[clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Sandeep Talla sandeep.talla at inadev.com
Mon Dec 14 21:53:59 UTC 2020 

Hi Mark/Kris,

Thank you for your responses. I have placed the *fireeye.ldb* file under
the directory /var/lib/clamav/ and modified the permission to 644 and
ownership to clamav. Then we have restarted the service Clamav-Deamon and
then started clamscan. However, Clamscam is not picking up the *fireeye.ldb*
file when we verify the Freshclam.log and clamav.log files.

Are there any configuration settings that need to add for *clamd.conf* or
*freshclam.conf* in order to pick up the fireeye.ldb file during clamscan?

On Mon, Dec 14, 2020 at 4:20 PM Mark Allan via clamav-users <
clamav-users at lists.clamav.net> wrote:

> Hi Sandeep,
>
> There's no need to convert them. Just put them straight into the clamav
> database directory and call them whatever_you_want.ldb eg
> /var/lib/clamav/fireeye.ldb
>
> As long as the name you choose doesn't conflict with ClamAV's naming (eg
> main/daily/bytecode etc), the only bits you need to work about are keeping
> the 'ldb' extension, and ensuring the files are in the correct location
>  with the correct ownership and permissions.
>
> Mark
>
> On 14 Dec 2020, at 8:33 pm, Sandeep Talla <sandeep.talla at inadev.com>
> wrote:
>
> Hi All,
>
> We have ClamAV installed on Ubuntu. On Ubuntu, the rules can be specified
> or modified under the directory */var/lib/clamav/main.cvd*. However,  We
> are trying to consume ClamAV rules from the FireEye as shown below
> link which is* .ldb* file and we are trying to convert to *.cvd* format.
>
> Could you please let us know the steps on how to convert the* .ldb* to
> *.cvd?* Or how to consume the* .ldb *file in Ubuntu?
>
>
> FireEye:
>  https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb
> <https://github.com/fireeye/red_team_tool_countermeasures/blob/master/all-clam.ldb>
>
> Thank you for your time and consideration.
>
> --
> Thanks,
> Sandeep
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>


-- 
Thanks,
Sandeep Talla
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20201214/7368b1ba/attachment.htm>

More information about the clamav-users mailing list