Clamav unofficial signatures Installation

It is the external virus signatures database to enhance the protection of clamav

wget -q --no-check-certificate https://github.com/extremeshok/clamav-unofficial-sigs/archive/master.zip -O /tmp/clamav-unofficial-sigs.zip
unzip -j -qq -o /tmp/clamav-unofficial-sigs.zip -d /tmp/clamav-unofficial-sigs/

Download the latest archive and uncompress it in tmp
P.S. You must first install without previous rpm installation of clamav-unofficial-sigs and confirm your clamav and clamd is running normally
The original : https://github.com/extremeshok/clamav-unofficial-sigs and check in "INSTALL" documet.

mkdir -p /usr/local/bin/
mkdir -p /var/log/clamav-unofficial-sigs/
mkdir -p /etc/clamav-unofficial-sigs/
cp -f /tmp/clamav-unofficial-sigs/clamav-unofficial-sigs.sh /usr/local/bin/clamav-unofficial-sigs.sh
chmod +x /usr/local/bin/clamav-unofficial-sigs.sh
cp -f /tmp/clamav-unofficial-sigs/* /etc/clamav-unofficial-sigs/

Follow the installation according to "INSTALL"

cd /etc/clamav-unofficial-sigs/
cp -av os.your-distro.conf os.conf

Copy your relative OS config to "os.conf"

vim /etc/clamav-unofficial-sigs/master.conf

clam_user="root"
clam_group="root"

clam_dbs="/var/lib/clamav"

clamd_pid="/var/run/clamav/clamd.pid"

malwarepatrol_receipt_code="fXXXXXXXXX"
malwarepatrol_product_code="8"
malwarepatrol_list="clamav_basic"

securiteinfo_authorisation_signature="XXXX128XXX"

clamd_socket="/var/run/clamav/clamd.sock"

user_configuration_complete="yes"

Edit the master config file ,
for the clamav DB and PID location , you should refer to your clamd.conf
for the malwarepatrol_receipt_code and securiteinfo_authorisation_signature , you should apply in website according to "INSTALL"

vim /etc/clamav-unofficial-sigs/os.conf

clam_user="root"
clam_group="root"

clam_dbs="/var/lib/clamav"

clamd_pid="/var/run/clamav/clamd.pid"

Edit the os.conf config file , clamav DB and pid location should be as same as master.conf

clamav-unofficial-sigs.sh --install-cron:
clamav-unofficial-sigs.sh --install-logrotate
clamav-unofficial-sigs.sh --install-man:

If your master,os config file is completed and correct , you can install cron,logrotate and manual without problem. After this the installation is completed.

clamav-unofficial-sigs.sh --check-clamav
clamav-unofficial-sigs.sh

ls -al /var/lib/clamav

rm -fr /tmp/clamav-un*

Run once to check clamav and then run to load the first unofficial database. Then check in the new DB files (*.hdb) in clamav database directory

0 1 * * * /usr/local/bin/clamav-unofficial-sigs.sh &> /dev/null

Add in cronjob everynight to update

Found virus in mail from to : Sanesecurity.Rogue.0hr.20160408-1727.Docimg.UNOFFICIAL

Try eicar test and observe you MTA/MTA filter with clamav for other inflected incoming emails, the log should be like as below



Server is hosted by Alanstudio
Linux Operating System

Recommend screen resolution 1024 x 768 / IE / FireFox
Alan Studio © 2007 by Alan Cheung Hin Lun. All rights reserved.