How can I be sure the ClamAV database is up to date?

Question

How can I be sure the ClamAV database is up to date?

I am currently having a problem with ClamAV and freshclam on Centos 6.9.

I have the latest Clam 0.99.2 engine and a working internet connection. Even if I run the command # freshclam -v

(it only returns the security warning about insecure permission freshclam.conf) before # clamscan

clamAV will return this warning to me:

LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days. *** LibClamAV Warning: *** Please update it IMMEDIATELY! *** LibClamAV Warning: **************************************************

So my questions are, how do I know when the last update was made? Or make sure the virus database is up to date?

PS: I checked clamscan with eicar test file and found it.

+5

linux centos antivirus virus-scanning clam

Pierre B Apr 20 '17 at 9:00

source to share

2 answers

Here's what I do for the second part of your question: make sure the virus database is up to date?

My systems are offline so cannot query clamav for their most recent virus definition database, but I can easily check the date of my current cvd files with this linux command.

strings /var/lib/clamav/daily.cvd|head -1|cut -c1-28
ClamAV-VDB:31 Jul 2019 04-17

Edit: As Jonathon kindly mentioned, sigtool is a great way to verify the signature of a clamav data file:

sigtool --info daily.cvd
File: daily.cvd
Build time: 28 Aug 2019 04:24 -0400
Version: 25555
Signatures: 1739106
Functionality level: 63
Builder: raynman
...

0

Phil 07 Aug 19 at 19:52

source to share

Bogdan · Accepted Answer · 2017-04-20T09:43:12+0000

You have 2 questions:

How do I know when the last update was made?

host -t txt current.cvd.clamav.net; perl -e 'printf "%d\n", time;'

This will tell you when clamav provided the last update.

Make sure the virus database is up to date?

First, you need to understand why you are getting a security warning. If you post a warning here, we may have a better chance of helping you.

Then I recommend that you look in the magazine /var/log/clamav/freshclam.log

Also, if you include the selinux, you will need to run this: setsebool -P antivirus_can_scan_system 1

. If, in any case, the error looks something like this During database load : LibClamAV Warning: RWX mapping denied: Can't allocate RWX Memory: Permission denied

, then it is clear that your solution is the command mentioned above.

How can I be sure the ClamAV database is up to date?

More articles: