Hello again,
On Mon, 11 Nov 2019, Philippe Lefèvre wrote:
thanks for your post Ged.
You're very welcome. :)
... it seems that neither Clamav nor Maldet installed on my Debian box
have the right rfxn.* files
I'm not familiar with these programs but I would like to understand if
clamav is delivered with an instance of rfxn files or if those files are
installed with Maldet (part of Maldet package?) or something else.
There are Debian packages for ClamAV. I don't think Debian has its
own package for the rfxn signatures but I haven't looked carefully.
If you are using a Debian system I would suggest that using the Debian
ClamAV packages would be the simplest way to install ClamAV. Then you
can install extra signatures very simply, more or less by copying
files to the ClamAV database directory. ClamAV does not supply the
Maldet files, they are what the supplier of ClamAV calls 'third-party'
or 'unofficial' signatures. There are many such sets of signatures
which essentially add functionality to ClamAV, for example I use the
Sanesecurity signatures on mail servers to catch a lot of spam; I'm
less interested in malware as I rule my systems with a rod of iron. :)
May be something is/was broken somewhere and it would save me time
reinstall maldet or clamav, both, copy the rfxn.* files?
Please your advise.
The people who produce the Maldet files should be able to help you
better than I can, I'm afraid I know nothing about the installation
process for Maldet. If ClamAV is scanning files normally then I don't
think you need to reinstall it. If ClamAV finds a set of signatures
in a suitable form in its database directory then it will try to load
and use them unless you tell it otherwise. I looked briefly at the
documentation at https://www.rfxn.com/projects/linux-malware-detect/
and I'm afraid it left me asking more questions rather than fewer.
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
