On 23/04/15 08:24, Steve Basford wrote: > Just a heads up for Bill Landry's ClamAV Unofficial > Signatures Updater script users....
Many thanks for keeping us informed, Steve. 1) I note that most (all except two) of the SI databases now give 404s and the Debian Wheezy clamav-unofficial-sigs package is warning: Clamscan reports Sanesecurity honeynet.hdb database integrity tested BAD - SKIPPING rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/honeynet.hdb" failed: No such file or directory (2) ... http://clamav.securiteinfo.com/securiteinfohtml.hdb and http://clamav.securiteinfo.com/securiteinfo.hdb *are* still downloadable but I assume are no longer being updated. There is a Debian bug open at <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783228>. If Debian users don't want to edit the /usr/share/clamav-unofficial-sigs/conf.d/ files according to Steve's recommendations below, they can just put si_dbs="" into /etc/clamav-unofficial-sigs.conf.d/50-local. Either course of action will result in the old SecuriteInfo databases being removed from /var/lib/clamav/. 2) Is anyone else using the new SI system via freshclam willing to report on it? Thanks. -- All best wishes, Cedric Knight GreenNet > > ---------------------------- Original Message ---------------------------- > Subject: securiteinfo problems > From: "Steve Basford" <steveb_cla...@sanesecurity.com> > Date: Thu, April 23, 2015 8:24 am > To: sanesecurity_annou...@freelists.org > Cc: sanesecur...@freelists.org > -------------------------------------------------------------------------- > > On 25th March 2015, securiteinfo announced changes to their databases: > > http://lurker.clamav.net/message/20150325.133202.843fba9f.en.html > > Yesterday it appears from the slightly annoyed emails I've been reciving, > that they removed their databases from the old clamav.securiteinfo.com and > diverted the domain to their main website. > > Some users were left with either bad databases or lots of errors in their > log files, depending on their scripts they were using. > > If you are seeing errors, and are using Bill Landry's ClamAV Unofficial > Signatures Updater, please edit clamav-unofficial-sigs.conf and > > *** comment out these databases*** > > as they are no longer running on clamav.securiteinfo.com > > # ======================== > # SecuriteInfo Database(s) > # ======================== > # Add or remove database file names between quote marks as needed. To > # disable any SecuriteInfo database downloads, remove the appropriate > # lines below. To disable all SecuriteInfo database file downloads, > # comment all of the following lines. > si_dbs=" > honeynet.hdb > securiteinfo.hdb > securiteinfobat.hdb > securiteinfodos.hdb > securiteinfoelf.hdb > securiteinfohtml.hdb > securiteinfooffice.hdb > securiteinfopdf.hdb > securiteinfosh.hdb > " > > As a side note, securiteinfo signatures are distributed by securiteinfo > themselves and don't have anything to do with the signatures > provided/distributed by Sanesecurity. > > Having said that, as they are in Bill Landry's ClamAV Unofficial > Signatures Updater script, I'm putting this message out, to try and avoid > even more annoyance when people hit issues caused by their changes. > > Cheers, > > Steve > Web : sanesecurity.com > Blog: sanesecurity.blogspot.com > > > Cheers, > > Steve > Web : sanesecurity.com > Blog: sanesecurity.blogspot.com > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
