EPEL – Clamav Update?

Home » CentOS » EPEL – Clamav Update?
CentOS 5 Comments

EPEL maintainers?
I note messages in the log about updated version 0.99.1 of CLAMAV being available since Mar 5th. for CentOS 6 no update is available yet. I used to use rpmforge for this package but that languished for months before updates became available and eventually stopped altogether. Is there something I can do to assist in getting this package updated?
I have no idea if this is a difficult package to compile with lots of dependancies or some otherwise complexities. In this era of constant SPAM and so many virus / trojan attempts to do harm to others, it is vital that we run this package to protect our users. Please let me know if / how I can assist. Kind regards Rob

5 thoughts on - EPEL – Clamav Update?

  • I’m seeing 0.99.1-1.el6 of the various (x86_64) bits in epel-testing, so you could get it from there and update to the fully tested version when it is released.

    In general I think it is most important to keep your signatures current. I don’t get the sense that the changes between
    [sub-]point-releases are earth shattering (despite the ominous warning that you will see in your logs).

  • W dniu 03.04.2016 o 04:39, Rob Kampen pisze:
    Hi,

    Does clamav detect anything in this floding e-mail viruses ? My clamav instalation (with amavisd-new) in CentOS 5 with the current signatures detect nothing in compare to virustotal.org antivirus – i noticed that clamav signatures are lag behind form the top antivir in the market.

    Viruses in ZIP archives goes via my e-mail gateway (amavisd-new+clamavd)
    and are stopped finally by F-Secure Client Security. So, clamav is defend from anything ?

    Sorry for off topic.

  • That is pretty much my experience too – I’ve only seen the occasional FP
    hit from ClamAV on a mail server for as long as I can remember.

    The latest flavour of the month seems to be .js ransomware which go undetected. I have long blocked all executable file types in amavisd as a matter of policy.

    IMHO the AV vendors lost the battle a long time ago – they simply can’t compete with the bad guys nor keep up with the volume and this particular layer of defence is now less effective/ineffective.

  • Adding the Sanesecurity signatures to ClamAV greatly increases its hit rate. It also has the advantage of blocking lots of phishing and spam garbage in addition to the viruses and malware.

    http://sanesecurity.com/usage/signatures/

    There are download scripts for both Linux and Windows available on the Sanesecurity site to keep the signatures current.

    Further discussion should probably move to the clamav-users mailing list.