services/homelab
1
1
Fork 0
Code Issues 5 Pull Requests Actions Packages Projects Releases Wiki Activity

add clamav ignore signatures notes

Browse Source
This commit is contained in:
Reese Wells
2025-11-18 09:56:44 -05:00
parent d9ed144578
commit 5161dced6e
1 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
active/software_clamav/clamav.md
View File

@@ -6,6 +6,7 @@
- [Selinux](#selinux) - [Selinux](#selinux)
- [On Access Scanning](#on-access-scanning) - [On Access Scanning](#on-access-scanning)
- [Testing](#testing) - [Testing](#testing)
- [Ignore Signatures](#ignore-signatures)
<https://wiki.archlinux.org/title/ClamAV> <https://wiki.archlinux.org/title/ClamAV>
@@ -162,4 +163,19 @@ cd ~/Downloads/
wget https://secure.eicar.org/eicar.com.txt wget https://secure.eicar.org/eicar.com.txt
# This should not work # This should not work
cat eicar.com.txt cat eicar.com.txt
``` ```
## Ignore Signatures
<https://docs.clamav.net/faq/faq-ignore.html>
```bash
# Create the ignore list
cd /var/lib/clamav
touch ignore_list.ign2
```
Then add an ignore, like `PUA.Win.Trojan.Xored-1` which is a [known false
positive](https://github.com/jensyt/imurmurhash-js/issues/1).
Then `systemctl restart clamd@scan`.