[clamav-users] Database updated over unencrypted connection?

Arnaud Jacques webmaster at securiteinfo.com
Thu Mar 14 16:19:55 EDT 2019


Hello,

You can read this thread and make your own opinion :

https://lists.clamav.net/pipermail/clamav-users/2014-December/001129.html


Le 14/03/2019 à 19:26, instaham--- via clamav-users a écrit :
> Hi everybody,
>
> I assume that when I run "freshclam", the virus database is updated 
> over an unencrypted and plain http connection.
>
> The default configuration doesn't seem to use https.
>
> Isn't this kind of insecure (Man-in-the-middle-attacks, etc.)?
>
> Are there any https mirrors available and, if yes, how can I configure 
> ClamAV to use these instead?
>
> Or is some kind of verification of the data happening in the 
> background (such as apt in Debian is using GPG)?
>
> Hope you can help me with this. Thanks
>
>
>
>
>
>
>
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml

-- 
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.44.39.76.46
E-mail : aj at securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom

Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois



More information about the clamav-users mailing list