NAME¶
clamav-unofficial-sigs - Download, test, and install third-party ClamAV
signature databases.
SYNOPSIS¶
clamav-unofficial-sigs [
options]
DESCRIPTION¶
clamav-unofficial-sigs is a shell script that downloads, updates and
tests the Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, etc. third-party
signature databases for ClamAV.
OPTIONS¶
This script follows the standard GNU command line syntax. A summary of the
options is shown below.
- -b
- DEPRECATED - Consider using -w instead, it supports the
newer ClamAV signature whitelist functionality.
Add a bypass signature entry to local.ign in order to temporarily resolve a
false-positive issue with a third-party signature. The script will monitor
any entries it makes to local.ign and will automatically remove bypass
entries if either the original signature has been modified or removed from
the database.
- -c FILE-NAME
- Source configuration information from a different
file.
- -d
- Decode a hexadecimal encoded string or an individual ClamAV
3rd-party signature for viewing. This will not decode image signatures nor
the official signatures.
- -e
- Encode a entire input string in hexadecimal for signature
usage in any *.ndb database.
- -f
- Encode a formated input string in hexadecimal that contains
spacing field '{}, (), *', without encoding the spacing fields, for
signature usage in any '*.ndb' database.
- -g FILE-NAME
- Verify the GPG signature for a specific SaneSecurity
database file. Only specify the filename as listed in the configuration
file and the script will search for it in the work directory.
- -h
- Print the script help and usage information.
- -i
- Print system and script configuration information.
- -m
- Make a hexadecimal signature database file (*.ndb) from a
clear text ascii file. Provides support for both full and formatted
signatures. Additional information is provided when using the flag.
- -r
- Remove the clamav-unofficial-sigs script and all of its
associated files, databases and work directories from the system.
- -s FILE-NAME
- Test the integrity of a third-party signature database with
clamscan. Only specify the filename as listed in the configuration file
and the script will search for it in the work directory.
- -t
- If HAM directory scanning is enabled in the script's
configuration file, then output the names of any third-party signatures
that triggered during the HAM directory scan.
- -v
- Print the script version and date information.
- -w
- Adds a signature whitelist entry in the newer ClamAV IGN2
format to 'my-whitelist.ign2' in order to temporarily resolve a
false-positive issue with a specific third-party signature. Script added
whitelist entries will automatically be removed if the original signature
is either modified or removed from the third-party signature
database.
SEE ALSO¶
clamd(8),
clamscan(1)
COPYRIGHT¶
Bill Landry <unofficialsigs@gmail.com>
LICENSE¶
BSD (Berkeley Software Distribution)
BUGS¶
Report bugs to Bill Landry <unofficialsigs@gmail.com>
AUTHOR¶
Bill Landry <unofficialsigs@gmail.com>