[clamav-users] Calm AV assistance

Michael Pifer mpifer at foxhire.com
Fri Nov 5 20:35:21 UTC 2021 

basically.  users upload a file to our windows servers.  now maybe we save
that to s3 and somehow pass the s3 url or bucket/file to clamav to scan.  I
don't know what's easiest to do.  That or to forward that file from the
windows server to the clamav linux server for scanning.  but somehow, we
need to take that uploaded file, save it somewhere that clamav can scan and
let us know if it's bad or not.  if it's bad, we can delete it in our
code.

On Fri, Nov 5, 2021 at 10:09 AM G.W. Haywood via clamav-users <
clamav-users at lists.clamav.net> wrote:

> Hi there,
>
> On Fri, 5 Nov 2021, Michael Pifer via clamav-users wrote:
>
> > I am specifically looking for assistance in setting up and configuring
> Clam
> > AV in our AWS EC2 environment.
> >
> > We are specifically looking to create a scanning service using clam av
> that
> > can be called everywhere a file is uploaded.  Make sure that if a file is
> > flagged as having a virus that we delete the file and return a message to
> > the user that the file appears to be infected and was not successfully
> > uploaded.
> >
> > Any assistance would be greatly appreciated!
>
> ClamAV is really just a toolkit.  You can learn how to use it to scan
> data streams, files, directories and whole filesystems against a set
> of signatures and other stuff which is stored - more or less locally -
> by you in a sort of database.  You decide what to put in the database
> (and then you have to maintain it, there are tools in the ClamAV suite
> to help you to do that).  Other tools in the suite can help you to do
> something like what you want to do, but if we are to provide any help
> other than generalities and pointers to the documentation you need to
> give us sufficient detail about what you intend to do.  The online
> documentation is at
>
> https://docs.clamav.net/
>
> and if you download ClamAV from one of the archives at
>
> https://www.clamav.net/downloads
>
> you will also find documentation in the archive.
>
> Things like returning messages to users are the sorts of things that
> you have to do in your own software, which can use the ClamAV toolkit
> and perhaps collect information from ClamAV scan results which can be
> returned to your users.  These things are not part of ClamAV itself.
> The messages provided by ClamAV are at best rather terse, you would
> probably want to embellish them in your own software for consumption
> by your users.
>
> If ClamAV *does* flag a file, deleting it will not always be the best
> choice of the options available to you.
>
> If ClamAV does *not* flag a file, accepting that it is safe will not
> always be the best choice of the options available to you.  You should
> consider carefully the probabilities that ClamAV will detect the kinds
> of threats which concern you.
>
> --
>
> 73,
> Ged.
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users at lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20211105/bb37602d/attachment.htm>

More information about the clamav-users mailing list