Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sanesecurity: no mirrors found, using rsync? #401

Open
otheus opened this issue Dec 7, 2021 · 7 comments
Open

sanesecurity: no mirrors found, using rsync? #401

otheus opened this issue Dec 7, 2021 · 7 comments

Comments

@otheus
Copy link

otheus commented Dec 7, 2021
edited
Loading 

Checking for Sanesecurity updates...
No Sanesecurity mirror sites found - Check for dns/connectivity issues

What's the correct protocol?
@micah
Copy link

micah commented Feb 7, 2022

Failed connection to https://www.securiteinfo.com/get/signatures - SKIPPED SecuriteInfo securiteinfopdf.hdb update

If you go to https://www.securiteinfo.com/get/signatures it is a 404, and if you go to https://www.securiteinfo.com/get it is also a 404

@micah
Copy link

micah commented Feb 7, 2022

It appears to be a (paid) service now: https://www.securiteinfo.com/services-cybersecurite/anti-spam-anti-virus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml?lg=en

@micah
Copy link

micah commented Feb 7, 2022

According to the clamav-unofficial-sigs configuration file:

# Usage of SecuriteInfo 2015 free clamav signatures : https://www.securiteinfo.com
# - 1. Sign up for a free account : https://www.securiteinfo.com/clients/customers/signup
# - 2. You will recieve an email to activate your account and then a followup email with your login name
# - 3. Login and navigate to your customer account : https://www.securiteinfo.com/clients/customers/account
# - 4. Click on the Setup tab
# - 5. You will need to get your unique identifier from one of the download links, they are individual for every user
# - 5.1. The 128 character string is after the http://www.securiteinfo.com/get/signatures/
# - 5.2. Example https://www.securiteinfo.com/get/signatures/your_unique_and_very_long_random_string_of_characters/securiteinfo.hdb
#   Your 128 character authorisation signature would be : your_unique_and_very_long_random_string_of_characters
# - 6. Enter the authorisation signature into the config securiteinfo_authorisation_signature: replacing YOUR-SIGNATURE-NUMBER with your authorisation signature from the link

securiteinfo_authorisation_signature="YOUR-SIGNATURE-NUMBER"
# Enable if you have a commercial/premium/non-free subscription
securiteinfo_premium="no"

@offbytwo
Copy link

offbytwo commented Mar 3, 2022 

Checking for Sanesecurity updates...
No Sanesecurity mirror sites found - Check for dns/connectivity issues

Same problem here.
Did you solve the problem?

@offbytwo
Copy link

offbytwo commented Mar 3, 2022

Same problem here.
Did you solve the problem?

Ok I could solve the problem.

Seems that "dig" which is used for getting the mirrors for Sanesecurity is not working as the script expects it on some distros. This fact seems to be known by the author of the script and for that he implemented a fallback using "host" command instead. This fallback could be enabled by setting "force_host" to "yes" in your config.

However the logic in the script for this is broken. If you add the dig_bin="" line as seen in the code below it works as expected. I'm not very familiar with git so maybe someone else could add this fix in an appropriate way

if [ -z "$dig_bin" ] || [ "$force_host" == "yes" ] ; then
    if [ -z "$host_bin" ] ; then
        host_bin="$(command -v host 2> /dev/null)"
        dig_bin=""
        if [ -z "$host_bin" ] ; then
            xshok_pretty_echo_and_log "ERROR: both host (host_bin) and dig (dig_bin) commands are missing, One of them is required"
            exit 1
        fi
    elif [[ "$host_bin" =~ "/" ]] ; then
        if [ ! -x "$host_bin" ] ; then
            xshok_pretty_echo_and_log "ERROR: host_bin (${host_bin}) is not executable"
            exit 1
        fi
    fi
else
    host_bin=""
    force_host="no"
fi

@nerijus
Copy link

nerijus commented Mar 3, 2022
edited
Loading

Please post diff -u or git diff output in order for us to see the changes.

@offbytwo
Copy link

offbytwo commented Mar 3, 2022
edited
Loading

Please post diff -u or git diff output in order for us to see the changes.

Here is the diff

--- /var/tmp/clamav-unofficial-sigs.sh  2021-03-20 03:49:21.000000000 +0100
+++ clamav-unofficial-sigs.sh   2022-03-03 12:32:15.269480326 +0100
@@ -2109,6 +2109,7 @@
 if [ -z "$dig_bin" ] || [ "$force_host" == "yes" ] ; then
     if [ -z "$host_bin" ] ; then
         host_bin="$(command -v host 2> /dev/null)"
+        dig_bin=""
         if [ -z "$host_bin" ] ; then
             xshok_pretty_echo_and_log "ERROR: both host (host_bin) and dig (dig_bin) commands are missing, One of them is required"
             exit 1
@@ -2117,7 +2118,6 @@
         if [ ! -x "$host_bin" ] ; then
             xshok_pretty_echo_and_log "ERROR: host_bin (${host_bin}) is not executable"
             exit 1
-
         fi
     fi
 else

Problem was that if "dig" is installed on computer but produces empty results the original implementation fails

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@micah @nerijus @otheus @offbytwo