Removed mirror docs (they are in github’s faq, remove them from tar
ball), and corrected links in clamdoc and signatures.
3 | 3 |
deleted file mode 100644 |
... | ... |
@@ -1,438 +0,0 @@ |
1 |
-%% LyX 1.3 created this file. For more info, see http://www.lyx.org/. |
|
2 |
-%% Do not edit unless you really know what you are doing. |
|
3 |
-\documentclass[english]{article} |
|
4 |
-\usepackage{times} |
|
5 |
-\usepackage[T1]{fontenc} |
|
6 |
-\usepackage[latin1]{inputenc} |
|
7 |
-\setcounter{secnumdepth}{4} |
|
8 |
-\setcounter{tocdepth}{4} |
|
9 |
-\usepackage{setspace} |
|
10 |
-\onehalfspacing |
|
11 |
- |
|
12 |
-\makeatletter |
|
13 |
-%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% User specified LaTeX commands. |
|
14 |
-\usepackage[official]{eurosym} |
|
15 |
-\usepackage{listings} |
|
16 |
-\usepackage{color} |
|
17 |
-\lstset{ |
|
18 |
- commentstyle=\color{blue}, |
|
19 |
- keywordstyle=\color{red}, |
|
20 |
- frame=single, |
|
21 |
- breaklines, |
|
22 |
- showstringspaces=false, |
|
23 |
- tabsize=2, |
|
24 |
- numbers=left, |
|
25 |
- numberstyle=\tiny, |
|
26 |
- stepnumber=5, |
|
27 |
- numbersep=5pt, |
|
28 |
- basicstyle=\normalfont\footnotesize\tt, |
|
29 |
- language={[]Perl} |
|
30 |
- } |
|
31 |
- |
|
32 |
-\usepackage{babel} |
|
33 |
-\makeatother |
|
34 |
-\begin{document} |
|
35 |
- |
|
36 |
-\title{Mirroring the Virus Database} |
|
37 |
- |
|
38 |
- |
|
39 |
-\author{Luca Gibelli} |
|
40 |
- |
|
41 |
-\maketitle |
|
42 |
-Some guidelines for people interested in contributing to the distribution |
|
43 |
-of ClamAV virus database. |
|
44 |
- |
|
45 |
- |
|
46 |
-\section{Introduction} |
|
47 |
- |
|
48 |
- |
|
49 |
-\subsection{This doc} |
|
50 |
- |
|
51 |
-The latest version of this document is always available at http://www.clamav.net/doc/mirrors/. |
|
52 |
-Before going any further, please check that you are reading the latest |
|
53 |
-version. |
|
54 |
- |
|
55 |
-Japanese sysadmins can find a translated version of this doc at http://www.orange.co.jp/\textasciitilde{}masaki/clamav/mirror-howto-jp.html |
|
56 |
-(not necessarily up to date). |
|
57 |
- |
|
58 |
- |
|
59 |
-\subsection{Who is responsible for the virus database} |
|
60 |
- |
|
61 |
-The virusdb team take care of reviewing virus signatures, checking |
|
62 |
-for new viruses in the wild and committing changes to the virus database |
|
63 |
-file. |
|
64 |
- |
|
65 |
-The updates are released quite often (usually no less than three times |
|
66 |
-a week). If you want to be notified whenever the virus database is |
|
67 |
-updated subscribe to clamav-virusdb \emph{at} lists.clamav.net . |
|
68 |
- |
|
69 |
-Every time the virusdb team updates the database, the ChangeLog will |
|
70 |
-be posted to the mailing-list. |
|
71 |
- |
|
72 |
-Visit for the list description and archives. |
|
73 |
- |
|
74 |
-If you need to contact the virusdb team please write to: virus-team |
|
75 |
-\emph{at} clamav.net |
|
76 |
- |
|
77 |
- |
|
78 |
-\subsection{Virus submission} |
|
79 |
- |
|
80 |
-Whenever you find a new virus which is not detected by ClamAV you |
|
81 |
-should send it to the virusdb team by filling the form at http://www.clamav.net/sendvirus.html. |
|
82 |
-They will review your submission and update the database so that the |
|
83 |
-whole ClamAV user community can take benefit from it. |
|
84 |
- |
|
85 |
-\textbf{Never} send virus samples to ClamAV mailing-lists or developers |
|
86 |
-addresses. |
|
87 |
- |
|
88 |
- |
|
89 |
-\subsection{Getting a copy of the latest virus database} |
|
90 |
- |
|
91 |
-The most important factor for an antivirus's efficiency is to be up |
|
92 |
-to date. ClamAV comes with a tool to update the virus database automatically: |
|
93 |
-its name is \emph{freshclam}. |
|
94 |
- |
|
95 |
-freshclam looks up the TXT record associated with \textit{current.cvd.clamav.net} |
|
96 |
-and extracts the latest database version available from the string |
|
97 |
-returned. If the local database is outdated, freshclam tries to connect |
|
98 |
-to the hostnames listed in freshclam.conf (DatabaseMirror directive). |
|
99 |
-If the first server in the list fails or the latest database is not |
|
100 |
-available on that mirror (e.g. in case there has been a problem sync'ing |
|
101 |
-the mirror), freshclam will sleep for 10 secs and then try again with |
|
102 |
-the next one, and so on. |
|
103 |
- |
|
104 |
-After freshclam downloads the new database, it sends a notify to clamd |
|
105 |
-(if active) to reload the database. |
|
106 |
- |
|
107 |
-It is important for the machine running ClamAV to be able to make |
|
108 |
-DNS lookups and to connect to port 80 of external hosts on Internet |
|
109 |
-either directly or through a proxy. There are known problems with |
|
110 |
-some transparent proxies caching what they shouldn't cache. If you |
|
111 |
-should run into this kind of problem, please check your proxy configuration |
|
112 |
-before reporting a bug. |
|
113 |
- |
|
114 |
- |
|
115 |
-\section{Mirroring the database} |
|
116 |
- |
|
117 |
- |
|
118 |
-\subsection{The need for mirrors} |
|
119 |
- |
|
120 |
-To prevent the spread of worms it is essential to check for updates |
|
121 |
-frequently. ClamAV users often configure freshclam with a check interval |
|
122 |
-of 30 minutes. |
|
123 |
- |
|
124 |
-With an exponentially growing number of ClamAV users, the servers |
|
125 |
-hosting the virus database files get easily overloaded. |
|
126 |
- |
|
127 |
-Without mirrors, the traffic on our main site was 100GB/month (May |
|
128 |
-2003). |
|
129 |
- |
|
130 |
-On Feb 2004 the traffic on each mirror (11 in total) reached 120GB/month. |
|
131 |
-\\ |
|
132 |
-Thanks to some improvements in freshclam and the increasing number |
|
133 |
-of mirrors (currently 60), the traffic on each mirror was lowered |
|
134 |
-to 40GB/month (Aug 2004). That makes about 2.5TByte/month of global |
|
135 |
-traffic. |
|
136 |
- |
|
137 |
-Our users are encouraged to add the following directives to their |
|
138 |
-freshclam.conf : |
|
139 |
- |
|
140 |
-DatabaseMirror db.XY.clamav.net |
|
141 |
- |
|
142 |
-DatabaseMirror db.local.clamav.net |
|
143 |
- |
|
144 |
-where XY stands for the country the server lives in % |
|
145 |
-\footnote{a full list is available at http://www.iana.org/cctld/cctld-whois.htm% |
|
146 |
-} |
|
147 |
- |
|
148 |
-Each db.XY.clamav.net record points to the mirrors available in that |
|
149 |
-country% |
|
150 |
-\footnote{For a complete list of the mirrors available in each country visit |
|
151 |
-http://www.clamav.net/mirrors.html% |
|
152 |
-} or, in case there are none, the continent. |
|
153 |
- |
|
154 |
-If freshclam can't connect to db.XY.clamav.net, it will fail back |
|
155 |
-on db.local.clamav.net, which \textbf{attempts} to redirect the user |
|
156 |
-to the closest pool of mirrors by looking up its ip source address |
|
157 |
-in GeoIP database (http://www.maxmind.com/app/geoip\_country).% |
|
158 |
-\footnote{See: |
|
159 |
- |
|
160 |
-http://www.iana.org/assignments/ipv4-address-space |
|
161 |
- |
|
162 |
-http://ip-to-country.webhosting.info/ |
|
163 |
- |
|
164 |
-http://ftp.apnic.net/stats/apnic/ |
|
165 |
- |
|
166 |
-http://www.ripe.net/db/erx/erx-ip/ |
|
167 |
- |
|
168 |
-Some of the information were contributed by Walter Hop (from transip.nl).% |
|
169 |
-} We are aware that looking up the ip source address is not an accurate |
|
170 |
-method to find the user location from a network topology point of |
|
171 |
-view. We accept the risk. |
|
172 |
- |
|
173 |
- |
|
174 |
-\subsection{Requirements to become a mirror} |
|
175 |
- |
|
176 |
-We need fast reliable mirrors. Servers eligible for becoming mirrors |
|
177 |
-have to provide: |
|
178 |
- |
|
179 |
-\begin{itemize} |
|
180 |
-\item At least a 10Mbit/s link to the Internet% |
|
181 |
-\footnote{Traffic is bursty, that's why we request such a large pipe% |
|
182 |
-} |
|
183 |
-\item Unlimited traffic |
|
184 |
-\item At least 50MB of web space |
|
185 |
-\item Support for our \emph{push-mirroring} system |
|
186 |
-\item The mirror has to be available to all ClamAV users. We DO NOT support |
|
187 |
-private mirrors. |
|
188 |
-\item ssh 2 (read on) |
|
189 |
-\end{itemize} |
|
190 |
-We also appreciate (but do not require) having shell access to the |
|
191 |
-server hosting the mirror. FTP access is no longer accepted. \\ |
|
192 |
-The virusdb team will use the account \emph{only} to update the virus |
|
193 |
-database. |
|
194 |
- |
|
195 |
- |
|
196 |
-\subsection{How to become a mirror} |
|
197 |
- |
|
198 |
-Before setting up a mirror contact \emph{luca -at- clamav.net}! |
|
199 |
- |
|
200 |
-You have to follow these steps: |
|
201 |
- |
|
202 |
-\begin{enumerate} |
|
203 |
-\item Set up a virtual host for \\ |
|
204 |
-http://database.clamav.net, http://db.{*}.clamav.net and http://clamav.your-domain.tld\\ |
|
205 |
-Note there is an asterisk in the second hostname. A literal asterisk.\\ |
|
206 |
-Do not replace it with your country code. \\ |
|
207 |
-If you are using name based virtual hosts% |
|
208 |
-\footnote{You can check whether the mirror setup is correct or not, simply by |
|
209 |
-adding a line like this: |
|
210 |
- |
|
211 |
-your-server-ip database.clamav.net |
|
212 |
- |
|
213 |
-to the /etc/hosts on your client machine. Then visit http://database.clamav.net |
|
214 |
-and see if you can download files from your mirror's directory.% |
|
215 |
-} see \\ |
|
216 |
-http://httpd.apache.org/docs/mod/core.html\#serveralias for more information. |
|
217 |
-\\ |
|
218 |
-Here is an example for a typical setup:\\ |
|
219 |
-\\ |
|
220 |
-\emph{<VirtualHost 10.1.2.3> }\\ |
|
221 |
-\emph{ServerAdmin john@clamav.foo.com }\\ |
|
222 |
-\emph{DocumentRoot /home/users/clamavdb/public\_html }\\ |
|
223 |
-\emph{ServerName database.clamav.net}\\ |
|
224 |
-\emph{ServerAlias db.{*}.clamav.net}\\ |
|
225 |
-\emph{ServerAlias clamav.foo.com}\\ |
|
226 |
-\emph{</VirtualHost>}\\ |
|
227 |
-If you are not using Apache and you cannot create wildcard vhosts, |
|
228 |
-you must use IP based virtual hosts!\\ |
|
229 |
-Please note that an http redirect (e.g. RedirectPermanent) is not |
|
230 |
-enough! freshclam can't handle redirects yet. \emph{}\\ |
|
231 |
-If you are running Apache 2.x, please use the following directive |
|
232 |
-for proper logging:\\ |
|
233 |
-\emph{LogFormat \char`\"{}\%h \%l \%u \%t \textbackslash{}\char`\"{}\%r\textbackslash{}\char`\"{} |
|
234 |
-\%>s \%O \textbackslash{}\char`\"{}\%\{Referer\}i\textbackslash{}\char`\"{} |
|
235 |
-\textbackslash{}\char`\"{}\%\{User-Agent\}i\textbackslash{}\char`\"{}\char`\"{} |
|
236 |
-combinedrealsize }\\ |
|
237 |
-\emph{CustomLog /path/to/clamav-access.log combinedrealsize }\\ |
|
238 |
-See the {}``Statistics'' paragraph for more info. |
|
239 |
-\item Create an account with login {}``clamavdb'' and give it write access |
|
240 |
-to the virtual host's DocumentRoot. \\ |
|
241 |
-You may want to disable password authentication for this account and |
|
242 |
-change the password to something obscure.\\ |
|
243 |
-The {}``clamavdb'' user's shell must be /bin/sh or /bin/bash . Otherwise |
|
244 |
-the user won't be able to run the command associated with the ssh |
|
245 |
-public key% |
|
246 |
-\footnote{Take a look at the content of \emph{{}``authorized\_keys\_noshell''}: |
|
247 |
-the only command which can be executed by the owner of the corresponding |
|
248 |
-ssh private key is \textasciitilde{}/bin/clam-clientsync. We will |
|
249 |
-only be able to trigger the execution of that script and nothing else! |
|
250 |
- |
|
251 |
-However, shell access is really appreciated. If you are willingly |
|
252 |
-to give us shell access, use \emph{authorized\_key}s\emph{\_shell} |
|
253 |
-instead which contains Luca Gibelli and Tomasz Papszun ssh public |
|
254 |
-keys too.% |
|
255 |
-}. |
|
256 |
-\item Download the following files:\\ |
|
257 |
-clam-clientsync.conf\\ |
|
258 |
-clam-clientsync\\ |
|
259 |
-authorized\_keys\_shell\\ |
|
260 |
-authorized\_keys\_noshell\\ |
|
261 |
-authorized\_keys\_shell.sig\\ |
|
262 |
-authorized\_keys\_noshell.sig\\ |
|
263 |
-from http://www.clamav.net/doc/mirrors/ |
|
264 |
-\item Verify the signature using:\\ |
|
265 |
-\$ gpg --verify authorized\_keys\_noshell.sig authorized\_keys\_noshell\\ |
|
266 |
-\$ gpg --verify authorized\_keys\_shell.sig authorized\_keys\_shell\\ |
|
267 |
-My PGP public key is available on most keyservers and on ClamAV web |
|
268 |
-site. It can eventually be verified by telephone. Contact me by email |
|
269 |
-first. |
|
270 |
-\item If you don't want to give us shell access, copy \emph{authorized\_keys\_noshell} |
|
271 |
-to \emph{\textasciitilde{}clamavdb/.ssh/authorized\_keys}:\\ |
|
272 |
-\$ cp authorized\_keys\_noshell \textasciitilde{}/.ssh/authorized\_keys\\ |
|
273 |
-If you want to give us shell access, use \emph{authorized\_keys\_shell} |
|
274 |
-instead:\\ |
|
275 |
-\$ cp authorized\_keys\_shell \textasciitilde{}clamavdb/.ssh/authorized\_keys\\ |
|
276 |
-\$ chmod go-w \textasciitilde{}clamavdb\\ |
|
277 |
-\$ chmod 700 \textasciitilde{}clamavdb/.ssh\\ |
|
278 |
-\$ chmod 600 \textasciitilde{}clamavdb/.ssh/authorized\_keys |
|
279 |
-\item Copy clam-clientsync to \textasciitilde{}clamavdb/bin/\\ |
|
280 |
-Copy clam-clientsync.conf to \textasciitilde{}clamavdb/etc/\\ |
|
281 |
-chmod 600 \textasciitilde{}clamavdb/etc/clam-clientsync.conf\\ |
|
282 |
-chmod 755 \textasciitilde{}clamavdb/bin/clam-clientsync\\ |
|
283 |
-Everything must be owned by user clamavdb.\\ |
|
284 |
-The clam-clientsync requires the {}``lockfile'' program, which is |
|
285 |
-part of the \emph{procmail} package. Before going any further, please |
|
286 |
-check that {}``lockfile'' is available. |
|
287 |
-\item Send the server's details (ip address, country, virtual host aliases, |
|
288 |
-available bandwidth and sysadmin's full name and email address) to |
|
289 |
-\emph{luca} \emph{at} \emph{clamav.net} . |
|
290 |
-\item Edit \textasciitilde{}clamavdb/etc/clam-clientsync.conf . If your |
|
291 |
-DocumentRoot (see paragraph 1) is \emph{/home/users/clamavdb/public\_html} |
|
292 |
-, your login is \emph{foo} and your password \emph{guessme}, then |
|
293 |
-your clam-clientsync.conf will look like this: \\ |
|
294 |
-TO=/home/users/clamavdb/public\_html\\ |
|
295 |
-RSYNC\_USER=foo\\ |
|
296 |
-RSYNC\_PASSWORD=guessme\\ |
|
297 |
-EXCLUDE=\char`\"{}--exclude local\_{*}\char`\"{} |
|
298 |
-\item Reconfigure your packet filter to allow incoming connections on port |
|
299 |
-22/tcp and outgoing connections to ports 873/tcp and 873/udp.\\ |
|
300 |
-You can furtherly restrict access to these ports by only allowing |
|
301 |
-connections from/to the following IP addresses: \\ |
|
302 |
-194.109.142.194, 64.18.103.6, 194.242.226.43 .\\ |
|
303 |
-rsync.clamav.net is a round robin record which points to our master |
|
304 |
-mirror servers. Any changes to this record will be announced on the |
|
305 |
-clamav-mirrors mailing-list. |
|
306 |
-\item You are welcome to put your company logo on the mirror home page. |
|
307 |
-Just copy it to the DocumentRoot and rename it to {}``local\_logo.png''. |
|
308 |
-The index.html is unique for every mirror. Please note that any file |
|
309 |
-in the DocumentRoot whose name doesn't match {}``local\_{*}'' will |
|
310 |
-be deleted at every mirror sync. |
|
311 |
-\item Subscribe to clamav-mirrors \emph{at} lists.clamav.net: see \\ |
|
312 |
-http://lists.clamav.net/mailman/listinfo/clamav-mirrors for more info. |
|
313 |
-\\ |
|
314 |
-Subscribe requests have to be approved. We will approve your subscription |
|
315 |
-request only \emph{after} reviewing your server's info. |
|
316 |
-\end{enumerate} |
|
317 |
-When everything is done, your server's IP address will be added either |
|
318 |
-to your country's dns record (db.XY.clamav.net) or one of the round |
|
319 |
-robin record (db.<continent>.clamav.net) and your company will be |
|
320 |
-listed on our mirrors list page. |
|
321 |
- |
|
322 |
- |
|
323 |
-\subsection{Statistics} |
|
324 |
- |
|
325 |
-Although it's not required, we really appreciate if you can make access |
|
326 |
-statistics of your mirror available to us. They should be available |
|
327 |
-at http://your-mirror-host-name/local\_stats/ and they \textbf{must} |
|
328 |
-be protected with login and password. You should use the same login |
|
329 |
-and password you are using in your \textasciitilde{}clamavdb/etc/clam-clientsync.conf |
|
330 |
-file. |
|
331 |
- |
|
332 |
-If possible, please tell your statistics generator to ignore requests |
|
333 |
-made by the {}``ClamAV-MirrorCheck'' agent. |
|
334 |
- |
|
335 |
-If you are using Webalizer, you can add the following directive to |
|
336 |
-your conf. file: |
|
337 |
- |
|
338 |
-HideAgent ClamAV-MirrorCheck |
|
339 |
- |
|
340 |
-If you are using AWStats, you can add this one instead: |
|
341 |
- |
|
342 |
-SkipUserAgents=\char`\"{}ClamAV-MirrorCheck'' |
|
343 |
- |
|
344 |
-Refer to your stats generator's manual for more info. |
|
345 |
- |
|
346 |
-\textbf{Important note} for Apache2 users: |
|
347 |
- |
|
348 |
-As stated in the Apache documentation from http://httpd.apache.org/docs/2.0/mod/mod\_log\_config.html: |
|
349 |
- |
|
350 |
-\textit{Note that in httpd 2.0, unlike 1.3, the \%b and \%B format |
|
351 |
-strings do not represent the number of bytes sent to the client, but |
|
352 |
-simply the size in bytes of the HTTP response (which will differ, |
|
353 |
-for instance, if the connection is aborted, or if SSL is used). The |
|
354 |
-\%O format provided by mod\_logio will log the actual number of bytes |
|
355 |
-sent over the network.} |
|
356 |
- |
|
357 |
- |
|
358 |
-\subsection{Admin's duty} |
|
359 |
- |
|
360 |
-\begin{itemize} |
|
361 |
-\item Scheduled downtimes should be announced on the clamav-mirrors mailing-list |
|
362 |
-in advance. |
|
363 |
-\item IP address changes should be notified in advance too. |
|
364 |
-\item Changes in the ssh host public key of the mirror host should be announced |
|
365 |
-on the clamav-mirrors mailing-list. |
|
366 |
-\item It is essential to be able to contact the sysadmin responsible for |
|
367 |
-the mirror server and get a quick response. Whenever a problem with |
|
368 |
-a mirror occurs we need to immediately find out its cause and act |
|
369 |
-consequently. |
|
370 |
-\end{itemize} |
|
371 |
- |
|
372 |
-\section{Notes for sigmakers} |
|
373 |
- |
|
374 |
-New sigmakers should send their ssh2 public key to \emph{luca at clamav.net} |
|
375 |
-. Their public key will be added to rsyncX.clamav.net authorized\_keys |
|
376 |
-(after being verified). |
|
377 |
- |
|
378 |
-Sigmakers can upload a new database to either rsync1.clamav.net or |
|
379 |
-rsync2.clamav.net using a (scp|sftp|rsync)-only account. |
|
380 |
- |
|
381 |
-The new database won't be available to other people immediately. First, |
|
382 |
-sigmakers have to notify the rsyncX.clamav.net server that a new database |
|
383 |
-is available. |
|
384 |
- |
|
385 |
-Here is the step-by-step procedure to release a new database version |
|
386 |
-and propagate it around the world: |
|
387 |
- |
|
388 |
-\begin{enumerate} |
|
389 |
-\item Assume your ssh private key is \textasciitilde{}/.ssh/id\_rsa and |
|
390 |
-you've just built a new daily.cvd. Assume you want to use rsync1.clamav.net |
|
391 |
-\item In order to upload the new database, you have to run:\\ |
|
392 |
-\$ rsync -tcz --stats --progress -e 'ssh -i \textasciitilde{}/.ssh/id\_rsa' |
|
393 |
-daily.cvd clamupload@rsync1.clamav.net:public\_html/ |
|
394 |
-\item Next, you need to notify rsync1.clamav.net that a new database is |
|
395 |
-available:\\ |
|
396 |
-\$ ssh rsync1.clamav.net -i \textasciitilde{}/.ssh/id\_rsa -l clamavdb |
|
397 |
-sleep 1 |
|
398 |
-\item rsync1.clamav.net will verify the digital signature of the newly uploaded |
|
399 |
-database using \emph{sigtool -i}. If it finds an error, it will refuse |
|
400 |
-to distribute the database to other mirrors. |
|
401 |
-\item rsync1.clamav.net will copy the previously uploaded database to its |
|
402 |
-rsync shared directory. |
|
403 |
-\item rsync1.clamav.net will notify every mirror that a new database is |
|
404 |
-available |
|
405 |
-\item Every mirror will rsync its copy of the database from \emph{rsync1.clamav.net::clamavdb} |
|
406 |
-(only mirrors can access the rsync server at rsync1.clamav.net, it's |
|
407 |
-password protected) |
|
408 |
-\end{enumerate} |
|
409 |
-As a fallback, every three hours, either rsync1.clamav.net or rsync2.clamav.net |
|
410 |
-force an update on every mirror. |
|
411 |
- |
|
412 |
-If rsync1 can't reach rsync2 or viceversa, the automatic update doesn't |
|
413 |
-take place. This is done to avoid propagating an old database. |
|
414 |
- |
|
415 |
-To avoid conflicts, sigmakers should use rsync1 by default and if |
|
416 |
-it fails, switch to rsync2. Whenever a sigmaker uses rsync2, he should |
|
417 |
-announce it on the clamav-team mailing-list so that every other sigmaker |
|
418 |
-uses rsync2 too, until the issues with rsync1 are over. |
|
419 |
- |
|
420 |
- |
|
421 |
-\section{Mirror status} |
|
422 |
- |
|
423 |
-Every mirror is continously monitored to ensure that every ClamAV |
|
424 |
-user gets the latest virus database. |
|
425 |
- |
|
426 |
-Every three hours we upload a file called \emph{timestamp} on every |
|
427 |
-mirror. Every hour we choose a random mirror and check that \emph{timestamp} |
|
428 |
-is fresh. If the file is one day old or unavailable, the mirror if |
|
429 |
-marked as {}``old'' and the ClamAV team receive a warning. If the |
|
430 |
-situation persists for two days, the mirror is temporarily removed |
|
431 |
-from the list. |
|
432 |
- |
|
433 |
-You can view the current status of every ClamAV database mirror at |
|
434 |
-http://www.clamav.net/mirrors.html . |
|
435 |
- |
|
436 |
-Please note that this page doesn't reflect how \emph{often} the database |
|
437 |
-is propagated to mirrors. It just shows the trend of mirrors availability. |
|
438 |
-\end{document} |
... | ... |
@@ -204,7 +204,7 @@ |
204 | 204 |
\item \textbf{clamav-virusdb*lists.clamav.net} - database update announcements, moderated |
205 | 205 |
\end{itemize} |
206 | 206 |
\noindent You can subscribe and search the mailing list archives at: |
207 |
- \url{http://www.clamav.net/support/ml/}\\ |
|
207 |
+ \url{http://www.clamav.net/contact.html#ml}\\ |
|
208 | 208 |
Alternatively you can try asking on the \verb+#clamav+ IRC channel - launch |
209 | 209 |
your favourite irc client and type: |
210 | 210 |
\begin{verbatim} |
... | ... |
@@ -216,7 +216,7 @@ |
216 | 216 |
If you have got a virus which is not detected by your ClamAV with the latest |
217 | 217 |
databases, please submit the sample at our website: |
218 | 218 |
\begin{center} |
219 |
- \url{http://www.clamav.net/sendvirus} |
|
219 |
+ \url{http://www.clamav.net/malware-sample} |
|
220 | 220 |
\end{center} |
221 | 221 |
|
222 | 222 |
\section{Base package} |
... | ... |
@@ -238,7 +238,7 @@ |
238 | 238 |
|
239 | 239 |
\subsection{Binary packages} |
240 | 240 |
You can find the up-to-date list of binary packages at our website: |
241 |
- \url{http://www.clamav.net/download/packages/} |
|
241 |
+ \url{http://www.clamav.net/download.html#otherversions} |
|
242 | 242 |
|
243 | 243 |
\section{Installation} |
244 | 244 |
|
... | ... |
@@ -386,7 +386,7 @@ All 4 tests passed |
386 | 386 |
|
387 | 387 |
\subsection{Reporting a unit test failure bug} |
388 | 388 |
If \verb+make check+ says that some tests failed we encourage you to report a bug on our bugzilla: \url{http://bugs.clamav.net}. |
389 |
- The information we need is (see also \url{http://clamav.net/bugs}): |
|
389 |
+ The information we need is (see also \url{http://www.clamav.net/documentation.html#ins-bugs}): |
|
390 | 390 |
\begin{itemize} |
391 | 391 |
\item The exact output from \verb+make check+ |
392 | 392 |
\item Output of \verb+uname -mrsp+ |
... | ... |
@@ -332,7 +332,7 @@ How do I look in hex? |
332 | 332 |
(ClamAV$\ge$0.98.2) |
333 | 333 |
\item \verb+HEXSIG[x-y]aa+ or \verb+aa[x-y]HEXSIG+\\ |
334 | 334 |
Match aa anchored to a hex-signature, see |
335 |
- \url{https://wwws.clamav.net/bugzilla/show_bug.cgi?id=776} for |
|
335 |
+ \url{https://bugzilla.clamav.net/show_bug.cgi?id=776} for |
|
336 | 336 |
discussion and examples. |
337 | 337 |
\item \verb+(B)+\\ |
338 | 338 |
Match word boundary (including file boundaries). |
... | ... |
@@ -500,7 +500,7 @@ cf43987e4f519d629b103375;SL+550:6300680065005c0046006900 |
500 | 500 |
subsignature. The macro subsignature makes its preceding subsignature |
501 | 501 |
considered a match only if both of them get matched. For more |
502 | 502 |
information and examples please see |
503 |
- \url{https://wwws.clamav.net/bugzilla/show_bug.cgi?id=164}. |
|
503 |
+ \url{https://bugzilla.clamav.net/show_bug.cgi?id=164}. |
|
504 | 504 |
|
505 | 505 |
\subsection{Icon signatures for PE files} |
506 | 506 |
ClamAV 0.96 includes an approximate/fuzzy icon matcher to help |