On 02.09.23 17:04, Victor Sizov via clamav-users wrote:
>Perhaps my Ubuntu computer is infected with a virus that redirects
>html requests to "iyfbodn.com". To test it, I installed clamav (sudo
>apt install clamav clamav-daemon). When I updated it (sudo freshclam)
>I got the message:
>
>...
>Sat Sep 2 10:13:18 2023 -> DON'T PANIC! Read
>https://docs.clamav.net/manual/Installing.html
>Sat Sep 2 10:13:18 2023 -> ^FreshClam previously received error code
>429 or 403 from the ClamAV Content Delivery Network (CDN).
>Sat Sep 2 10:13:18 2023 -> This means that you have been rate limited
>or blocked by the CDN.
On Sat, Sep 2, 2023 at 6:02 PM Matus UHLAR - fantomas <uh...@fantomas.sk> wrote:
Which clamav version do you have? versions older than 0.103 are not
supported.
On 03.09.23 22:36, Victor Sizov via clamav-users wrote:
I have 0.103.9 version.
this is new enough.
! > >When I open https://docs.clamav.net in a browser, I get a message
! > >about blocking in cloudflare:
! > >
! > >Cloudflare Ray ID: 8005341f1fbc9daa • Your IP: 91.77.160.250
This ray ID could tell clamav people what to look for.
I cannot use my brouser (Firefox 117 64 bit) because cloudflare blocks
my access to clamav.net.
>2) Could you advise me how to make sure the presence/absence of a
>redirect to "iyfbodn.com"?
sorry, looks like a real virus targetting browsers.
Can you try searching from other computer?
Yes, i tried installing clamav on another computer in my local network
and got the same errors when running freshclam and clamscan.
If you have clamav running on multiple computers in your network and if they
sit on a single IP behind NAT, this may be the reason why you are getting
denied.
You many need to set up local clamav database mirror not to overload clamav
network with repeated requests for databases.
https://github.com/Cisco-Talos/cvdupdate
https://packages.ubuntu.com/search?keywords=cvdupdate
sizov@ironUbuntu:~$ sudo freshclam
Sun Sep 3 22:20:23 2023 -> ClamAV update process started at Sun Sep
3 22:20:23 2023
Sun Sep 3 22:20:23 2023 -> ^Your ClamAV installation is OUTDATED!
Sun Sep 3 22:20:23 2023 -> ^Local version: 0.103.9 Recommended
version: 0.103.10
Sun Sep 3 22:20:23 2023 -> DON'T PANIC! Read
https://docs.clamav.net/manual/Installing.html
Sun Sep 3 22:20:23 2023 -> ^FreshClam previously received error code
429 or 403 from the ClamAV Content Delivery Network (CDN).
Sun Sep 3 22:20:23 2023 -> This means that you have been rate limited
or blocked by the CDN.
calscan error:
sizov@ironUbuntu:~$ sudo clamscan .
LibClamAV Error: cli_loaddbdir(): No supported database files found in
/var/lib/clamav
ERROR: Can't open file or directory
This says there's no database loaded on that machine, apparently because of
being blocked.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
