As long as I’ve been reading similar questions here, I don't recall any solution other than the three choices for using a Private Mirror. Note that freshclam normally will initially use wget to obtain updates, resorting to http only when that fails.
Sent from my iPad -Al- On Jun 18, 2018, at 20:44, Webster, Matt (PIRSA) <[email protected]> wrote: > Hi All, > > Currently have a RHEL server in a DMZ segment, where direct internet access > is not permitted. I have installed clamd on the host to be able to perform on > access scanning of documents uploaded through web based forms. The problem > is, what can I do to update the definitions so that the latest threat data is > being used in said scans? > > I doubt that tcp/53 will be permitted out of the firewall to do the latest > DNS checks and not sure if I can gain access to be able to whitelist the .au > mirrors of: > > $ host db.au.clamav.net > db.au.clamav.net is an alias for db.au.clamav.net.cdn.cloudflare.net. > db.au.clamav.net.cdn.cloudflare.net has address 104.16.186.138 > db.au.clamav.net.cdn.cloudflare.net has address 104.16.187.138 > db.au.clamav.net.cdn.cloudflare.net has address 104.16.188.138 > db.au.clamav.net.cdn.cloudflare.net has address 104.16.189.138 > db.au.clamav.net.cdn.cloudflare.net has address 104.16.185.138 > > Is there a way that I can copy the files from another server internal to the > network out to the server in the DMZ? Without running freshclam to update? > And just reload clamd? > > I did investigate the PrivateMirror and DatabaseMirror options, but as this > is the same protocol going out as coming in with the requests, I doubt > security will permit HTTP traffic to an internal host as it does not pass the > protocol separation requirements. > > Any ideas of options? > > Cheers and thanks
_______________________________________________ clamav-users mailing list [email protected] http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
