ClamAV new third Party Signatures in new dev version - ready for testing!

[opnsenseuser]

@mimugmail has added new third-party signatures to clamav and these are now included in the latest dev version.
this should significantly improve the detection rate :-)

would be great if someone could test this!

Thank you
Thx @ mimugmail for the Great work!
https://github.com/opnsense/plugins/issues/1162#issuecomment-462792936

install using:

Code: [Select]

pkg install os-clamav-devel

Regards

[fightingmasta]

Hi,

I installed it with: "pkg install os-clamav-devel" and activated all of the third-party signatures.
I've tried some urls from urlhaus, the detection rate seems to be much better!

Regards,
Stefan

[opnsenseuser]

I tried some Tests from sanesecurity but had no luck.

Would be Great if you could Tell me and all others how you tested it!

Thx for your support

Regards

[fightingmasta]

I tried some urls from here: https://urlhaus.abuse.ch/browse/
Unnecessary to told you, try at your own risk. 

Regards,
Stefan

[opnsenseuser]

I tried some urls from here: https://urlhaus.abuse.ch/browse/
Unnecessary to told you, try at your own risk. 

Regards,
Stefan

my first test works just fine, because even the main page https://urlhaus.abuse.ch/browse/ is already blocked by the C-ICAP server. see the screenshot

[fightingmasta]

@opnsenseuser: Yes, with activated SSL inspection, the main page will also be blocked. I've then deactivated SSL inspection temporary to test some URLs in the urlhaus database.