I'm considering using clamav on a machine that is not (can not be) on the network (any network, not even a local one).
I have a few ideas for how to get virus definition updates onto the machine, but none of them is quite perfect. All of them start with getting on an online computer and pulling the .cvd files (main, daily, bytecode) off the net and onto on optical disk, then sticking that disk into the offline machine. Then what? I'd like to use freshclam, just because that's the "official" way to do it. I get that I can add some DatabaseCustomURL directives to my freshclam.conf, with file URLs that just point directly to wherever the optical disk will be mounted. That works. The part I haven't figured out yet is if there is any way to get freshclam *not* to go out on the web to verify the databases. As far as I can tell, there is no way to tell it to just skip that step, which is what I would prefer. Alternatively, is there any way to make it do it locally? There's PrivateMirror, which would be fine if it's value could be a file URL, but it seems to want a host name to build an http URL out of. Which means, for my offline computer, I have to have at least loopback networking runnng, and an HTTP server, which I'd rather not do. I could just let freshclam try and fail to verify the databases. But that makes the command take longer than it should while waiting for the http attempts to time out, and clutters the logs with unsightly error messages. The only other alternative I can think of is to use cp or rsync or some such to copy the .cvd files from the optical disk to /var/lib/clamav "by hand". This avoids unsightly error messages in the log, but that's because it doesn't put *anything* in the logs. Which is unfortunate, because I'd like to have a record of when the updates were done. I suppose I could right my own script that copies the databases into place *and* logs the fact. Any input? _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
