How do we update ClamAV definitions

We have a system on an isolated network. We are running ClamAV.

How do we download the (ClamAV virus definitions) .cvd files or whatever they are called so that we can put them on media (USB memory stick, CD/DVD)?

Hi @warron.french,

Download with a browser (I used FF, it doesn’t work with wget) the following three files:

http://database.clamav.net/main.cvd
http://database.clamav.net/daily.cvd
same link /bytecode.cvd

(sorry for the last one, but as a new user I’m not allowed to put more than 2 links in a post)

Copy them on /var/lib/clamav (hint: take care to not use “preserve attributes” of the files on the USB stick when overwriting the existing ones on the system).

Regards,
Bogdan

1 Like

@bogdan_ro , thank you. I will try this at work.

@bogdan_ro , can you tell me how often ClamAV updates those 3 definition files, if you know?

More specifically is it at least once per week, or generally once every 2 weeks?
Since they are not a big brand name like McAfee, Symantec, etc… what is their rhythm for updating those CVD files?

Thanks in advance,
Warron

Hi @warron.french,

It’s actually daily… Hence the name of one of the 3 files “daily.cvd”.

However, as long as the system is isolated from the internet, I would say it’s OK from a security point of view to update less frequently the antivirus definitions.

Or, if you really need a daily update, a solution would be to write an udev rule to match a specific partition label of a USB stick containing the update files (and execute a script to update the antivirus files) automatically when you insert a specific USB key, without the need to do these operations by hand (login, mount USB stick, overwrite files, unmount, etc…).

Regards,
Bogdan