[clamav-users] Database updated over unencrypted connection?
webmaster at securiteinfo.com
Fri Mar 15 11:47:02 EDT 2019
Le 15/03/2019 à 16:04, instaham--- via clamav-users a écrit :
> Leonardo Rodrigues wrote:
>> the databases are digitally signed, and any modification, such in
>> a man-in-the-middle attack, would break the signature and freshclam
>> would refuse to run the files.
> Sounds good. Can you please explain how this works in detail?
> Apt places GPG keys in the system and uses them to verify downloaded
> It doesn't seem that ClamAV placed any GPG keys in my system. So how
> is the verification happening?
The .cvd files have an internal cryptographic signature that's
checked by freshclam and clamd/clamscan. If freshclam and/or clamd
accepts the files, you can be assured they are official and
unmodified. This is built into clam; no external tools are called.
Btw, it is working for official signatures. 3rd party signatures provide
hash based checksum files.
Cordialement / Best regards,
Gérant de SecuriteInfo.com
Téléphone : +33-(0)22.214.171.124.46
E-mail : aj at securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the clamav-users