Tag » Clamav

ClamAV on MacOS via pkgsrc

I desired to be able to do an anti-virus scan on my MacBook. ¬†After trying and paying for several large proprietary alternatives and being dissatisfied I decided to try and use… 230 kata lagi

Software

Clamav: troubleshooting of clamdscan

clamdscan is much faster to run than clamscan, however, it requires clamd which is a bit harder to setup, so I have some tips for troubleshooting: 165 kata lagi

DevOps

Gentoo + Squid + Radius Auth + sslBump + remote SquidClamav + SquidGuard // intransparent official proxy in corporate environment

What to know:
Squid caches and breaks clients encryption in MITM style. After clients request he establishes conections to both server and client. To the server he impersonates a client and checks servers certificates. 3.855 kata lagi

Bytes

ClamAV remote scan command

Try

telnet $SERVERIP $PORT

Type

zINSTREAM

Linux

ClamAV as remote accessable server

On debian simply run

dpkg-reconfigure clamav-daemon

Test it with

telnet $IP $PORT

Type PING

Get PONG

Config files:

clamd.conf

#Automatically Generated by clamav-daemon postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-daemon
#Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details
TCPSocket 3310
TCPAddr 192.168.100.8
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User clamav
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 30
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 64
MaxConnectionQueueLength 15
LogSyslog true
LogRotate true
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
DatabaseDirectory /var/lib/clamav
OfficialDatabaseOnly false
SelfCheck 3600
Foreground false
Debug false
ScanPE true
MaxEmbeddedPE 20M
ScanOLE2 true
ScanPDF true
ScanHTML true
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxScriptNormalize 5M
MaxZipTypeRcg 1M
ScanSWF true
DetectBrokenExecutables false
ExitOnOOM false
LeaveTemporaryFiles false
AlgorithmicDetection true
ScanELF true
IdleTimeout 30
CrossFilesystems true
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
PartitionIntersection false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
CommandReadTimeout 5
SendBufTimeout 200
MaxQueue 100
ExtendedDetectionInfo true
OLE2BlockMacros false
ScanOnAccess true
AllowAllMatchScan true
ForceToDisk false
DisableCertCheck false
DisableCache false
MaxScanSize 100M
MaxFileSize 25M
MaxRecursion 16
MaxFiles 10000
MaxPartitions 50
MaxIconsPE 100
PCREMatchLimit 10000
PCRERecMatchLimit 5000
PCREMaxFileSize 25M
ScanXMLDOCS true
ScanHWP3 true
MaxRecHWP3 16
StatsEnabled true
StatsPEDisabled true
StatsHostID autoCLAMscan
StatsTimeout 10
StreamMaxLength 25M
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0
Bytecode true
BytecodeSecurity TrustSigned
BytecodeTimeout 60000
OnAccessMaxFileSize 64M
… 19 kata lagi
Bytes

ClamAV | clamdscan | using remote clam server via tcp

On your machine install clamav, then create clamd.remote.conf, it contains two lines only:

TCPSocket REMOTEPORT
TCPAddr REMOTEIP

Run

clamdscan -c clamd.remote.conf --fdpass --stream '$FILE'
Bytes

Cloud Based Protection With Immunet

We all have traditional anti-virus solutions installed on our computers to protect from harmful viruses these days. These traditional anti-virus solutions are installed on your computer along with virus definitions (signatures) and require updating regularly to ensure you are protected against the latest known viruses. 238 kata lagi

Cisco