Koozali.org: home of the SME Server

Sane Security Additional Anti Virus Signatures

Offline timn

  • *
  • 62
  • +0/-0
    • Nash CDL
Sane Security Additional Anti Virus Signatures
« on: April 30, 2010, 03:15:30 PM »
For anyone interested see http://wiki.contribs.org/Virus:Additional_Signatures for updated instructions on adding the Sane Security and others additional database of virus signatures for ClamAV

Works for me but YMMV.

Offline p-jones

  • *
  • 594
  • +0/-0
Re: Sane Security Additional Anti Virus Signatures
« Reply #1 on: May 01, 2010, 03:37:00 PM »
Thanks for the effort on this one. 

How should one handle the situation where the SaneSecurity signatures have already been installed using the original methodology ?

Should we upgrade to this method and what are the advantages and / or disadvantages. ?
...

Offline timn

  • *
  • 62
  • +0/-0
    • Nash CDL
Re: Sane Security Additional Anti Virus Signatures
« Reply #2 on: May 01, 2010, 07:55:44 PM »
The install script deletes the original installation files and starts afresh, including the additional downloaded databases.

The advantage of the updated method is that the latest versions of the Sane Security package scripts are installed. These are now at version 3.7 compared to 2.4 of the original swerts-knudsen files. The default databases to be downloaded have also changed slightly with some being removed. The MSRBL databases have been removed entirely as they haven't been updated since last year, but more choices are available listed in the .conf file to be added as you wish. The .conf file also gives an indication of the risk of false positives from the additional files. Documentation including a ChangeLog will be found in /opt/sanesecurity/doc, and you can also do 'man clamav-unofficial-sigs'

As long as the Sane Security package does not change significantly the install script will also download and install subsequent future versions, albeit that you would loose any manual changes to the .conf file i.e. non-default database choices.

« Last Edit: May 01, 2010, 07:58:16 PM by timn »

Offline p-jones

  • *
  • 594
  • +0/-0
Re: Sane Security Additional Anti Virus Signatures
« Reply #3 on: May 02, 2010, 03:12:05 AM »
This all worked just fine for me. It also seems to have resolved several issues I had with the SaneSecurity signatures following the recent CLAM Update.

Thanks heaps for the work.
...

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
Re: Sane Security Additional Anti Virus Signatures
« Reply #4 on: May 02, 2010, 06:35:01 PM »
Hi Timn,

very pleased to see the update (to the better) of this small contrib I made a while back. Thanks for taking ownership !!

Greetings,
Jesper