[clamav-users] How can we consume .ldb files in ClamAV Ubuntu?
Mark Allan
markjallan at gmail.com
Mon Dec 14 21:20:10 UTC 2020
Hi Sandeep,
There's no need to convert them. Just put them straight into the clamav database directory and call them whatever_you_want.ldb eg
/var/lib/clamav/fireeye.ldb
As long as the name you choose doesn't conflict with ClamAV's naming (eg main/daily/bytecode etc), the only bits you need to work about are keeping the 'ldb' extension, and ensuring the files are in the correct location with the correct ownership and permissions.
Mark
> On 14 Dec 2020, at 8:33 pm, Sandeep Talla <sandeep.talla at inadev.com> wrote:
>
> Hi All,
>
> We have ClamAV installed on Ubuntu. On Ubuntu, the rules can be specified or modified under the directory /var/lib/clamav/main.cvd. However, We are trying to consume ClamAV rules from the FireEye as shown below link which is .ldb file and we are trying to convert to .cvd format.
>
> Could you please let us know the steps on how to convert the .ldb to .cvd? Or how to consume the .ldb file in Ubuntu?
>
>
> FireEye: https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb <https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb>
>
> Thank you for your time and consideration.
>
> --
> Thanks,
> Sandeep
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20201214/2d0e7c53/attachment.htm>
More information about the clamav-users
mailing list