Very close. The 49192 number is for the version of (now defunct) safebrowsing.cvd.
But yes, if they're able to access DNS and compare the version of daily/main/bytecode with what is in the DNS record then that will also be useful.
Regards,
Micah
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
________________________________
From: clamav-users <clamav-users-bounces@lists.clamav.net> on behalf of newcomer01 via clamav-users <clamav-users@lists.clamav.net>
Sent: Monday, January 30, 2023 10:43 AM
To: ClamAV User Mailinglist <clamav-users@lists.clamav.net>
Cc: newcomer01 <newcomer01@posteo.de>
Subject: Re: [clamav-users] ClamAV Private Mirror Question
additional you can do this little more complcated like me:
$(host -W "60" -t TXT "current.cvd.clamav.net")
and cut all needed informations from descriptive text
for example:
# current.cvd.clamav.net descriptive text "0.103.7:62:26777:1673344800:1:90:49192:333"
0.103.7 is the suggested software version
62 is version of main.cld or main.cvd
26777 is version of daily.cld or cvd
1673344800 unixdate when the files created from clamav
90 is the f-level for daily.cld or daily.cvd
49192 is probably the version of freshclam.dat (i'm not sure, but it can't really be anything else)
333 is the version of bytecode.cvd
Am I right Micah?
i had once found an explanation of the descriptive txt but i can't find it anymore
Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net>
An / To: Newcomer01 <mailto:newcomer01@posteo.de>
CC / CC: Micah Snyder \(Micasnyd\) <mailto:micasnyd@cisco.com>, Bryan Whipkey <mailto:cloud81186@live.com>
Gesendet / Sent: Montag, Januar 30, 2023 um 18:33 (at 06:33 PM) +0100
Betreff / Subject: Re: [clamav-users] ClamAV Private Mirror Question
> Hello,
>
> You can use this command to print the build information which will include the date it was published:
>
> |sigtool --info /path/to/database|?
>
> For example:
>
> ? sigtool --info /var/lib/clamav/daily.cld
> File: /var/lib/clamav/daily.cld
> Build time: 30 Jan 2023 03:24 -0500
> Version: 26797
> Signatures: 2018753
> Functionality level: 90
> Builder: raynman
> Verification OK.
>
> Is that what you're looking for?
>
> Regards,
> Micah
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> *From:* clamav-users <clamav-users-bounces@lists.clamav.net> on behalf of Bryan Whipkey via clamav-users <clamav-users@lists.clamav.net>
> *Sent:* Sunday, January 29, 2023 2:01 AM
> *To:* clamav-users@lists.clamav.net <clamav-users@lists.clamav.net>
> *Cc:* Bryan Whipkey <cloud81186@live.com>
> *Subject:* [clamav-users] ClamAV Private Mirror Question
> Hello,
>
> I have setup a private mirror for ClamAV. I have pointed it to the private mirror on freshclam.conf. My question is how do i test this to make sure I am pulling the most up to date definitions from the private mirror to the server being scanned? Thanks in advance.
>
> Sent from my iPhone. Please excuse any typos.
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
>
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation https://docs.clamav.net/#mailing-lists-and-chat