[clamav-users] Clam & safe browsing question/problem
Joel Esler (jesler)
jesler at cisco.com
Mon May 23 00:56:29 UTC 2016
This is something the team is actively working on. Please stay tuned.
--
Joel Esler
Manager, Talos Group
On May 22, 2016, at 12:38 PM, TR Shaw <tshaw at oitc.com<mailto:tshaw at oitc.com>> wrote:
The following is safebrowsing’s test host name, malware.testing.google[.]test, and using google’s test page
https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url=malware.testing.google[.]test
shows that it is listed.
I have enabled safebrowsing in freshclam.cong and checked that safebrowsing.cvd has been downloaded and is current.
I checked clamav using clamscan on a file containing EICAR signature and it detects. I also check clamd using INSTREAM and piped an EICAR signature to clamd and it responded "Eicar-Test-Signature FOUND”
I then created a file containing
<http>
<head>
</head>
<body>
<a href=http://malware.testing.google[.]test/>http://malware.testing.google[.]test/</a>
</body>
</html>
and ran it through clamav:
clamscan -v googlesafebrowsingtest.txt
----------- SCAN SUMMARY -----------
Known viruses: 5826858
Engine version: 0.99
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 10.639 sec (0 m 10 s)
and got no detects. I also checked with INSTREAM and nada.
Any help is appreciated to help me get this going.
Tom
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list