[clamav-users] Secure download/verification of clamav database?
Noel Jones
njones at megan.vbhcs.org
Wed Oct 24 18:01:02 UTC 2018
Baked in.
On 10/24/2018 12:10 PM, Luke Massa wrote:
> But what are they signed *by*? If it’s using a public/private keypair, where is the public key? Is it baked into freshclam/clamd/clamscan somewhere?
>
> - Luke
>
>> On Oct 24, 2018, at 11:59 AM, Noel Jones <njones at megan.vbhcs.org> wrote:
>>
>> On 10/23/2018 2:17 PM, Luke Massa wrote:
>>>
>>> In short, is there any way I can setup clamav/freshclam and be
>>> confident that a malicious user isn’t adding/removing signatures
>>> from the upstream mirrors?
>>
>> The .cvd files have an internal cryptographic signature that's
>> checked by freshclam and clamd/clamscan. If freshclam and/or clamd
>> accepts the files, you can be assured they are official and
>> unmodified. This is built into clam; no external tools are called.
>>
>>
>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=ubAc0_qBT9TvSWB9vjS80Ms_3NrthlFbqGFdf4SnHnI&s=4z3Dmbis3lgzZCwuTZLvD73r3WkvhFQDX5PNfriNroU&e=
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=ubAc0_qBT9TvSWB9vjS80Ms_3NrthlFbqGFdf4SnHnI&s=mKsCe7GnAu-_iumtzjklXt4uvxURW8H8jZPNpv1EgFg&e=
>>
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwIGaQ&c=9Hv6XPedRSA-5PSECC38X80c1h60_XWA4z1k_R1pROA&r=kBR20qCRpw_COsjokFR0DeDlBjL9wibcGzBBJtTubwc&m=ubAc0_qBT9TvSWB9vjS80Ms_3NrthlFbqGFdf4SnHnI&s=gyItpqPZCd_ddSzi93tJXOU6DbhXlZZECSjFSpkF38s&e=
>
More information about the clamav-users
mailing list