Hallo John,
On Thu, Jul 12, 2007 at 08:19:04AM -0700, John Rudd wrote:
> >
> >I have this in /var/lib/clamav at the moment:
> >
> > drwxr-xr-x 2 clamav clamav 4096 2007-07-12 14:22
> > clamav-29a2fe02977a1d4c26abf3fd199d1e70
> > -rw-r--r-- 1 clamav clamav 995915 2007-07-11 22:48 daily.cvd
> > -rwxrwxr-- 1 clamav clamav 0 2007-07-12 14:15 .dbLock
> > -rw-r--r-- 1 clamav clamav 9351789 2007-07-11 22:48 main.cvd
> > -rw-r--r-- 1 clamav clamav 294979 2007-07-12 15:05 MSRBL-Images.hdb
> > -rw-r--r-- 1 clamav clamav 228436 2007-07-12 15:05 MSRBL-SPAM.ndb
> > -rw-r--r-- 1 clamav clamav 180868 2007-07-12 10:26 phish.ndb.gz
> > -rw-r--r-- 1 clamav clamav 115449 2007-07-12 10:26 scam.ndb.gz
>
>
> Those are the ones you're getting from Sanesecurity. They're gzipped.
> In order to actually have ClamAV _USE_ them, you need to gunzip them.
Thanks. That is what I was not sure of.
>
> This also make me wonder if you're actually testing the files before you
> put them into production. If you're not, that's a rather bad idea. At
> 2am this morning, I had a non-usable phish.ndb come through. If you're
> using clamd, that could have caused clamd to crash.
>
>
> Here's the script I use for importing from MSRBL and Sanesecurity. I
> run it out of cron with -all, on the hour. You'll probably need to
> modify some bits of the first few lines (down to the rsync binary location):
The script I have downloaded also do some testing. I think
the reason why those files were not unzipped was that the script was
looking for the unzipped files before finishing it's task.
It is working now and I like it.
Regards
Johann
--
Johann Spies Telefoon: 021-808 4036
Informasietegnologie, Universiteit van Stellenbosch
"Let your character be free from the love of money,
being content with what you have; for He Himself has
said, "I will never desert you, nor will I ever
forsake you."
Hebrews 13:5
