Additional Signatures

clamav

ClamAV Unofficial Signatures Updater
Download the script and accompanying files:

cd /extra/src
wget -O clamav-unofficial-sigs-4.9.2.tar.gz \
https://github.com/extremeshok/clamav-unofficial-sigs/archive/4.9.2.tar.gz 
tar zxf clamav-unofficial-sigs-4.9.2.tar.gz
cd clamav-unofficial-sigs-4.9.2

Make the scripts executable:

chmod 755 *.sh

Edit clamav-unofficial-sigs.conf to reflect our setup:

clam_user="clamav"
clam_group="clamav"
clam_dbs="/usr/local/share/clamav"
clamd_pid="/var/run/clamd.pid"
yararules_enabled="yes"

Create a directory for the log files:

mkdir /var/log/clamav-unofficial-sigs

Edit clamavh-unofficial-sigs.sh to add "yararules_dir" to the mkdir command on line 636 so that it has a directory to download the YARA rules into:

mkdir -p "$work_dir" "$securiteinfo_dir" "$malwarepatrol_dir" "$linuxmalwaredetect_dir" "$sanesecurity_dir" "$config_dir" "$gpg_dir" "$add_dir" "$yararules_dir"

Install the files:

cp -f clamav-unofficial-sigs.sh /usr/local/bin/clamav-unofficial-sigs.sh
cp -f clamav-unofficial-sigs.conf /etc/clamav-unofficial-sigs.conf

Test out the script:

/usr/local/bin/clamav-unofficial-sigs.sh

By default, the script will only download SaneSecurity's and Linux Malware Detect's ClamAV signatures. There's a couple others that can be configured, but they require signing up:

YARA signatures can also be downloaded, but they require ClamAV 0.99.

Automatic updating

cd /extra/src/clamav-unofficial-sigs-4.9.2
cp -f clamav-unofficial-sigs-cron /etc/cron.d/
chmod 755 /etc/cron.d/clamav-unofficial-sigs-cron
touch /etc/crontab

Resources
http://wiki.contribs.org/Virus:Additional_Signatures
Enhancing ClamAV with Extra Signatures

Sanesecurity ClamAV Phishing, Spam & Malware Signatures

ScamNailer

Credits

Various bits of code, scripts, and procedures were put together with information from John Simpson's qmail.jms1.net website. It's an excellent resource on managing and setting up a Qmail server.

Recent Updates

Apache

2 years 1 week ago
Apache

2 years 1 week ago
lighttpd

2 years 1 week ago

php 8.x
MariaDB

2 years 1 week ago

10.6.7
CentOS

2 years 2 weeks ago

Drop Centos 5/6 stuff

Recent Links

SquidGuard

SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free.
NCurses Disk Usage

A disk usage analyzer with an ncurses interface, aimed to be run on a remote server where you don't have an entire gaphical setup, but have to do with a simple SSH connection. ncdu aims to be fast, simple and easy to use, and should be able to run in any minimal POSIX-like environment with ncurses installed.
WPKG

WPKG is an automated software deployment, upgrade and removal program for Windows.

It can be used to push/pull software packages, such as Service Packs, hotfixes, or program installations from a central server (for example, Samba or Active Directory) to a number of workstations.

It can run as a service to install software in the background (silent install), without user interaction.

It can install MSI, InstallShield, PackagefortheWeb, Inno Setup, Nullsoft, other software installers or .exe packages, .bat and .cmd scripts and similar: no more repackaging to perform software installation.

WPKG is open source software.
opsi

opsi (Open PC Server Integration) the Open Source client management system
Vagrant

Vagrant is a tool for building complete development environments. With an easy-to-use workflow and focus on automation, Vagrant lowers development environment setup time, increases development/production parity, and makes the "works on my machine" excuse a relic of the past.

Main menu

You are here

Additional Signatures

Credits

Recent Updates

Recent Links