You are not logged in.
- Topics: Active | Unanswered
#1 2022-01-14 18:58:38
- TaTuKoMa
- Member
- Registered: 2021-11-14
- Posts: 16
ClamAV & daemon & unofficial-sigs & test download & OnAccessScan
Hello. I was install clamav and enable clamav-freshclam.service and clamav-daemon.service.
Make test download and scan how in describe in ClamAV - ArchWiki. $ curl https://secure.eicar.org/eicar.com.txt | clamscan -
Test passed successfully. But i cant find this file. Where he download it? If i specify name like 'malvare' i can find this file. But where others with original name?
clamav-daemon.service In wiki says he don't need if you want only manual scans. Also says OnAccessScan by default off and he is unstable.
It means if i will be somehow execute malvare file he will not stop it? So what he actualy doing? He don't prevent download this test file and nothing says about him when i download it without | clamscan -
unofficial-sigs I think it would not be bad to expand the virus database. But he's in the AUR. This package can even be infected? Or is it just like a text document with a list? Although the list may include some files that should protect me on my device?
And also why you don't use antimalware?
Last edited by TaTuKoMa (2022-01-14 18:59:27)
Offline
#2 2022-01-14 21:26:31
- mpan
- Member
- Registered: 2012-08-01
- Posts: 1,206
- Website
Re: ClamAV & daemon & unofficial-sigs & test download & OnAccessScan
Where he download it? If i specify name like 'malvare' i can find this file. But where others with original name?
Nowhere. You requested it to pipe the entire output to clamscan without ever writing it anywhere. curl sends the file directly to the standard input of clamscan, which reads it, scans and reports the result. Nothing is being stored.
clamav-daemon.service In wiki says he don't need if you want only manual scans. Also says OnAccessScan by default off and he is unstable.
It means if i will be somehow execute malvare file he will not stop it? So what he actualy doing?
Scanning files. The clamd(8) manual explains what the daemon may do. OnAccessScan is just a single, somewhat experimental feature. You do not need to use it.
Note: I suspect English is not your native language and I do not blame you for that, but most of your message is impossible to understand. Above I answered only to the fragments that make sense. There is a section for other languages — perhaps you will get a better response there.
Last edited by mpan (2022-01-14 21:30:33)
Sometimes I seem a bit harsh — don’t get offended too easily!
Offline