[clamav-users] Clam & safe browsing question/problem

Al Varnell alvarnell at mac.com
Mon May 23 02:03:32 EDT 2016


Perhaps this has something to do with it?

<https://security.googleblog.com/2016/05/evolving-safe-browsing-api.html>

-Al-

On Sun, May 22, 2016 at 05:56 PM, Joel Esler (jesler) wrote:
> 
> This is something the team is actively working on.  Please stay tuned.
> 
> 
> --
> Joel Esler
> Manager, Talos Group
> 
> 
> 
> 
> On May 22, 2016, at 12:38 PM, TR Shaw <tshaw at oitc.com<mailto:tshaw at oitc.com>> wrote:
> 
> The following is safebrowsing’s test host name, malware.testing.google[.]test, and using google’s test page
> 
> https://www.google.com/transparencyreport/safebrowsing/diagnostic/index.html#url=malware.testing.google[.]test
> 
> shows that it is listed.
> 
> I have enabled safebrowsing in freshclam.cong and checked that safebrowsing.cvd has been downloaded and is current.
> 
> I checked clamav using clamscan on a file containing EICAR signature and it detects. I also check clamd using INSTREAM and piped an EICAR signature to clamd and it responded "Eicar-Test-Signature FOUND”
> 
> I then created a file containing
> 
> <http>
> <head>
> </head>
> <body>
> <a href=http://malware.testing.google[.]test/>http://malware.testing.google[.]test/</a>
> </body>
> </html>
> 
> and ran it through clamav:
> 
> clamscan -v googlesafebrowsingtest.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2370 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160522/6ade4454/attachment.bin>


More information about the clamav-users mailing list