LINUX – ClamAV Unofficial Signatures Updater

The clamav-unofficial-sigs script provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol. The package also contains cron, logrotate, and man files.

https://github.com/extremeshok/clamav-unofficial-sigs

The “original” script deployed via apt-get or yum is outdated and generates many error messages mainly because some of the DBs are no longer free and require account setup in order to download the files.

Clamscan reports SecuriteInfo database integrity problems

For the last few day I was getting email from my email server with the following content:

Clamscan reports SecuriteInfo honeynet.hdb database integrity tested BAD - SKIPPING
 rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/honeynet.hdb" failed: No such file or directory (2)
 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1183) [sender=3.1.1]
 Failed to successfully update SecuriteInfo production database file: honeynet.hdb - SKIPPING
 Clamscan reports SecuriteInfo securiteinfobat.hdb database integrity tested BAD - SKIPPING
 rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/securiteinfobat.hdb" failed: No such file or directory (2)
 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1183) [sender=3.1.1]
 Failed to successfully update SecuriteInfo production database file: securiteinfobat.hdb - SKIPPING
 Clamscan reports SecuriteInfo securiteinfodos.hdb database integrity tested BAD - SKIPPING
 rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/securiteinfodos.hdb" failed: No such file or directory (2)
 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1183) [sender=3.1.1]
 Failed to successfully update SecuriteInfo production database file: securiteinfodos.hdb - SKIPPING
 Clamscan reports SecuriteInfo securiteinfoelf.hdb database integrity tested BAD - SKIPPING
 rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/securiteinfoelf.hdb" failed: No such file or directory (2)
 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1183) [sender=3.1.1]
 Failed to successfully update SecuriteInfo production database file: securiteinfoelf.hdb - SKIPPING
 Clamscan reports SecuriteInfo securiteinfooffice.hdb database integrity tested BAD - SKIPPING
 rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/securiteinfooffice.hdb" failed: No such file or directory (2)
 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1183) [sender=3.1.1]
 Failed to successfully update SecuriteInfo production database file: securiteinfooffice.hdb - SKIPPING
 Clamscan reports SecuriteInfo securiteinfopdf.hdb database integrity tested BAD - SKIPPING
 rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/securiteinfopdf.hdb" failed: No such file or directory (2)
 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1183) [sender=3.1.1]
 Failed to successfully update SecuriteInfo production database file: securiteinfopdf.hdb - SKIPPING
 Clamscan reports SecuriteInfo securiteinfosh.hdb database integrity tested BAD - SKIPPING
 rsync: link_stat "/var/cache/clamav-unofficial-sigs/si-dbs/securiteinfosh.hdb" failed: No such file or directory (2)
 rsync error: some files/attrs were not transferred (see previous errors) (code 23) at main.c(1183) [sender=3.1.1]
 Failed to successfully update SecuriteInfo production database file: securiteinfosh.hdb - SKIPPING

as per the: http://lurker.clamav.net/message/20150423.072453.3394b584.en.html I edited my /usr/share/clamav-unofficial-sigs/conf.d/00-clamav-unofficial-sigs.conf file and commented out this bit:

# ========================
 # SecuriteInfo Database(s)
 # ========================
 # Add or remove database file names between quote marks as needed. To
 # disable any SecuriteInfo database downloads, remove the appropriate
 # lines below. To disable all SecuriteInfo database file downloads,
 # comment all of the following lines.
 #si_dbs="
 #honeynet.hdb
 #securiteinfo.hdb
 #securiteinfobat.hdb
 #securiteinfodos.hdb
 #securiteinfoelf.hdb
 #securiteinfohtml.hdb
 #securiteinfooffice.hdb
 #securiteinfopdf.hdb
 #securiteinfosh.hdb
 #"