Stowage/clamav
2
0
Fork 0
mirror of https://github.com/Cisco-Talos/clamav.git synced 2025-10-29 23:20:54 +00:00
Code Issues Projects Releases Packages Wiki Activity
10273 commits 35 branches 233 tags 198 MiB
Commit graph

184 commits

Author SHA1 Message Date
Micah Snyder
cd2f2975b9 Docs: Warn against running untrusted bytecode 
Add notices to man pages and help strings cautioning against running
bytecode signatures from untrusted sources.

Also adds missing BytecodeUnsigned option to clamd.conf.sample files.
 2020-07-09 15:38:15 -07:00
Micah Snyder
dac084fb91 bb10979: clamd multi-threaded database reload #2 
Add clamd config option to force blocking clamd database reload to
conserve RAM. Users may set `ConcurrentDatabaseReload no` in their
clamd.conf config file to force a blocking reload.

The blocking mode will still perform the reload in a new thread, but
will first free the current database, wait for scans targeting that
database to complete, and then load the new database in the new thread
and wait (`pthread_join()`) on that thread. Once loaded, any pending
scans will continue. This is effectively the same behavior as how
clamd reloads worked before the multi-threaded database reload feature
was added.
 2020-07-01 22:06:15 -07:00
John Schember
a6a355629d Add DLP feature to detect credit cards only 
Add Data-Loss-Prevention option to detect credit cards only, excluding
debit and private label cards where possible.

You can select the credit card-only DLP mode for clamscan with the
`--structured-cc-mode` command-line option.

You can select the credit card-only DLP mode for clamd with the
`StructuredCCOnly` clamd.conf config option.

This patch also adds credit card matching for additional vendors:
- Mastercard 2016
- China Union Pay
- Discover 2009
 2020-04-29 13:55:25 -07:00
Micah Snyder (micasnyd)
6e17eb5e97 Adds missing clamscan --max-scantime documentation 2020-04-01 17:21:46 -07:00
Micah Snyder (micasnyd)
f5d465a864 bb12500: [docs] freshclam ReceiveTimeout clarity 2020-03-13 09:26:13 -07:00
Tuomo Soini
2fd28e1d09 freshclam: change default of ReceiveTimeout to 0 
This fixes issues in cvd download when network speed is slow.
Setting is passed to libcurl CURLOPT_TIMEOUT. Original default of 60s
was not enough if network speed is limited. Curl handles this as
total time for http(s) transfer.

https://curl.haxx.se/libcurl/c/CURLOPT_TIMEOUT.html

Also change commented out setting of ReceiveTimeout on example configs
to somewhat sensible value (1800s).

Signed-off-by: Tuomo Soini <tis@foobar.fi>
 2020-01-28 08:15:11 -08:00
Mickey Sola
2b4b18045c clamonacc - update conf and manpage 2019-10-02 16:08:28 -04:00
Micah Snyder (micasnyd)
cb9b09afa9 bb12043, bb12302: Adds --foreground freshclam option to help and manpage, some other documentation tweaks. 2019-10-02 16:08:23 -04:00
Micah Snyder
06e3c1c896 Increased default freshclam receive timeout from 30 sec to 60 sec. Set default DatabaseMirror back to database.clamav.net, now that TLS/SSL is enabled on the mirrors that back the CDN. Some other updates to the man pages that were missing from previous changes. 2019-10-02 16:08:23 -04:00
Micah Snyder
f212a6365a Adjusted clambc page to remove copyright dates from credit wording. 2019-10-02 16:08:21 -04:00
Micah Snyder
29b6da0213 bb12227: Patch to adjust the default CommandReadTimeout to reduce the chance of mail loss when using clamav-milter with the TCP socket. Contribution by Scott Kitterman. 2019-10-02 16:08:17 -04:00
Micah Snyder
a6165cd487 bb12151: Added --foreground to clamd help output and man page. Also correcting the default bytecode timeout in the clamscan man page. 2018-12-02 23:07:06 -05:00
Micah Snyder (micasnyd)
f61e92da8f Changing numerous scan options' names, primarily those of heuristic signatature alert options. Original options (command line and clamd) will remain as deprecated & undocumented for a couple releases. Added 2 extra scan options to allow users to differentiate between alerting on encrypted archives vs encrypted documents (bb11911). 2018-12-02 23:06:59 -05:00
Micah Snyder
f67a9b7508 bb12118: Lowering the default PCRERecMatchLimit from 5000 to 2000, to minimize risk of segfault due to bug in older versions of libpcre/libpcrev2. 2018-12-02 23:06:58 -05:00
Micah Snyder
964a1e7321 Converting http urls to https urls. Primary focus was on clamav.net urls. I updated a couple others and fixes a few broken links as well. There are many (non-clamav.net) urls I didn't address, especially in 3rd party or contrib code. 2018-04-02 07:58:33 -04:00
Josh Soref
7cd9337a70 Spelling Adjustments (#30) 
* spelling: accessed

* spelling: alignment

* spelling: amalgamated

* spelling: answers

* spelling: another

* spelling: acquisition

* spelling: apitid

* spelling: ascii

* spelling: appending

* spelling: appropriate

* spelling: arbitrary

* spelling: architecture

* spelling: asynchronous

* spelling: attachments

* spelling: argument

* spelling: authenticode

* spelling: because

* spelling: boundary

* spelling: brackets

* spelling: bytecode

* spelling: calculation

* spelling: cannot

* spelling: changes

* spelling: check

* spelling: children

* spelling: codegen

* spelling: commands

* spelling: container

* spelling: concatenated

* spelling: conditions

* spelling: continuous

* spelling: conversions

* spelling: corresponding

* spelling: corrupted

* spelling: coverity

* spelling: crafting

* spelling: daemon

* spelling: definition

* spelling: delivered

* spelling: delivery

* spelling: delimit

* spelling: dependencies

* spelling: dependency

* spelling: detection

* spelling: determine

* spelling: disconnects

* spelling: distributed

* spelling: documentation

* spelling: downgraded

* spelling: downloading

* spelling: endianness

* spelling: entities

* spelling: especially

* spelling: empty

* spelling: expected

* spelling: explicitly

* spelling: existent

* spelling: finished

* spelling: flexibility

* spelling: flexible

* spelling: freshclam

* spelling: functions

* spelling: guarantee

* spelling: hardened

* spelling: headaches

* spelling: heighten

* spelling: improper

* spelling: increment

* spelling: indefinitely

* spelling: independent

* spelling: inaccessible

* spelling: infrastructure

Conflicts:
	docs/html/node68.html

* spelling: initializing

* spelling: inited

* spelling: instream

* spelling: installed

* spelling: initialization

* spelling: initialize

* spelling: interface

* spelling: intrinsics

* spelling: interpreter

* spelling: introduced

* spelling: invalid

* spelling: latency

* spelling: lawyers

* spelling: libclamav

* spelling: likelihood

* spelling: loop

* spelling: maximum

* spelling: million

* spelling: milliseconds

* spelling: minimum

* spelling: minzhuan

* spelling: multipart

* spelling: misled

* spelling: modifiers

* spelling: notifying

* spelling: objects

* spelling: occurred

* spelling: occurs

* spelling: occurrences

* spelling: optimization

* spelling: original

* spelling: originated

* spelling: output

* spelling: overridden

* spelling: parenthesis

* spelling: partition

* spelling: performance

* spelling: permission

* spelling: phishing

* spelling: portions

* spelling: positives

* spelling: preceded

* spelling: properties

* spelling: protocol

* spelling: protos

* spelling: quarantine

* spelling: recursive

* spelling: referring

* spelling: reorder

* spelling: reset

* spelling: resources

* spelling: resume

* spelling: retrieval

* spelling: rewrite

* spelling: sanity

* spelling: scheduled

* spelling: search

* spelling: section

* spelling: separator

* spelling: separated

* spelling: specify

* spelling: special

* spelling: statement

* spelling: streams

* spelling: succession

* spelling: suggests

* spelling: superfluous

* spelling: suspicious

* spelling: synonym

* spelling: temporarily

* spelling: testfiles

* spelling: transverse

* spelling: turkish

* spelling: typos

* spelling: unable

* spelling: unexpected

* spelling: unexpectedly

* spelling: unfinished

* spelling: unfortunately

* spelling: uninitialized

* spelling: unlocking

* spelling: unnecessary

* spelling: unpack

* spelling: unrecognized

* spelling: unsupported

* spelling: usable

* spelling: wherever

* spelling: wishlist

* spelling: white

* spelling: infrastructure

* spelling: directories

* spelling: overridden

* spelling: permission

* spelling: yesterday

* spelling: initialization

* spelling: intrinsics

* space adjustment for spelling changes

* minor modifications by klin
 2018-02-27 22:00:09 -05:00
Micah Snyder
e098cdc557 Updating help strings, to include a couple missing items as well as copyrights. updating man page files as well. 2018-02-14 12:08:36 -05:00
Micah Snyder
a1da16eee7 bb11025: Correcting PUA URL in man pages and shared optparser. 2018-02-08 16:00:09 -05:00
James Ralston
39bd083cbc bb11978 - onas: document limitations of OnAccessExcludeRootUID and 
OnAccessExcludeUID.
 2017-12-14 12:30:07 -05:00
James Ralston
15596b1060 bb11978 - onas: onas_fan_checkowner(): distinguish EACCES and ENOENT 
stat() failures; clean up documentation.
 2017-12-14 12:29:55 -05:00
Micah Snyder
22880de038 eliminating additional option references to stat collection and submission until such time as a new stats website and associated clamav code is ready. 2017-10-24 13:38:37 -04:00
Steven Morgan
dc30ba752d bb11910 - remove DetectionStatsHostID. 2017-10-18 16:46:58 -04:00
Mickey Sola
7a85da5c9a increasing size of pcre match limit 2017-03-01 16:19:17 -05:00
Steven Morgan
5c8660107f bb11548 fix clamsubmit. 2017-02-07 13:27:15 -05:00
Steven Morgan
166174bcf0 pull request #53(1/4): Spelling fix by klemens(ka7). 2016-10-19 12:26:33 -04:00
Steven Morgan
52de2fab0d bb17595 - man page improvements. 2016-10-18 15:47:42 -04:00
Steven Morgan
e7dfe57d3a bb11522 - additional block-max w.i.p. : clamd, man pages. 2016-09-20 17:45:40 -04:00
Mickey Sola
2ea4230df2 bb11557 - drop AllowSupplementaryGroups option and make it default, patch by Sebastian A. Siewior 2016-06-09 10:40:38 -04:00
Steven Morgan
ce6becd511 bb11471 - add clamscan parameter --normalize=no for yara compatibility. 2016-06-02 18:09:25 -04:00
Steven Morgan
c18363244b bb1436 - clamscan 'block-macros' option. Patch by Kai Risku. 2016-03-10 18:26:33 -05:00
Kevin Lin
ea9ffd291b add scanning options for scanning xml-based documents (MSXML, OOXML, HWPML) and HWP3 2016-02-02 14:23:19 -05:00
Kevin Lin
731c8e6213 hwp3.x: add support for maximum recursive calls to hwp3 parsing 2016-01-19 14:28:48 -05:00
Steven Morgan
3af457257c bb11467 - fix embedded http links. 2016-01-05 13:13:47 -05:00
Steven Morgan
779c0fdc9a Usage message and man page updates for the clamscan --disable-cache option. 2015-12-21 16:50:33 -05:00
Mickey Sola
f89b94df9d man: updating clamd.conf man page entry with new onas info 2015-10-01 16:02:32 -04:00
Steven Morgan
4de9676764 Fix clamscan and clamd.conf man page web links for PUA categories. 2015-06-12 15:26:15 -04:00
Steven Morgan
a80453e6e9 Merge master to features/yara. 2015-05-01 18:36:48 -04:00
Steven Morgan
fe0f7c3845 remove obsolete parameters from the clamd.conf man page: MailMaxRecursion, ArchiveMaxFileSize, ArchiveMaxRecursion, ArchiveMaxFiles, ArchiveMaxCompressionRatio, ArchiveBlockMax, ArchiveLimitMemoryUsage, Clamuko*. 2015-02-27 16:54:55 -05:00
Kevin Lin
c94a95b821 updated documentation on '--statistics' option 2015-02-19 12:47:20 -05:00
Kevin Lin
1c4ee73052 fixed a mistake for pcre options in manpages 2015-02-05 09:09:25 -08:00
Kevin Lin
877bca9b3e updated PCRE functionality documentation 2015-02-05 08:31:52 -08:00
Kevin Lin
dced100201 bb#11224 - fixed typo in man page and help message 2014-12-12 17:10:10 -05:00
Shawn Webb
b67f7cf434 Clean up clamsubmit manpage 2014-12-01 09:57:44 -05:00
Kevin Lin
4ecb4cb228 bb#11133+bb#11134 - corrected issues in manpages 2014-10-06 14:14:17 -04:00
Kevin Lin
1a7ce1e137 clambc: changed trace to use T, updated docs 2014-10-02 16:49:32 -04:00
Kevin Lin
8d170d58cc bb#11094+11097 - update help message, manpage, and optparser message of clambc options 2014-09-22 17:12:34 -04:00
Steven Morgan
72b4ce4d9d Apply patch from Scott Kitterman to correctly escape dashes in sigtool and clamsubmit man pages 2014-09-17 21:44:31 -04:00
Kevin Lin
2351862119 updated clambc manpage documentation 2014-09-05 10:36:54 -04:00
Joel Esler
00fb0d9118 Fixed broken links. 
Across the whole of the product.
 2014-09-02 11:29:35 -04:00
Steven Morgan
43fcdb4cea bb#10681 fix speling and gramer errers pointed by uesr. 2014-05-19 16:48:46 -04:00