[clamav-users] Google safebrowsing types and usage questions
Micah Snyder (micasnyd)
micasnyd at cisco.com
Tue Oct 20 20:06:15 UTC 2020
Oops! Just saw this reply. Your suggestion looks like a good start.
I don't want to step on toes - Joel, are you running with this or would you like me to put in a PR with something derived from Ged's suggestion?
-Micah
On 10/17/20, 8:43 AM, "clamav-users on behalf of G.W. Haywood via clamav-users" <clamav-users-bounces at lists.clamav.net on behalf of clamav-users at lists.clamav.net> wrote:
Hi Joel,
On Sat, 17 Oct 2020, Joel Esler (jesler) via clamav-users wrote:
> That documentation lives here: https://github.com/Cisco-Talos/clamav-faq/blob/master/faq/faq-safebrowsing.md
>
> A pull request will allow me to review and approve.
I'm sorry Joel, I did try to use Github's Web interface to do the edit
but by the time I'd spent an hour searching for ways around a greyed-
out commit button I'd had enough. There's too little of life left to
me to spend the rest of it fighting with productivity tools.
Here's a suggested replacement for the file. If you don't like it,
please let me know in general terms how you'd like it improved and
I'll be happy to have a go (as long as you don't make me use Github).
8<----------------------------------------------------------------------
# Safebrowsing #
CURRENT STATUS at October 2020.
The safebrowsing feature has now been spun off into a related project.
It requires substantially more effort to implement safebrowsing than
simply enabling the relevant freshclam.conf configuration option.
Briefly, tools are needed to
1. Download the data from Google to a local mysql database using
Google's API [*];
2. produce a local copy of the safebrowsing database file in a form
suitable for use by the ClamAV tools;
3. distribute this database file to the systems which need it; and
4. optionally notify any clamd daemons of the change.
[*] For efficiency, the API permits downloading differences, in much
the same way that ClamAV itself uses .cdiff files.
Documentation can be found at
https://github.com/Cisco-Talos/clamav-safebrowsing
HISTORY
ClamAV 0.95 introduced support for the Google Safe Browsing database.
For use with ClamAV a copy of the database was packed inside the file
"safebrowsing.cvd" which was distributed in the same way as the other
ClamAV database files via the ClamAV mirror network. Downloading the
database was disabled by default, and the feature was to be enabled
only with extreme caution. In order to enable this feature it was
necessary to add the option `SafeBrowsing Yes` to freshclam.conf.
This would tell freshclam to download the safebrowsing.cvd database,
and when ClamAV found the database in the database directory it would
enable the safe browsing feature. To turn it off it was necessary to
remove the configuration option from freshclam.conf AND to remove the
safebrowsing files from the database directory. If clamd was running
it was necessary to restart it.
Updates to the safebrowsing.cvd database were discontinued in 2019 and
it was declared obsolete.
8<----------------------------------------------------------------------
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list