[clamav-users] Secure download/verification of clamav database?
Luke Massa
lmassa at tripadvisor.com
Wed Oct 24 17:10:33 UTC 2018
But what are they signed *by*? If it’s using a public/private keypair, where is the public key? Is it baked into freshclam/clamd/clamscan somewhere?
- Luke
> On Oct 24, 2018, at 11:59 AM, Noel Jones <njones at megan.vbhcs.org> wrote:
>
> On 10/23/2018 2:17 PM, Luke Massa wrote:
>>
>> In short, is there any way I can setup clamav/freshclam and be
>> confident that a malicious user isn’t adding/removing signatures
>> from the upstream mirrors?
>
> The .cvd files have an internal cryptographic signature that's
> checked by freshclam and clamd/clamscan. If freshclam and/or clamd
> accepts the files, you can be assured they are official and
> unmodified. This is built into clam; no external tools are called.
>
>
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=ubAc0_qBT9TvSWB9vjS80Ms_3NrthlFbqGFdf4SnHnI&s=4z3Dmbis3lgzZCwuTZLvD73r3WkvhFQDX5PNfriNroU&e=
>
>
> Help us build a comprehensive ClamAV guide:
> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=ubAc0_qBT9TvSWB9vjS80Ms_3NrthlFbqGFdf4SnHnI&s=mKsCe7GnAu-_iumtzjklXt4uvxURW8H8jZPNpv1EgFg&e=
>
> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=ubAc0_qBT9TvSWB9vjS80Ms_3NrthlFbqGFdf4SnHnI&s=gyItpqPZCd_ddSzi93tJXOU6DbhXlZZECSjFSpkF38s&e=
More information about the clamav-users
mailing list