Hi Ged,
Yes, the definition that you can download via freshclam directly from clamav site is outdated ( from 2019).
You need to use https://github.com/Cisco-Talos/clamav-safebrowsing
My way to implement this was quite simple and i've also took the advantage of freshclam.
On one central system i've installed the python/mysql/(other python libraries needed) and copy the generated clamav db to a place which is accessible via http/https.
Then in every clamav server i've simple added in the freshclam config: DatabaseCustomURL https://blabla.domain.tld/safebrowsing.gdb
I've expected to have more hits because now-days most of these URLs are used for phishing.
Sent from my Samsung Galaxy smartphone.
-------- Original message --------
From: "G.W. Haywood via clamav-users" <clamav-users@lists.clamav.net>
Date: 10/17/20 13:39 (GMT+02:00)
To: Iulian Stan via clamav-users <clamav-users@lists.clamav.net>
Cc: "G.W. Haywood" <clamav@jubileegroup.co.uk>
Subject: Re: [clamav-users] Google safebrowsing types and usage questions
On Sat, 17 Oct 2020, Iulian Stan via clamav-users wrote:
> "G.W. Haywood via clamav-users" wrote:
>
>> what's the best place to start?
>
> Definitions are stored in mysql and only the delta is downloaded
> from google. After the download is successfully and the mysql data
> is up-to-date you can generate the file for clamav. Basically you
> have two scripts:clamsbsync.py to update the mysql db from
> googleclamsbwrite.py to create the .gdb file ...
Thanks, that's a very clear explanation. So instead of using freshclam
you just need to install mysql, Python, and some scripts. Hmmm...
> don't put too much faith in safebrowsing database. I rarely have any
> hit even if there are almost 3 milion of signatures. In contrast i
> have way more many hits with Sanesecurity.
Perhaps this DB would be more important for people who use on-access
scanning and are less fastidious in their browsing habits.
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml