From 84d9a02aa56dbc10d99f9dcc563d5cfa6dd7adf6 Mon Sep 17 00:00:00 2001 From: Micah Snyder Date: Sat, 7 Apr 2018 18:57:24 -0400 Subject: [PATCH] Cleaning up docs directory, updating some of the documentation. --- docs/BasePackage.md | 36 ------ docs/Introduction.md | 85 ------------ ...amAntiVirusUserManual.md => UserManual.md} | 15 +-- docs/UserManual/BasePackage.md | 2 + docs/{ => UserManual}/Configuration.md | 0 docs/{ => UserManual}/Installation.md | 9 +- docs/UserManual/Introduction.md | 122 ++++++++++++++++++ docs/{ => UserManual}/PhishSigs.md | 0 docs/{ => UserManual}/Signatures.md | 0 docs/{ => UserManual}/Usage.md | 0 docs/{ => UserManual}/libclamav.md | 0 11 files changed, 139 insertions(+), 130 deletions(-) delete mode 100644 docs/BasePackage.md delete mode 100644 docs/Introduction.md rename docs/{ClamAntiVirusUserManual.md => UserManual.md} (71%) create mode 100644 docs/UserManual/BasePackage.md rename docs/{ => UserManual}/Configuration.md (100%) rename docs/{ => UserManual}/Installation.md (96%) create mode 100644 docs/UserManual/Introduction.md rename docs/{ => UserManual}/PhishSigs.md (100%) rename docs/{ => UserManual}/Signatures.md (100%) rename docs/{ => UserManual}/Usage.md (100%) rename docs/{ => UserManual}/libclamav.md (100%) diff --git a/docs/BasePackage.md b/docs/BasePackage.md deleted file mode 100644 index ce45e9296..000000000 --- a/docs/BasePackage.md +++ /dev/null @@ -1,36 +0,0 @@ -# Base package - -## Supported platforms - -Clam AntiVirus is highly cross-platform. The development team cannot test every OS, so have chosen to test ClamAV using the two most recent Long Term Support (LTS) versions of each of the most popular desktop operating systems. Our selection includes: - -- GNU/Linux - - Ubuntu - - 14.04 - - 16.04 - - Debian - - 7 - - 8 - - CentOS - - 6 - - 7 -- UNIX - - Solaris - - 10 - - 11 - - FreeBSD - - 10 - - 11 - - macOS - - 10.12 (Sierra) - - 10.13 (High Sierra) -- Windows - - 7 - - 10 - -## Binary packages - -As an alternative to building and installing from source, most Linux package managers provide pre-compiled ClamAV packages. - -For more information about installing ClamAV via a Package Manager, please visit: - diff --git a/docs/Introduction.md b/docs/Introduction.md deleted file mode 100644 index d72e2c215..000000000 --- a/docs/Introduction.md +++ /dev/null @@ -1,85 +0,0 @@ -# Introduction - -Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library. - -## Features - -- Licensed under the GNU General Public License, Version 2 -- POSIX compliant, portable -- Fast scanning -- Supports on-access scanning (Linux only) -- Detects over 1 million viruses, worms and trojans, including Microsoft Office macro viruses, mobile malware, and other threats -- Built-in bytecode interpreter allows the ClamAV signature writers to create and distribute very complex detection routines and remotely enhance the scanner’s functionality -- Scans within archives and compressed files (also protects against archive bombs), built-in support includes: - - Zip (including SFX) - - RAR (including SFX) - - 7Zip - - ARJ (including SFX) - - Tar - - CPIO - - Gzip - - Bzip2 - - DMG - - IMG - - ISO 9660 - - PKG - - HFS+ partition - - HFSX partition - - APM disk image - - GPT disk image - - MBR disk image - - XAR - - XZ - - MS OLE2 - - MS Cabinet Files (including SFX) - - MS CHM (Compiled HTML) - - MS SZDD compression format - - BinHex - - SIS (SymbianOS packages) - - AutoIt - - InstallShield -- Supports Portable Executable (32/64-bit) files compressed or obfuscated with: - - AsPack - - UPX - - FSG - - Petite - - PeSpin - - NsPack - - wwpack32 - - MEW - - Upack - - Y0da Cryptor -- Supports ELF and Mach-O files (both 32- and 64-bit) -- Supports almost all mail file formats -- Support for other special files/formats includes: - - HTML - - RTF - - PDF - - Files encrypted with CryptFF and ScrEnc - - uuencode - - TNEF (winmail.dat) -- Advanced database updater with support for scripted updates, digital signatures and DNS based database version queries - -## Mailing lists and IRC channel - -If you have a trouble installing or using ClamAV try asking on our mailing lists. There are four lists available: - -- **clamav-announce\*lists.clamav.net** - info about new versions, moderated\[1\]. -- **clamav-users\*lists.clamav.net** - user questions -- **clamav-devel\*lists.clamav.net** - technical discussions -- **clamav-virusdb\*lists.clamav.net** - database update announcements, moderated - -You can subscribe and search the mailing list archives at: - -Alternatively you can try asking on the `#clamav` IRC channel - launch your favourite irc client and type: - -```bash - /server irc.freenode.net - /join #clamav -``` - -## Virus submitting - -If you have got a virus which is not detected by your ClamAV with the latest databases, please submit the sample at our website: - - \ No newline at end of file diff --git a/docs/ClamAntiVirusUserManual.md b/docs/UserManual.md similarity index 71% rename from docs/ClamAntiVirusUserManual.md rename to docs/UserManual.md index b79c795fa..0d69cc85e 100644 --- a/docs/ClamAntiVirusUserManual.md +++ b/docs/UserManual.md @@ -6,14 +6,13 @@ Table Of Contents -1. [Introduction](Introduction.md) -2. [Base Package](BasePackage.md) -3. [Installation](Installation.md) -4. [Configuration](Configuration.md) -5. [Usage](Usage.md) -6. [libclamav](libclamav.md) -7. [Signatures](Signatures.md) -8. [PhishSigs](PhishSigs.md) +1. [Introduction to ClamAV](UserManual/Introduction.md) +2. [Installing ClamAV](UserManual/Installation.md) +3. [Configuring ClamAV](UserManual/Configuration.md) +4. [Using ClamAV](UserManual/Usage.md) +5. [Build \[lib\]ClamAV Into Your Programs](UserManual/libclamav.md) +6. [Writing ClamAV Signatures](UserManual/Signatures.md) +7. [Writing ClamAV Phishing Signatures](UserManual/PhishSigs.md) ----- diff --git a/docs/UserManual/BasePackage.md b/docs/UserManual/BasePackage.md new file mode 100644 index 000000000..4c35c47d4 --- /dev/null +++ b/docs/UserManual/BasePackage.md @@ -0,0 +1,2 @@ +# Base package + diff --git a/docs/Configuration.md b/docs/UserManual/Configuration.md similarity index 100% rename from docs/Configuration.md rename to docs/UserManual/Configuration.md diff --git a/docs/Installation.md b/docs/UserManual/Installation.md similarity index 96% rename from docs/Installation.md rename to docs/UserManual/Installation.md index d663a9249..5e5cc04ea 100644 --- a/docs/Installation.md +++ b/docs/UserManual/Installation.md @@ -1,4 +1,4 @@ -# Installation +# Installation from Source ## Requirements @@ -188,3 +188,10 @@ Here is a listing of currently available ClamAV Virus Database Files: - safebrowsing.cvd (virus signatures for safe browsing) These files can be downloaded via HTTP from the main ClamAV website or via the ’freshclam’ utility on a periodic basis. Using ’freshclam’ is the preferred method of keeping the ClamAV virus database files up to date without manual intervention (see the [freshclam configuration](Configuration.md#Setting-up-auto\-updating) section for information on how to configure ’freshclam’ for automatic updating and the main [freshclam](Usage.md#freshclam) section for additional details on freshclam). + +## Binary packages + +As an alternative to building and installing from source, most Linux package managers provide pre-compiled ClamAV packages. + +For more information about installing ClamAV via a Package Manager, please visit: + diff --git a/docs/UserManual/Introduction.md b/docs/UserManual/Introduction.md new file mode 100644 index 000000000..2da402387 --- /dev/null +++ b/docs/UserManual/Introduction.md @@ -0,0 +1,122 @@ +# Introduction + +Clam AntiVirus is an open source (GPLv2) anti-virus toolkit, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library. + +## Features + +### Capabilities + +- ClamAV is designed to scan files quickly. +- Real time protection (Linux only). Our scanning daemon supports on-access scanning on modern versions of Linux, including the ability to block file access until a file has been scanned. +- ClamAV detects over 1 million viruses, worms and trojans, including Microsoft Office macro viruses, mobile malware, and other threats. +- The built-in bytecode interpreter allows the ClamAV signature writers to create and distribute very complex detection routines and remotely enhance the scanner’s functionality. +- Signed signature databases ensure that ClamAV will only execute trusted signature definitions. +- ClamAV scans within archives and compressed files but also protects against archive bombs. Built-in archive extraction capabilities include: + - Zip (including SFX) + - RAR (including SFX) + - 7Zip + - ARJ (including SFX) + - Tar + - CPIO + - Gzip + - Bzip2 + - DMG + - IMG + - ISO 9660 + - PKG + - HFS+ partition + - HFSX partition + - APM disk image + - GPT disk image + - MBR disk image + - XAR + - XZ + - MS OLE2 + - MS Cabinet Files (including SFX) + - MS CHM (Compiled HTML) + - MS SZDD compression format + - BinHex + - SIS (SymbianOS packages) + - AutoIt + - InstallShield +- Supports Windows executable file parsing, also known as Portable Executables (PE) both 32/64-bit, including PE files that are compressed or obfuscated with: + - AsPack + - UPX + - FSG + - Petite + - PeSpin + - NsPack + - wwpack32 + - MEW + - Upack + - Y0da Cryptor +- Supports ELF and Mach-O files (both 32- and 64-bit) +- Supports almost all mail file formats +- Support for other special files/formats includes: + - HTML + - RTF + - PDF + - Files encrypted with CryptFF and ScrEnc + - uuencode + - TNEF (winmail.dat) +- Advanced database updater with support for scripted updates, digital signatures and DNS based database version queries + +### License + +ClamAV is licensed under the GNU General Public License, Version 2 + +### Supported platforms + +Clam AntiVirus is highly cross-platform. The development team cannot test every OS, so we have chosen to test ClamAV using the two most recent Long Term Support (LTS) versions of each of the most popular desktop operating systems. Our regularly tested operating systems include: + +- GNU/Linux + - Ubuntu + - 14.04 + - 16.04 + - Debian + - 7 + - 8 + - CentOS + - 6 + - 7 +- UNIX + - Solaris + - 10 + - 11 + - FreeBSD + - 10 + - 11 + - macOS + - 10.12 (Sierra) + - 10.13 (High Sierra) +- Windows + - 7 + - 10 + +## Mailing lists and IRC channel + +If you have a trouble installing or using ClamAV try asking on our mailing lists. There are four lists available: + +- **clamav-announce\*lists.clamav.net** - info about new versions, moderated\[1\]. +- **clamav-users\*lists.clamav.net** - user questions +- **clamav-devel\*lists.clamav.net** - technical discussions +- **clamav-virusdb\*lists.clamav.net** - database update announcements, moderated + +You can subscribe and search the mailing list archives at: + +Alternatively you can try asking on the `#clamav` IRC channel - launch your favourite irc client and type: + +```bash + /server irc.freenode.net + /join #clamav +``` + +## Submitting New or Otherwise Undetected Malware + +If you've got a virus which is not detected by the current version of ClamAV using the latest signature databases, please submit the sample at our website: + + + +Likewise, if you have a benign file that is flagging as a virus and you wish to report a False Positive, please submit the sample for reive at our website: + + \ No newline at end of file diff --git a/docs/PhishSigs.md b/docs/UserManual/PhishSigs.md similarity index 100% rename from docs/PhishSigs.md rename to docs/UserManual/PhishSigs.md diff --git a/docs/Signatures.md b/docs/UserManual/Signatures.md similarity index 100% rename from docs/Signatures.md rename to docs/UserManual/Signatures.md diff --git a/docs/Usage.md b/docs/UserManual/Usage.md similarity index 100% rename from docs/Usage.md rename to docs/UserManual/Usage.md diff --git a/docs/libclamav.md b/docs/UserManual/libclamav.md similarity index 100% rename from docs/libclamav.md rename to docs/UserManual/libclamav.md