[clamav-users] Freshclam Non-repudiation
scalio at gmail.com
Fri Jan 29 05:32:12 EST 2016
Thanks for the quick replies and information, this helps greatly and is
On Jan 29, 2016 03:28, "Steve Basford" <steveb_clamav at sanesecurity.com>
> On Thu, January 28, 2016 10:29 pm, Brad Scalio wrote:
> > Is there any integrity or authenticity checks within freshclam when it
> > connects to the clamAV servers to download the virus signature databases?
> Hi Brad,
> Just to cover 3rd Party (.UNOFFICIAL) signatures.
> Signatures produced by Sanesecurity and/or distributed by Sanesecurity
> mirrors are first created and/or downloaded then checked against a HAM
> folder and finally signed with GPG.
> In addition, md5/sha256 hashes are also produced.
> Download scripts check the GPG and/or hashes depending on which script
> you use.
> As Sanesecurity have been doing this for 10 years this year, hopefully
> the GPG key can be trusted ;)
> Web : sanesecurity.com
> Blog: sanesecurity.blogspot.com
> Twitter: @sanesecurity
> Help us build a comprehensive ClamAV guide:
More information about the clamav-users