Resultados 1 a 3 de 3
  1. #1
    Aspirante a Evangelist
    Data de Ingresso
    Nov 2010
    Localização
    São Paulo
    Posts
    386

    Instalar assinaturas do Clamav

    Pessoal instalamos com sucesso assinaturas do clamav aqui em nossos servidores, são assinaturas não oficiais que vão ajudar e muito no servidor.

    http://sanesecurity.com/usage/linux-scripts/ *.*

    https://www.securiteinfo.com/service...gnatures.shtml

    Para instalar:*.*

    WARNING: Renaming any of the files included in the tarball may cause the script to fail to remove
    all files, databases, and work directories from the system if the '-r' (remove script) flag is used.

    Uncompress/Unpackage the tarball:
    tar -zxf clamav-unofficial-sigs.tar.gz

    Move into the package directory:
    cd clamav-unofficial-sigs-(version)

    Make sure script files are executable and have the appropriate UID/GID set:
    chmod 755 *.sh
    chown <user>:<group> *.sh

    Configure:
    Edit the clamav-unofficial-sigs.conf file
    IMPORTANT CONFIGURATION CONSIDERATIONS:
    - Make sure that the PATH statement correctly defines the location of your binary files. These
    include: find, sed, awk, cut, grep, tail, chown, chmod, cmp, diff, dig, host, gzip, ls, cp, mv,
    test, gpg, xargs, sleep, urandom, chksum, rsync, curl, socat, etc. It has been reported that
    on Sun systems, the GNU utilities should be used rather than the default Sun versions.
    - System shell setting: Based on user feedback, it has been reported that "sh" works best for
    BSD variants, "ksh" for Sun Solaris, and "bash" for Linux variants. If you experience problems
    running the script, please try editing the top line of the script file and changing "sh" to
    either "ksh" or "bash" before reporting a problem.
    - Adjust configuration settings to meet your system requirements.

    Install:
    cp clamav-unofficial-sigs.sh /path/to/script_dir (usually something like /usr/local/bin)
    cp clamav-unofficial-sigs.conf /path/to/config_dir (/etc & usually something like /usr/local/etc)
    cp clamav-unofficial-sigs.8 /path/to/man/man8 (usually something like /usr/local/man/man8)
    cp clamav-unofficial-sigs-cron /path/to/cron.d (usually something like /etc/cron.d)
    cp clamav-unofficial-sigs-logrotate /path/to/logrotate.d (usually something like /etc/logrotate.d)

    ==================
    USAGE INFORMATION:
    ==================

    To run at specific time intervals, either use the include cron file or edit the user crontab:
    crontab -e

    To run hourly, at 15 minute after the hour (for example), add the following to crontab:
    15 * * * * /path/to/clamav-unofficial-sigs.sh -c /path/to/clamav-unofficial-sigs.conf

    To run manually:
    /path/to/clamav-unofficial-sigs.sh -c /path/to/clamav-unofficial-sigs.conf
    or, if a copy of the config file is located in "/etc", simply:
    /path/to/clamav-unofficial-sigs.sh

    ===================
    SCRIPT FLAGS USAGE:
    ===================

    To create a bypass signature for temporarily resolving a false-positive issue with a third-party signature:
    /path/to/clamav-unofficial-sigs.sh -b

    To direct the script to use an alternate configuration file other than the one in /etc:
    /path/to/clamav-unofficial-sigs.sh -c /path/to/clamav-unofficial-sigs.conf

    To decode a hexadecimal encoded string or specific third-party signature and determine what database it is in:
    /path/to/clamav-unofficial-sigs.sh -d

    To encode an entire data string in hexadecimal for signature use in any '*.ndb' file:
    /path/to/clamav-unofficial-sigs.sh -e

    To encode a formatted data string that contains field spacers '{}, (), *' in hexadecimal, without encoding the
    field spacers, for signature use in any '*.ndb' file:
    /path/to/clamav-unofficial-sigs.sh -f

    To GPG Signature test a specific Sanesecurity database file:
    /path/to/clamav-unofficial-sigs.sh -g filename (e.g., -g junk.ndb)

    To view Help and Usage instructions:
    /path/to/clamav-unofficial-sigs.sh -h

    To output script configuration and system information:
    /path/to/clamav-unofficial-sigs.sh -i

    To make a hexadecimal signature database file (*.ndb) from a clear text ascii file:
    /path/to/clamav-unofficial-sigs.sh -m

    To completely remove the script and all of its associated files, databases and work directories:
    /path/to/clamav-unofficial-sigs.sh -r

    To clamscan integrity test a specific database file:
    /path/to/clamav-unofficial-sigs.sh -s filename (e.g., -s junk.ndb)

    To output third-party signature names that triggered during local HAM directory scanning,
    if enabled in the configuration file:
    /path/to/clamav-unofficial-sigs.sh -t

    To check version:
    /path/to/clamav-unofficial-sigs.sh -v
    Carlos Nunes
    Analista de sistemas
    Desenvolvimento de Soluções para web.
    Criarnaweb E-Solutions
    www.criarnaweb.com.br
    https://br.linkedin.com/in/nunescarlos

  2. #2
    Membro
    Data de Ingresso
    Nov 2014
    Posts
    10
    Podemos confiar quanto nesse site
    Alguém utiliza essas assinaturas em servidor de produção há algum tempo?
    http://www.mandriva.com/br/suporte/
    Suporte técnico, consultoria e treinamento Linux da Mandriva Brasil.
    Experiência de longa data com sistemas Linux e Unix.

  3. #3
    Aspirante a Evangelist
    Data de Ingresso
    Nov 2010
    Localização
    São Paulo
    Posts
    386
    Pessoal boa tarde, sim podem e devem confiar e muito, usamos estas assinaturas a mais de 3 anos e sem problemas!
    Estas assinaturas fazem parte do pacote de instalação do assp deluxe um dos mais poderosos anti spam para cpanel, apenas aqui fizemos algumas modificações para usar as assinaturas junto ao clamav em produção.
    Quanto ao projeto, este data ja a muito tempo do amigo Gabriel na Itália o qual é o principal desenvolvedor do assp deluxe.
    Recomendo e muito o uso destas assinaturas, pois vai ajudar e muito na detecção de virus e malware.
    Carlos Nunes
    Analista de sistemas
    Desenvolvimento de Soluções para web.
    Criarnaweb E-Solutions
    www.criarnaweb.com.br
    https://br.linkedin.com/in/nunescarlos

Permissões de Postagem

  • Você não pode iniciar novos tópicos
  • Você não pode enviar respostas
  • Você não pode enviar anexos
  • Você não pode editar suas mensagens
  •