IMPORTANT:  FreeBSD users who install this program from the ports system should read the 'FreeBSD Note' at the end of this document.

******************************** IMPORTANT ********************************

IMPORTANT: This is a "bash" script. It will probably fail if used under another shell. It has been tested on Bash-3.x and 4.x. Its usability under other versions or shells is unknown.

The first time this script is initialized, it will run its basic configuration routine and exit. If you ever want to reconfigure the script, use the [-c] command line option.

If this is an update from an earlier version of this script, it is strongly that this script be run with the [-c] command line option to insure it is configured correctly. In addition, either delete and recreate existing config files or use the "-e ‹name›" option to edit them.

***************************************************************************

REQUIRED FILES:

1. Curl or Wget {curl >= 7.19.5 recommended} {wget >= 1.11.4 recommended}
   1. http://curl.haxx.se/

   2. http://www.gnu.org/software/wget/

2. rsync {Version >= 3.0.6 recommended}

   1. http://samba.anu.edu.au/rsync/

3. gnupg {Version >= 2.0.11 recommended}
   1. http://lists.gnupg.org/pipermail/gnupg-announce/2009q1/000287.html

   2. http://www.gnupg.org/

4. clamav {Version >= 0.95_1 recommended}

   1. http://www.clamav.net/

5. Bash {Version >= 4.0 recommended}

   1. http://www.gnu.org/software/bash/

1. ---

2. This script probably has to be run as ROOT or another privileged user who has proper READ/WRITE permissions to the files and directories as well as the Clamav database.

3. This script has an interactive configuration function. You must run it from the console the first time you invoke it. After that, it will work fine from CRON.

4. If updating from an older version, you must run the program with the [-c] command line option the first time the program is run. This will create a new config file. The [-c] option will only create a new config file and exit.

5. The new [-C] option allows a user to create a supplemental configuration scheme.

   EXAMPLE: scamp -C name will create a new scheme named name if it does not exist, or use it if it is present. name is case sensitive. DO NOT use: " \ / { } - [ ] ' , ( )  in the name. Only letters and the underscore are permitted. This can be used effectively when running via CRON. For instance, create a CRON section: scamp.sh -C CRON with logging turned on, random download activated and the summary screen turned off. Place this in your CRON file as: scamp.sh -C CRON. The script will now run silently; however, if an error occurs you will receive an email via CRON. This assumes that the MAILTO: is set in CRON.

6. The "scamp.sh" file is a BASH script for downloading and installing various Clamav definition files. The script will create a "CONFIGURATION FILE" when first run. The majority of the variables are 'hard coded' into the script. The only one that must be entered is the location of the Clamav database. See your "clamd.conf" file for the correct location.

7. Examples are:

   1. /var/db/clamav
   2. /var/lib/clamav

   3. /usr/local/share/clamav

8. You must enter the correct location or else the script will not work. The initialization will only occur the first time the script is run, or when there is a major program update that requires it, or when invoked by a command line options [-c].

NOTE: 0 = the number zero, not the letter O

CONFIG_DIR {Default location of the script's config files}

CONFIG_FILE {FQN of the script's config file}

C_GROUP {Clamav database group owner}

C_PID {Location of the clamd PID file}

C_USER {Clamav database file owner}

GET_LDB {Install the *.ldb files - 1=yes & 0=no}

GET_MALWALE {Download Mallware files 1=yes & 0=no}

GET_MSRBL {Download MSRBL files - 1=yes & 0=no}

GET_SANE {download the Sanesecurity files - 1=yes & 0=no}

GET_SECURITE {Download the securiteinfo files - 1=yes & 0=no}

GET_WILLOW {Install the winnow files}

GNUPGHOME_VAR {If set, will export the GNUPGHOME environmental variable}

MK_LOG {Create a log file. DEFAULT: /var/log/scamp.log}

RELOAD {Reload the clamd database after update - 1=yes & 0=no }

REST {Invoke the random delayed download files function - 1=yes & 0=no}

SIG_DB {Clamav database location}

SYS_LOG {Use the system logger}

WPC {Which winnow files to install}

T_DIR {tmp directory used by this script}

W_SUM {Whether to print out a summary screen - 1=yes & 0=no

{The random download function only works via CRON}

All of these settings with the exception of the CONFIG_FILE location are available through the setup program. Simply pressing <RETURN> will accept the default value shown.

COMMAND LINE OPTION:

{-c} = Creates a new default config file and exits

{-C filename} = Will create a new config file

{-h} = usage screen.

{-e filename} = Edit an existing config file

{-l} = Turns off the logging function

{-L} = Turns on the logging function

{-q} = Turns off printing of a summary screen (Error messages displayed)

{-Q} = Turns on printing of a summary screen displayed}.

{-r} = Turns off the sleep function.

{-R} = Turns on the random sleep timer. Between 0 & 9 minutes

{-v} = Displays the script version and exits.

When available, lower case letter will turn an option off, while upper case will activate the function. Presently, only the 'log' and 'summary screen' and 'random download timer' functions are supported. They can be set permanently in the config file.

NOTE: "Random Download Timer"

The random download function is only useful when the script is run via CRON. It is ignored at other times. The function can be invoked via the command line using [-R]; i.e., "scamp.sh -R" for instance. You can save the setting permanently in the config file by running the script with the [-c] command line option and then answering the random download question with either 1 or 0. 0 = off & 1 = on.

EXIT CODES:

The following exit code values are available:

0 Success

1 Incorrect flag entered

2 No database specified

3 Unable to create required directory structure

4 Program must be run interactively

5 Unable to locate "which" binary

6 Missing binary: View error message for details

7 Error creating GPG file

INSTALLATION NOTES:

1. All of the Sanesecurity files and gpg keys are now keep in the Sanesecurity (sane) directory.

2. For the safest and most error free operation, I would recommend cleaning out the clamav database directory of all files and directories not installed by the 'freshclam' program itself. This appears to be even more important if you have been running another script to update the clamav database.

3. That would probably include all BUT these files:

   1. daily.cld
   2. main.cld
   3. mirrors.dat

   4. stats.dat

4. Any directories should also be deleted.

5. Running the script for the first time after cleaning out the clamav database will insure a cleaner install of the new database files. Since it appears that different 'scripts' install a radically different configuration of definition files, this would also insure that only the ones installed by this script are made available to Clamav. It would also insure that outdated files are removed.

DOWNLOADED FILES:

The actual files download and installed by this script include the following.

1. All of the Sanesecurity files

   1. junk.ndb
   2. junk.ndb.sig
   3. jurlbl.ndb
   4. jurlbl.ndb.sig
   5. lott.ndb
   6. lott.ndb.sig
   7. phish.ndb
   8. phish.ndb.sig
   9. rogue.hdb
   10. rogue.hdb.sig
   11. sanesecurity.ftm
   12. sanesecurity.ftm.sig
   13. scam.ndb
   14. scam.ndb.sig
   15. spamimg.hdb
   16. spamimg.hdb.sig
   17. spear.ndb

   18. spear.ndb.sig

2. Sanesecurity *.ldb files

   1. spam.ldb

   2. spam.ldb.sig

3. Sanesecurity winnow files

   1. winnow_malware.hdb
   2. winnow_malware.hdb.sig
   3. winnow_malware_links.ndb
   4. winnow_malware_links.ndb.sig
   5. winnow_phish_complete.ndb
   6. winnow_phish_complete.ndb.sig
   7. winnow_phish_complete_url.ndb
   8. winnow_phish_complete_url.ndb.sig
   9. winnow_spam_complete.ndb

   10. winnow_spam_complete.ndb.sig

4. The Following Securiteinfo files

   1. vx.hdb
   2. honeynet.hdb
   3. securiteinfo.hdb

   4. antispam.ndb

5. These MSRBL files

   1. MSRBL-Images.hdb
   2. MSRBL-SPAM-CR.ndb

   3. MSRBL-SPAM.ndb

6. The Malware definition file

   1. http://www.malwarepatrol.com.br/cgi/submit?action=list_clamav_ext

   This script is easily run via CRON. Something like this is all that you probably need. You should probably include a "MAILTO" in the crontab file. Any errors will be mailed to that address. If not all ready set, or if you do not know how to set it, at the command line enter: "whoami" sans quotes and enter that in the mailto variable.

   EXAMBLE: Output of 'whoami' was steve. Place this in the top of the cron file:

   MAILTO=steve

   This would be placed just below the 'SHELL' variable. You can get further information at http://unixhelp.ed.ac.uk/CGI/man-cgi?crontab+5

   # Root's Crontab file

   # Use the fully qualified path to bash on your system.

   # Typing: "which bash" will produce it.

   # SHELL=/usr/local/bin/bash # For FreeBSD users

   # SHELL=/usr/bin/bash # Most other operating systems

   # Enter user below and uncomment

   # MAILTO=

   #(m) (h) (mday) (month) (wday) (command) ## Do NOT uncomment

    

   # Runs every 4 hours, every day with logging=on, quiet mode=on, random download timer=on

    

   0 */4 * * * /PATH-2-SCRIPT/scamp.sh -L -q -R

    

   # Runs via the settings in a previously created config file named: cron

    

   0 */4 * * * /PATH-2_SCRIPT/scamp.sh -C cron

    

   EULA:

    

   The end user is allowed to make any changes, modifications, or whatever to this script. The author assumes no responsibility for this script, modified or not by the end user. In other words, the user assumes all responsibility for the use of this program. In other words, USE AT YOU OWN RISK.

   I can be contacted at: gerard@seibercom.net

   The latest version of this script can usually be downloaded from: https://sourceforge.net/projects/scamp/ Older versions may also be available.

   Any questions, suggestions, patches, etc. should be directed to me. I really would appreciate it. To make tracking of 'bug' reprts easier, please do the following:

   1. Go to: https://sourceforge.net/projects/scamp/
   2. Click on "TRACKER"
   3. Click on "Bug Reports"
   4. Click on "Add New"
   5. Fill out the report with complete information including the version of the script you are using, your OS and version of bash, rsync, gpg/gpg2, curl and / or wget and your version of Clamav. If possible, include the complete text of any error messages, etc.

   FreeBSD Note:

   When installed via the FreeBSD ports system, a configuration file with the basic defaults for Clamav on a FreeBSD system has been installed: "/usr/local/etc/scamp/default". It is still strongly recommended that the first time this script is run, it is run as "scamp.sh -c" to insure the file is configured according to the end users preferences.