Re: [clamav-users] Inquiry About Security Measures for Remote Scanning Using Clamdscan

Fri, 05 Jul 2024 13:27:35 -0700 

Thanks for the reply ,

What i am trying to implement is to avoid running clamd as daemon locally and 
want to use a dedicated server for the scan that will be used by multiple 
server the scan will be done within the intranet so traffic is not exposed , 
but wanted to see if there is a way that i can protect the data in transit 
between those 2 servers

I don't want to run clamd daemon locally , as i found it heavy on the system 
and affect the performance of other services

Thanks,
________________________________
From: Andrew C Aitchison <cla...@aitchison.me.uk>
Sent: Friday, July 5, 2024 4:18 PM
To: Khodor Barakat via clamav-users <clamav-users@lists.clamav.net>
Cc: Khodor Barakat <khodor.bara...@outlook.com>
Subject: Re: [clamav-users] Inquiry About Security Measures for Remote Scanning 
Using Clamdscan

On Tue, 2 Jul 2024, Khodor Barakat via clamav-users wrote:

> Hi, everyone
>
> I am writing to inquire about the security measures implemented when
> using ClamAV's clamdscan for remote scanning, particularly when
> streaming to port 3310.
>
> clamdscan -c /etc/clamd.d/remote-scan.conf --fdpass --stream  
> /tmp/testfile.txt

Does --fdpass work over tcp ?
If so, I mis-understand what it does.

> cat /etc/clamd.d/remote-scan.conf
> LogSyslog yes
> StreamMaxLength 10M
> User clamscan
> TCPSocket 3310
> TCPAddr 192.168.1.100
>
>
> Does anyone have information on the security protocols and
> safeguards in place in order to protect data during remote scans?

I believe that the files to be tested are sent in plain, ie not encrypted.
The best reference i can find is
     https://docs.clamav.net/manual/Usage/Scanning.html#daemon
(or you could try reading the code).

What are your specific concerns ?
Client, network, server,
Client attacking server, server accessing files on client ?

--
Andrew C. Aitchison                      Kendal, UK
                    and...@aitchison.me.uk

_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Reply via email to