[clamav-users] Freshclam Non-repudiation

Brad Scalio scalio at gmail.com
Fri Jan 29 17:12:50 EST 2016


I think I answered my own question, Sansecurity.

On Fri, Jan 29, 2016 at 4:41 PM, Brad Scalio <scalio at gmail.com> wrote:

> Thanks Steve that does help, who's the CA or at least the certs aren't
> self-signed correct?
>
> On Fri, Jan 29, 2016, 14:42 Steven Morgan <smorgan at sourcefire.com> wrote:
>
>> Brad,
>>
>> The official ClamAV virus database is digitally signed before posting to
>> the ClamAV mirrors. The CVD signature is checked before database load
>> time.
>> Virus names of signatures from non-signed databases are appended with
>> ".UNOFFICIAL".
>>
>> Hope this helps,
>> Steve
>>
>> On Thu, Jan 28, 2016 at 5:29 PM, Brad Scalio <scalio at gmail.com> wrote:
>>
>> > Is there any integrity or authenticity checks within freshclam when it
>> > connects to the clamAV servers to download the virus signature
>> databases?
>> >
>> > Also is there any non-repudiation  of the servers hosting the virus
>> > signature databases, that is who gets to be a host and is there any
>> > procedures to ensure those servers hosting the files are secured and the
>> > files genuine?
>> >
>> > Sorry for ambiguity I'm just looking for anything, I'm not suggesting
>> > changes if there aren't just need fodder if there are any.
>> >
>> > Thanks!
>> > _______________________________________________
>> > Help us build a comprehensive ClamAV guide:
>> > https://github.com/vrtadmin/clamav-faq
>> >
>> > http://www.clamav.net/contact.html#ml
>> >
>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>



More information about the clamav-users mailing list