[clamav-users] ClamAV Update Authenticity?

Benny Pedersen me at junc.eu
Tue Aug 11 16:31:22 EDT 2015

Thomas Peterson skrev den 2015-08-11 21:59:
> Is there a method to authenticate ClamAV updates? I see that GnuPG can
> be used to verify the signature of the ClamAV installation, what about
> the virus database updates.  I use ClamAV completely offline and do
> not have the ability to connect directly to any network for updates.
> I use a machine with internet access to download the updates and then
> transfer them manually.  If anyone has any ideas on how to
> authenticate ClamAV  database updates, please let me know.

if you use official signatures thay are digital signed, if you use 3dr 
party signature it must be gpg signed

there is download scripts that automate this, ironical 
http://sanesecurity.com/ is a wordpress site that is infacted with 
mailware popups :(

i have reported this before but maybe only me that can see the fun in it 

on that site check usage menu

still need help ask for this here again

More information about the clamav-users mailing list