Mailing List Archive

>
> How does one Obtain ClamAV Linux Anvi-Virus Database File Updates for
> Systems not Connected to the internet? All our systems are air-gapped (not
> internet connected) so as ClamAV provides Linux Anvi-Virus Database File
> Updates for viruses as they are identified, what link or website can I
> connect to download the latest signature files?
>
>
>
> I am running Red Hat Enterprise 7 and 8 as well as CentOS 7 and 8.
>

use something like a proxy that is 'multi' homed that can temporary allow downloading. I am having something like a private vlan with some instances that or on the private vlan and the internet access vlan. Or automatically create container images, and just deploy those on the private vlan. etc etc
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

http://database.clamav.net/main.cvd
http://database.clamav.net/daily.cvd
http://database.clamav.net/bytecode.cvd


From: clamav-users <clamav-users-bounces@lists.clamav.net> On Behalf Of McCarthy, John D. [US-US] via clamav-users
Sent: Monday, March 25, 2024 1:43 PM
To: clamav-users@lists.clamav.net
Cc: McCarthy, John D. [US-US] <JOHN.D.MCCARTHY@leidos.com>
Subject: EXT: [clamav-users] How does one Obtain ClamAV Linux Anvi-Virus Database File Updates for Systems not Connected to the internet

WARNING: This email originated from outside of GE. Please validate the sender's email address before clicking on links or attachments as they may not be safe.

How does one Obtain ClamAV Linux Anvi-Virus Database File Updates for Systems not Connected to the internet? All our systems are air-gapped (not internet connected) so as ClamAV provides Linux Anvi-Virus Database File Updates for viruses as they are identified, what link or website can I connect to download the latest signature files?

I am running Red Hat Enterprise 7 and 8 as well as CentOS 7 and 8.

A million thanks,
John

Meaning does not lie in the work but instead in what you bring to the work

John D. McCarthy | Leidos
CISSP, MCSE, Security +, CCNA
Information Systems Security Manager
phone: 937-431-4311 | mobile: 937-405-3749
john.d.mccarthy@leidos.com<mailto:john.d.mccarthy@leidos.com>

On Mon, 25 Mar 2024, McCarthy, John D. [US-US] via clamav-users wrote:

> How does one Obtain ClamAV Linux Anvi-Virus Database File Updates
> for Systems not Connected to the internet? All our systems are
> air-gapped (not internet connected) so as ClamAV provides Linux
> Anvi-Virus Database File Updates for viruses as they are identified,
> what link or website can I connect to download the latest signature
> files?

https://www.clamav.net/downloads says:
If your network is segmented or the end hosts are unable to reach the
internet, you should investigate setting up a private local mirror
using the cvdupdate tool.
https://docs.clamav.net/appendix/CvdPrivateMirror.html

cvdupdate will store not just the current database files, but the cdiffs
too, which the client machibes can use to update their database files.

Don't use a web browser, wget or curl to download the updates;
that will get you blocked, since there has been a history
of misuse. Only freshclam and cvdupdate are exempt from this block.

Unless you allow sneaker-net - USB sticks and the like - you should
not actually need an anti-malware app on your air-gapped machines.

--
Andrew C. Aitchison Kendal, UK
andrew@aitchison.me.uk
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat