1
2clamav-unofficial-sigs(8) SCRIPT COMMANDS clamav-unofficial-sigs(8)
3
4
5
7 clamav-unofficial-sigs - Download, test, and install third-party ClamAV
8 signature databases.
9
11 clamav-unofficial-sigs [options]
12
14 clamav-unofficial-sigs provides a simple way to download, test, and
15 update third-party signature databases provided by Sanesecurity, FOX‐
16 HOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, Mal‐
17 warePatrol, Yara-Rules Project, etc. It will also generate and install
18 cron, logrotate, and man files.
19
21 Script updates can be found at: https://github.com/extremeshok/clamav-
22 unofficial-sigs
23
25 This script follows the standard GNU command line syntax.
26
27 Usage: clamav-unofficial-sigs.sh [OPTION] [PATH|FILE]
28
29 -c, --config Use a specific configuration file or directory eg: '-c
30 /your/dir' or ' -c /your/file.name' Note: If a directory is speci‐
31 fied the directory must contain atleast: master.conf, os.conf or
32 user.conf Default Directory: /etc/clamav-unofficial-sigs
33
34 -F, --force Force all databases to be downloaded, could cause ip to
35 be blocked
36
37 -h, --help Display this script's help and usage information
38
39 -V, --version Output script version and date information
40
41 -v, --verbose Be verbose, enabled when not run under cron
42
43 -s, --silence Only output error messages, enabled when run under cron
44
45 -d, --decode-sig Decode a third-party signature either by signature
46 name (eg: Sanesecurity.Junk.15248) or hexadecimal string. This flag
47 will 'NOT' decode image signatures
48
49 -e, --encode-string Hexadecimal encode an entire input string that
50 can be used in any '*.ndb' signature database file
51
52 -f, --encode-formatted Hexadecimal encode a formatted input string
53 containing signature spacing fields '{}, (), *', without encoding
54 the spacing fields, so that the encoded signature can be used in any
55 '*.ndb' signature database file
56
57 -g, --gpg-verify GPG verify a specific Sanesecurity database file
58 eg: '-g filename.ext' (do not include file path)
59
60 -i, --information Output system and configuration information for
61 viewing or possible debugging purposes
62
63 -m, --make-database Make a signature database from an ascii file con‐
64 taining data strings, with one data string per line. Additional
65 information is provided when using this flag
66
67 -t, --test-database Clamscan integrity test a specific database file
68 eg: '-t filename.ext' (do not include file path)
69
70 -o, --output-triggered If HAM directory scanning is enabled in the
71 script's configuration file, then output names of any third-party
72 signatures that triggered during the HAM directory scan
73
74 -w, --whitelist Adds a signature whitelist entry in the newer ClamAV
75 IGN2 format to 'my-whitelist.ign2' in order to temporarily resolve
76 a false-positive issue with a specific third-party signature. Script
77 added whitelist entries will automatically be removed if the original
78 signature is either modified or removed from the third-party signa‐
79 ture database
80
81 --check-clamav If ClamD status check is enabled and the socket path
82 is correctly specifiedthen test to see if clamd is running or not
83
84 --install-all Install and generate the cron, logroate and man files,
85 autodetects the values based on your config files
86
87 --install-cron Install and generate the cron file, autodetects the
88 values based on your config files
89
90 --install-logrotate Install and generate the logrotate file, autode‐
91 tects the values based on your config files
92
93 --install-man Install and generate the man file, autodetects the
94 values based on your config files
95
96 --remove-script Remove the clamav-unofficial-sigs script and all of
97 its associated files and databases from the system
98
99
100 SEE ALSO
101 clamd(8), clamscan(1)
102
104 Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
105
106 You are free to use, modify and distribute, however you may not remove
107 this notice.
108
110 BSD (Berkeley Software Distribution)
111
113 Report bugs to https://github.com/extremeshok/clamav-unofficial-sigs
114
116 Adrian Jon Kriel :: admin@extremeshok.com Originially based on Script
117 provide by Bill Landry
118
119
120
121
122
123Version: 5.6.2 2017-03-19 clamav-unofficial-sigs(8)