Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # This file contains user configuration settings for the clamav-unofficial-sigs.sh
- # Script provide by Bill Landry (unofficialsigs@gmail.com).
- #
- # Script updates can be found at: http://sourceforge.net/projects/unofficial-sigs
- #
- # License: BSD (Berkeley Software Distribution)
- ################################################################################
- # USER CONFIGURATION FILE FOR SCRIPT: #
- # * * * #
- # clamav-unofficial-sigs.sh #
- # * * * #
- # SET PROGRAM PATHS AND OTHER VARIABLE OPTIONS FOR THE SCRIPT IN THIS FILE #
- ################################################################################
- # Edit the quoted variables below to meet your own particular needs
- # and requirements, but do not remove the "quote" marks.
- # Be sure to set the appropriate shell for your OS Platform. It's been
- # reported that "sh" works best for BSD variants, "ksh" for Sun Solaris,
- # and "bash" for Linux variants. If you experience problems running the
- # script, please try editing the top line of the script file and changing
- # "sh" to either "ksh" or "bash" before reporting a problem.
- # Set and export the appropriate program paths for your OS platform. Required
- # utilities include: find, xargs, sed, awk, cut, dig, grep, tail, chown, chmod,
- # cmp, diff, gzip, ls, cp, mv, test, gpg, host, sleep, cksum, rsync, curl, perl,
- # and optionally socat. It's been reported that on Sun systems, the GNU utilities
- # should be used rather than the default Sun OS versions of these utilities.
- PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"
- export PATH
- # Set the appropriate ClamD user and group accounts for your system.
- # If you do not want the script to set user and group permissions on
- # files and directories, comment the next two variables.
- clam_user="clamav"
- clam_group="clamav"
- # If you do not want the script to change the file mode of all signature
- # database files in the ClamAV working directory to 0644 (-rw-r--r--):
- #
- # owner: read, write
- # group: read
- # world: read
- #
- # as defined in the "clam_dbs" path variable below, then set the following
- # "setmode" variable to "no".
- setmode="yes"
- # Set path to ClamAV database files location. If unsure, check
- # your clamd.conf file for the "DatabaseDirectory" path setting.
- clam_dbs="/var/lib/clamav"
- # Set path to clamd.pid file (see clamd.conf for path location).
- clamd_pid="/var/run/clamd.pid"
- # To enable "ham" (non-spam) directory scanning and removal of
- # signatures that trigger on ham messages, uncomment the following
- # variable and set it to the appropriate ham message directory.
- #ham_dir="/path/to/ham-test/directory"
- # If you would like to reload the clamd databases after an update,
- # change the following variable to "yes".
- reload_dbs="no"
- # Set the reload or restart option if the "reload_dbs" variable above
- # is set to "yes" (only select 'ONE' of the following variables or the
- # last uncommented variable option will be the one used).
- # - The next variable signals clamd daemon to reload databases (this is the recommended reload option)
- reload_opt="clamdscan --reload" # Default
- # - The next variable signals clamd's Process ID (PID) to reload databases
- #reload_opt="kill -USR2 `cat $clamd_pid`"
- # - The next variable signals linux based systems to do a full clamd service stop/start
- #reload_opt="service clamd restart"
- # - Use the next variable to set a custom or system specific reload/restart option
- #reload_opt=""
- # If running clamd in "LocalSocket" mode (*NOT* in TCP/IP mode), and
- # either "SOcket Cat" (socat) or the "IO::Socket::UNIX" perl module
- # are installed on the system, and you want to report whether clamd
- # is running or not, uncomment the "clamd_socket" variable below (you
- # will be warned if neither socat nor IO::Socket::UNIX are found, but
- # the script will still run). You will also need to set the correct
- # path to your clamd socket file (if unsure of the path, check the
- # "LocalSocket" setting in your clamd.conf file for socket location).
- #clamd_socket="/var/run/clamd.socket"
- # If you would like to attempt to restart ClamD if detected not running,
- # uncomment the next 2 lines. Confirm the path to the "clamd_lock" file
- # (usually can be found in the clamd init script) and also enter the clamd
- # start command for your particular distro for the "start_clamd" variable
- # (the sample start command shown below should work for most linux distros).
- # NOTE: these 2 variables are dependant on the "clamd_socket" variable
- # shown above - if not enabled, then the following 2 variables will be
- # ignored, whether enabled or not.
- #clamd_lock="/var/lock/subsys/clamd"
- #start_clamd="service clamd start"
- # Enable or disable download time randomization. This allows the script to
- # be executed via cron, but the actual database file checking will pause
- # for a random number of seconds between the "min" and "max" time settings
- # specified below. This helps to more evenly distribute load on the host
- # download sites. To disable, set the following variable to "no".
- enable_random="yes"
- # If download time randomization is enabled above (enable_random="yes"),
- # then set the min and max radomization time intervals (in seconds).
- min_sleep_time="60" # Default minimum is 60 seconds (1 minute).
- max_sleep_time="600" # Default maximum is 600 seconds (10 minutes).
- # ========================
- # Sanesecurity Database(s)
- # ========================
- # Add or remove database file names between quote marks as needed. To
- # disable usage of any of the Sanesecurity distributed database files
- # shown, remove the database file name from the quoted section below.
- # To disable usage of all Sanesecurity distributed databases, comment
- # all of the quoted lines below. Only databases defined as "low" risk
- # have been enabled by default (for additional information about the
- # database ratings, see: http://www.sanesecurity.com/clamav/databases.htm).
- # Only add signature databases here that are "distributed" by Sanesecuirty
- # as defined at the URL shown above. Database distributed by others sources
- # (e.g., SecuriteInfo & MalewarePatrol, can be added to other sections of
- # this config file below). Finally, make sure that the database names are
- # spelled correctly or you will experience issues when the script runs
- # (hint: all rsync servers will fail to download signature updates).
- ss_dbs="
- blurl.ndb
- junk.ndb
- jurlbl.ndb
- phish.ndb
- rogue.hdb
- sanesecurity.ftm
- scam.ndb
- sigwhitelist.ign2
- spamattach.hdb
- spamimg.hdb
- winnow.attachments.hdb
- winnow_bad_cw.hdb
- winnow_extended_malware.hdb
- winnow_malware.hdb
- winnow_malware_links.ndb
- bofhland_cracked_URL.ndb
- bofhland_malware_attach.hdb
- bofhland_malware_URL.ndb
- bofhland_phishing_URL.ndb
- crdfam.clamav.hdb
- phishtank.ndb
- porcupine.ndb
- "
- # ========================
- # SecuriteInfo Database(s)
- # ========================
- # Add or remove database file names between quote marks as needed. To
- # disable any SecuriteInfo database downloads, remove the appropriate
- # lines below. To disable all SecuriteInfo database file downloads,
- # comment all of the following lines.
- #si_dbs="
- # honeynet.hdb
- # securiteinfo.hdb
- # securiteinfobat.hdb
- # securiteinfodos.hdb
- # securiteinfoelf.hdb
- # securiteinfohtml.hdb
- # securiteinfooffice.hdb
- # securiteinfopdf.hdb
- # securiteinfosh.hdb
- #"
- # Since the SecuriteInfo databases are only updated a few time each
- # month, set a time interval to do database update checks.
- si_update_hours="4" # Default is 4 hours (6 update checks daily).
- # =========================
- # MalwarePatrol Database(s)
- # =========================
- # Add or remove database file names between quote marks as needed. To
- # disable any of the MalwarePatrol database file downloads, remove the
- # appropriate database file name lines below. To disable MalwarePatrol
- # database downloads, comment all of the following lines.
- #mbl_dbs="
- # mbl.ndb
- #"
- # Since the MalwarePatrol database file is dynamically created,
- # there is no way to test for changes prior to downloading. For this
- # reason, you will need to set a reasonable time interval in "hours"
- # for MBL database file downloads. As shown below, this has been
- # set to update every "6" hours, which seems appropriate (that's 4
- # file downloads per day) Change only if you REALLY feel you must.
- # However, I would not suggest going below every 4 hour lest you risk
- # being blacklisted by the MalwarePatrol site.
- mbl_update_hours="6" # Default is 6 hours (4 downloads daily).
- # Additional signature databases can be specified here in the following
- # format: PROTOCOL://URL-or-IP/PATH/TO/FILE-NAME (use a trailing "/" in
- # place of the "FILE-NAME" to download all files from specified location,
- # but this *ONLY* works for files downloaded via rsync). For non-rsync
- # downloads, curl is used. For download protocols supported by curl, see
- # "man curl". This also works well for locations that have many ClamAV
- # servers that use 3rd party signature databases, as only one server need
- # download the remote databases, and all others can update from the local
- # mirror's copy. See format examples below. To use, remove the comments
- # and examples shown and add your own sites between the quote marks.
- #add_dbs="
- # rsync://192.168.1.50/new-db/sigs.hdb
- # rsync://rsync.example.com/all-dbs/
- # ftp://ftp.example.net/pub/sigs.ndb
- # http://www.example.org/sigs.ldb
- #"
- # Set rsync connection and data transfer timeout limits in seconds.
- # The defaults settings here are reasonable, only change if you are
- # experiencing timeout issues.
- rsync_connect_timeout="15"
- rsync_max_time="60"
- # Set curl connection and data transfer timeout limits in seconds.
- # The defaults settings here are reasonable, only change if you are
- # experiencing timeout issues.
- curl_connect_timeout="15"
- curl_max_time="90"
- # Set working directory paths (edit to meet your own needs). If these
- # directories do not exist, the script will attempt to create them.
- # Top level working directory path:
- work_dir="/usr/unofficial-dbs" #Top level working directory
- # Sub-directory names:
- ss_dir="$work_dir/ss-dbs" # Sanesecurity sub-directory
- si_dir="$work_dir/si-dbs" # SecuriteInfo sub-directory
- mbl_dir="$work_dir/mbl-dbs" # MalwarePatrol sub-directory
- config_dir="$work_dir/configs" # Script configs sub-directory
- gpg_dir="$work_dir/gpg-key" # Sanesecurity GPG Key sub-directory
- add_dir="$work_dir/add-dbs" # User defined databases sub-directory
- # If you would like to make a backup copy of the current running database
- # file before updating, leave the following variable set to "yes" and a
- # backup copy of the file will be created in the production directory
- # with -bak appended to the file name.
- keep_db_backup="no"
- # If you want to silence the information reported by curl, rsync, gpg
- # or the general script comments, change the following variables to
- # "yes". If all variables are set to "yes", the script will output
- # nothing except error conditions.
- curl_silence="no" # Default is "no" to report curl statistics
- rsync_silence="no" # Default is "no" to report rsync statistics
- gpg_silence="no" # Default is "no" to report gpg signature status
- comment_silence="no" # Default is "no" to report script comments
- # Log update information to '$log_file_path/$log_file_name'.
- enable_logging="yes"
- log_file_path="/var/log"
- log_file_name="clamav-unofficial-sigs.log"
- # If necessary to proxy database downloads, define the rsync and/or curl
- # proxy settings here. For rsync, the proxy must support connections to
- # port 873. Both curl and rsync proxy setting need to be defined in the
- # format of "hostname:port". For curl, also note the -x and -U flags,
- # which must be set as "-x hostname:port" and "-U username:password".
- rsync_proxy=""
- curl_proxy=""
- # After you have completed the configuration of this file, set the
- # following variable to "yes".
- user_configuration_complete="yes"
- ################################################################################
- # END OF USER CONFIGURATION #
- ################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement