates Script to fetch Steve Basford's Phihing Sigs for ClamAV
Denis Beauchemin
Denis.Beauchemin at USherbrooke.ca
Mon May 7 19:54:08 IST 2007
Randal, Phil a écrit :
> Folks,
>
> Steve Basford has a ClamAV phishing database over at
>
> http://www.sanesecurity.com/clamav/
>
> and has recently updated his site to provide a gzipped version of the
> file.
>
> The attached script is a modified version of the one I posted to this
> list back in March. This version uses curl to fetch newer versions of
> the gzipped database.
>
>
Phil,
Your script stopped working during lunchtime and when I got back there
was a huge backlog on my servers.
I found the following error message in my logs:
ClamAV Module ERROR:: Could not load databases from
/usr/local/share/clamav
Turns out there was an empty definition file in Clam's directory:
# cd /usr/local/share/clamav/
# ls -l
total 16
drwxr-xr-x 2 clamav clamav 4096 May 7 14:09 daily.inc/
drwxr-xr-x 2 clamav clamav 4096 May 7 13:49 main.inc/
-rw------- 1 clamav clamav 208 May 7 14:09 mirrors.dat
-rw-r--r-- 1 clamav clamav 0 May 7 12:25 phish.ndb
-rw-r--r-- 1 root root 316 May 7 12:25 phish.ndb.gz
I changed your script to get the definitions from a mirror (the
recommended way nowadays). Take a look at
http://sanesecurity.co.uk/clamav/downloads.htm
I decided to use :
phish_file=http://mirrors.dotsrc.org/clamav-sanesigs/$phish_gz
There are other download scripts on this page:
http://sanesecurity.co.uk/clamav/usage.htm
Denis
--
_
°v° Denis Beauchemin, analyste
/(_)\ Université de Sherbrooke, S.T.I.
^ ^ T: 819.821.8000x62252 F: 819.821.8045
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20070507/eb496a07/smime-0001.bin
More information about the MailScanner
mailing list