ClamAV for Solaris

https://www.opencsw.org/packages/CSWclamav/

From above url, seems like we can't download ClamAV for
Solaris x86 directly : had to use the command:
  pkgadd -d http://get.opencsw.org/now
  /opt/csw/bin/pkgutil -U
  /opt/csw/bin/pkgutil -y -i clamav

I don't have a Solaris box that internet facing.

Anyone has the package?
sunhuxAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sunhuxAuthor Commented:
When I tried to email the maintainer of CSW site, I kept getting "captcha invalid" tho I'm not prompted to enter the captcha
sunhuxAuthor Commented:
https://lists.gt.net/clamav/users/71261
Someone in the userlist suggest to build a virtualbox on laptop, install Solaris
& pkgutil to download & then transfer the pkg out : quite a long way for me,
so I'd still prefer to have a ready-to-use compiled pkg
btanExec ConsultantCommented:
May consider to explore
> I have no servers that are ever allowed to access the internet.  Is there a way to download the pkg file not using pkgutil?

wget and many others will do it, the package file is just on a URL.


Start here:
http://rsync.opencsw.org/opencsw/

Choose a file, eg:
http://rsync.opencsw.org/opencsw/testing/sparc/5.10/clamav-0.99.2%2cREV%3d2016.09.29-SunOS5.10-sparc-CSW.pkg.gz

Download to anywhere, eg, your home machine.

Transfer to your server by any means, eg, USB stick, CD, floppy, local network, etc.

You'll need its 10 dependencies too.
https://www.opencsw.org/packages/CSWclamav/


See also:
https://www.opencsw.org/manual/for-administrators/no-internet-access.html#no-internet-access
http://lists.clamav.net/pipermail/clamav-users/2017-November/005379.html

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

sunhuxAuthor Commented:
Start here:  <== guess this is using browser, won't need an rsync tool on WIndows
http://rsync.opencsw.org/opencsw/

Navigating the above to i386 (not using Sparc), found it for Solaris 10;  will i386 work for x64?  I'll still test it out:
  clamav-0.100.1,REV=2018.07.10-SunOS5.10-i386-CSW.pkg.gz

The signature file is rather outdated;  is there a place that gives latest ClamAV's signature file?  Can other platforms
(eg: Linux) signature be used for Solaris x86 ?


Sidenote:
Url below gives "Http 404 Not Found" :
http://rsync.opencsw.org/opencsw/testing/sparc/5.10/clamav-0.99.2%2cREV%3d2016.09.29-SunOS5.10-sparc-CSW.pkg.gz
btanExec ConsultantCommented:
Better to test out though ARCH: i386, CPU: i386 as compared to ARCH: x86_64, CPU: x86_64
https://www.opencsw.org/community/questions/92/installing-without-direct-internet-access

the download of signature pls see https://blog.clamav.net/2018/
sunhuxAuthor Commented:
Thanks.

For RHEL, i386 is a different architecture from x86_64.
Somehow, have not seen any x86_64 for ClamAV, only Sparc & i386  or have you seen one for x86_64?
sunhuxAuthor Commented:
https://blog.clamav.net/2018/

Link above seems to share the method of getting signatures via FreshClam
btanExec ConsultantCommented:
See this and mainly on Unix family including Arch Linux, Centos, Fedora
https://rpmfind.net/linux/rpm2html/search.php?query=clamav
https://pkgs.org/download/clamav
sunhuxAuthor Commented:
https://www.clamav.net/downloads
Got the signature databases (main, daily & bytecode.cvd) under "Virus Database" in above url.


http://rsync.opencsw.org/opencsw/testing/
Link above only gives 2 architecture options: i386 & Sparc
btanExec ConsultantCommented:
Use fresh clam for signature

I’m running ClamAV on a lot of clients on my local network. Can I serve the cvd files from a local server so that each client doesn’t have to download them from your servers?
Sure, you can find more details on our Mirror page.

If you want to take advantage of incremental updates, install a proxy server and then configure your freshclam clients to use it (watch for the HTTPProxyServer parameter in man freshclam.conf).

The second possible solution is to:

Configure a local webserver on one of your machines (say machine1.mylan)

Let freshclam download the *.cvd files from http://database.clamav.net to the webserver’s DocumentRoot.

Finally, change freshclam.conf on your clients so that it includes:

DatabaseMirror machine1.mylan

ScriptedUpdates off

First the database will be downloaded to the local webserver and then the other clients on the network will update their copy of the database from it.

Important: For this to work, you have to add ScriptedUpdates off on all of your machines!

I can’t wait for you to update the database! I need to use the new signature NOW!
No problem, save your own signatures in a text file with the appropriate extension. Put it in the same dir where the .cvd files are located. ClamAV will load it after the official .cvd files. You need not to sign the .db file .

Can I download the virusdb manually?
Yes, the virusdb can be downloaded from the Latest releases section on our home page.

https://www.clamav.net/documents/clamav-virus-database-faq
btanExec ConsultantCommented:
That is best that you can get in public store
sunhuxAuthor Commented:
Thanks very much.

>save your own signatures in a text file with the appropriate extension.
How does the above work?
sunhuxAuthor Commented:
For the dependent packages required as indicated by
  https://www.opencsw.org/packages/CSWclamav/  ,

common : it can only locate the i386 package for SunOS 5.8 in url below but what's needed is for SunOS 5.10
  http://rsync.opencsw.org/opencsw/testing/i386/5.10/

Likewise for
libbz2_1_0 : can only locate for SunOS 5.9
btanExec ConsultantCommented:
For signature
save your own signatures in a text file with the appropriate extension
see this for more detail
CVD (ClamAV Virus Database) is a digitally signed container that includes signature
databases in various text formats.

Hash-based signatures
The easiest way to create signatures for ClamAV is to use filehash checksums,
however this method can be only used against static malware.

MD5 hash-based signatures
To create a MD5 signature for test.exe use the --md5 option of sigtool:
zolw@localhost:/tmp/test$ sigtool --md5 test.exe > test.hdb
zolw@localhost:/tmp/test$ cat test.hdb
48c4533230e1ae1c118c741c0db19dfb:17387:test.exe

That’s it! The signature is ready for use:
zolw@localhost:/tmp/test$ clamscan -d test.hdb test.exe
test.exe: test.exe FOUND

You can change the name (by default sigtool uses the name of the file) and place
it inside a *.hdb file. A single database file can include any number of signatures.
To get them automatically loaded each time clamscan/clamd starts just copy the
database file(s) into the local virus database directory (eg. /usr/local/share/clamav).
- https://github.com/Cisco-Talos/clamav-faq/blob/master/manual/signatures.pdf
btanExec ConsultantCommented:
seems no latest package
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.