Arkady V.Belousov said: > Hi! > > 7-���-2005 17:20 [EMAIL PROTECTED] (Dennis Peterson) wrote to "ClamAV > users > ML" <[email protected]>: > > DP> freshclam is not necessary - it is just useful. Once you have gotten > the > DP> database files onto your clamav server you can signal the running > daemon > DP> to reload them. > > Ie., I may: > > 1. stop running ClamAV; > 2. place bases into ClamAV directories; > 3. run ClamWin again.
If you are running ClamWin you need to visit that vendor's site. It has little to do with what is discussed here. In the case of ClamAV running on a tcp/ip port on localhost, yes. Copy the files to your db directory, then you can telnet to the port and type RELOAD. I believe there is a perl script for connecting via a socket included in the contrib code if you're not using IP. I have not shut down the clamd process since the last software version change. dp > > ? Is it sufficient to stop ClamWin, which resides in tray, to stop ClamAV? > > DP> The vendors have even provided the means to do so. There > DP> are miriad ways of getting the database files to your system. May I > > For this, I should know the bases URL. clamav-virusdb@ group doesn't > shows URL for updates. Also, ftp is more preferable for downloading, > because > ftpmail robots have less restrictions and more stable, than web-to-mail > robots. Freshclam servers are in a round-robin arrangement. You an do a DNS query to see if the databases have been updated. If so, they can be accessed via wget, lynx, freshclam, curl, and ftp. Freshclam has but one advantage: it does a dns query and it downloads the files and it verifies the download integrity and it notifies clamd. This can all be scripted easily but why anyone would do so is an akademic question. > > DP> why you wish to use ftp, the least secure protocol, is somewhat > > If base is protected by digital signatures (like PGP keys), then > (in)security of communication lines is low important. BTW, after some > incendents with decepted "virus bases", russian antiviruses (Dr.Web, KAV) > begin to protect own bases. You certainly have challenges in your part of the world - this isn't one of them. ClamAV is a virus blocking tool strongly centered on the email vector and is about as perfect as any - but once you are infected I suggest you wipe your disks and restore from Ghost, jumpstart, or tape images, then discover the vector that penetrated your firewall. dp _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
