Google
在 ClamAV 中啟用 Google 安全瀏覽
我正在嘗試使用 ClamAV 在我的郵件伺服器上啟用 Google 安全瀏覽反網路釣魚/惡意軟體過濾。我在freshclam.conf 中啟用了它,並且在我的datadir 中獲得了一個全新的safebrowsing.cld 文件。但是當我通過 clamscan 或 clamdscan 執行掃描時,它不會檢測到壞連結。我使用 http://**malware.testing ** .google.test ** /testing/malware/ 進行了測試,這是 Google 提供的一個範例惡意軟體 URL,它讓我的 Firefox 尖叫得要死,我還測試了其他一些壞的網址也是。
SafeBrowsing 支持是否仍然可用並在目前的 ClamAV 引擎中工作?我必須在我的 conf 文件中啟用一些特殊的東西嗎?
謝謝你的幫助 !
以下是有關我的測試案例的一些調試資訊:
main.cld is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven) daily.cld is up to date (version: 12620, sigs: 35178, f-level: 58, builder: ccordes) safebrowsing.cld is up to date (version: 27036, sigs: 544427, f-level: 58, builder: google) bytecode.cld is up to date (version: 123, sigs: 29, f-level: 58, builder: edwin) root@b /var/lib/clamav # ls -al total 94920 drwxr-xr-x 2 clamav clamav 4096 2011-02-03 10:34 . drwxr-xr-x 39 root root 4096 2010-11-30 01:22 .. -rw-r--r-- 1 clamav clamav 437248 2011-01-23 15:25 bytecode.cld -rw-r--r-- 1 clamav clamav 2311680 2011-02-03 07:25 daily.cld -rw-r--r-- 1 clamav clamav 65422336 2010-11-14 18:40 main.cld -rw------- 1 clamav clamav 988 2011-02-03 10:34 mirrors.dat -rw-r--r-- 1 clamav clamav 28894720 2011-02-03 09:59 safebrowsing.cld root@b /var/lib/clamav # clamscan /tmp/malware-test.eml /tmp/malware-test.eml: OK ----------- SCAN SUMMARY ----------- Known viruses: 1424589 Engine version: 0.96.5 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 2.739 sec (0 m 2 s) #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 5 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false StreamMaxLength 10M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 60000 OfficialDatabaseOnly false CrossFilesystems true
我聯繫了 ClamAV 團隊,這是他們程式碼中的錯誤。