NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

0d0a's avatar
0d0a
Tutor
Jan 20, 2017

Antivirus scanner found a threat (Heuristics.Broken.Executable) in the file /var/cores/core-killall

And I see no way of configuring the AV scanner on the admin pages  
Feature Request & Feedback
Virus scanner
ronlaws86's avatar
ronlaws86
Guide
May 19, 2017

Temprary Fix!

 

So i was digging around inside the NAS via SSH, and I cannot find where it is getting the default config file, my guess is that something somewhere deep in frontview or readynasd is replacing it. So I engineerd a bit of a hacky (and dirty) workaround. 

 

The problem: 

/etc/clamav/clamd.conf is getting replaced by something within readynasOS, as such any sibsiquent changes you make to this file is overwritten almost immediatly. 

changing this file to become immutable (chattr +i) will result in Frontview throwing up an error. 

 

However

/etc/default/config/etc/clamav/clamd.conf seems to remain untouched. So it is safe to make your changes in here, though they will not be parsed directly by clamd when it is called. 

 

The dirty fix:

clamd is located under /use/sbin and to sort of fix this problem of the config file being overwritten, i've moved clamd to clamd-bin, and created a shell script in its place to copy over the user preferences every time clamd is called, then execute clamd-bin with the given arguments. 

 

so now under /usr/sbin I have 2 files 

clamd-bin (the actual binary)

clamd (the hacky shell script) 

 

To do this for yourself, and if you are comfortable mucking around in the guts of your ReadyNAS, simply do the following: - 

 

Enable SSH via frontview and log in using the user root and your admin password. 

 

the commands are as follows:-

 

Change directory to /usr/sbin

cd /usr/sbin

Rename the clamd binary

mv clamd clamd-bin

create our standin clamd file (hint, if you prefer nano as opposed to vi/vim you can install it with apt-get install nano)

 

nano clamd

- or -

vi clamd

and paste the following:-

#!/bin/sh

#overwrite conf with user settings
cp /etc/default/config/etc/clamav/clamd.conf /etc/clamav/clamd.conf

#run clamd-bin with args
/usr/sbin/clamd-bin $1 $2 $3 $4 $5

Save and close

 

then mark both files as executable

chmod +x clamd clamd-bin

 

Note, I provided the script with probably way more arg variables ($1 $2 etc) than is probably ever used, but to be on the safe side, it does not hurt to have undefined ones. This script will basically aggresivly overwrite the parsed config file anytime clamd is called, it's not ideal, but for now seems the only way to make changes to the defaults in a more persistent manner. 

Cronos_IT's avatar
Cronos_IT
Aspirant
Nov 10, 2017

I adopt the ronlaws86 method and it works perfectly.

It's deplorable to change an antivirus in a new version (if we consider it's new after long months) and not include an app or a doc to manage it.

 

Thanks ronlaws86 ;)

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More