Adding clamav-unofficial-sigs

• More info here

The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, urlhaus, etc. The script will also generate and install cron, logrotate, and man files.

Download the script and the config files

cd /usr/local/sbin/
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/clamav-unofficial-sigs.sh
chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh
mkdir -p /etc/clamav-unofficial-sigs/

cd /etc/clamav-unofficial-sigs/
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/master.conf
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/user.conf

Select your operating system config from https://github.com/extremeshok/clamav-unofficial-sigs/tree/master/config/ (adjust os_conf to your needs)

os_conf="os.slackware.conf"
wget "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/os/${os_conf}"

user.conf will always override os.conf and master.conf, os.conf will override master.conf. Of course it's not a good idea to make changes in master.conf.

Check your os.*.conf file and create the following lines if not already present. Be aware that your clamdctl script must have a restart function, if this is not the case update it.

clamd_restart_opt="/usr/local/bin/clamdctl restart"
clamscan_bin="/usr/local/bin/clamscan"

Now run the script as root

/usr/local/sbin/clamav-unofficial-sigs.sh --force

Install logrotate and man files

/usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate
/usr/local/sbin/clamav-unofficial-sigs.sh --install-man

Install configs. This is for those using cron

/usr/local/sbin/clamav-unofficial-sigs.sh --install-cron

and this is for systemd users

mkdir -p /etc/systemd/system/
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/systemd/clamav-unofficial-sigs.service -O /etc/systemd/system/clamav-unofficial-sigs.service
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/systemd/clamav-unofficial-sigs.timer -O /etc/systemd/system/clamav-unofficial-sigs.timer

systemctl enable clamav-unofficial-sigs.service
systemctl enable clamav-unofficial-sigs.timer
systemctl start clamav-unofficial-sigs.timer

Run the following command to display which signatures have been loaded by clamav and check for errors. If the list contains the new databases the installation went well.

clamscan --debug 2>&1 /dev/null | grep "loaded"

Add a comment

Name

e-mail (optional, it will never be shared)

Your web site

Subject

Comment

Notify me via email when new comments to this page are posted.

All comments Only replies to my comment

Submit