Re: [Clamav-users] Clamav-milter 0.91.2 problems on FreeBSD 6.2
Al Take the C out for starting unless you are jailing the process. It should start fine. --- al [EMAIL PROTECTED] wrote: After building the FreeBSD 0.91.2 port to replace 0.88.5, the milter shuts down as soon as it starts. Here is the forground output: blackwidow# /usr/local/sbin/clamav-milter -CNqlo /var/run/clmilter.sock WARNING: /usr/local/sbin/clamav-milter: running as root is not recommended (check User in /etc/clamd.conf) Loaded ClamAV 0.91.2/4546/Sat Oct 20 07:46:40 2007 ClamAV: Protecting against 159880 viruses Nqlo: No such file or directory LibClamAV debug: watchdog sleeps Stopping ClamAV version 0.91.2, clamav-milter version 0.91.2 LibClamAV debug: Cleaning up phishcheck LibClamAV debug: Phishcheck cleaned up This is the tail of the debug output: Loaded ClamAV 0.91.2/4546/Sat Oct 20 07:46:40 2007 ClamAV: Protecting against 159880 viruses LibClamAV debug: Database loaded LibClamAV debug: Stat()ing files in /var/db/clamav LibClamAV debug: Making /var/tmp//clamav-520fc365946e1325ee44c2a88ed7f909 Nqlo: No such file or directory LibClamAV debug: watchdog sleeps Stopping ClamAV version 0.91.2, clamav-milter version 0.91.2 LibClamAV debug: Cleaning up phishcheck LibClamAV debug: Phishcheck cleaned up The Nqlo: No such file or directory is the only error I can see, but I don't know what it refers to. Can some one point me in the right direction? Thanks, Al ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav-milter 0.91.2 problems on FreeBSD 6.2
al wrote: After building the FreeBSD 0.91.2 port to replace 0.88.5, the milter shuts down as soon as it starts. Here is the forground output: blackwidow# /usr/local/sbin/clamav-milter -CNqlo /var/run/clmilter.sock WARNING: /usr/local/sbin/clamav-milter: running as root is not The Nqlo: No such file or directory is the only error I can see, but I don't know what it refers to. Can some one point me in the right direction? It refers to the name of the directory you gave it to chroot to with the -C option. The right direction is man clamav-milter. Thanks, Al -Nigel ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Signature precedence
I seem to recall I have come across this before, but I just can't find it. Maybe someone knows off-hand. :) When using additional, third party signatures, is there any particular order in the signatures? If both, the official as well as the third party sigs match, which one is being reported? karsten -- char *t=[EMAIL PROTECTED]; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}} ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Moving Infected Files When Clamuko Is In Use
It appears that if clamuko is configured to scan a particular directory on access, then clamscan does not actually identify the file as an infected file. The results of the clamscan show Infected files: 0, even though the directory has an infected file (in this case, eicar for testing). In addition, the move option does not work. It seems that since clamuko is identifying the file as infected, clamscan cannot open the file to do its scan, nor can it move the file. Is there some way to correct this? Thank you. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Signature precedence
At 12:37 PM 10/22/2007, Karsten Bräckelmann wrote: When using additional, third party signatures, is there any particular order in the signatures? No particular order. If both, the official as well as the third party sigs match, which one is being reported? One or the other will be reported, but not both. The one actually reported is unpredictable. -- Noel Jones ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] possible GPG verify problem
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, Oct 21, 2007 at 08:50:17AM -0700, P T wrote: I downloaded clam av from the clam av site. However when I check the signature I get that basically it isn't a trusted signature. How am I doing this wrong? # to get the key gpg --keyserver random.sks.keyserver.penguin.de --recv-keys 985A444B # to verifiy the clam file. gpg --verify clamav-0.91.2.tar.gz.sig gpg: Signature made Mon 20 Aug 2007 06:21:05 PM CDT using DSA key ID 985A444B gpg: Good signature from Tomasz Kojm [EMAIL PROTECTED] gpg: aka Tomasz Kojm [EMAIL PROTECTED] gpg: aka Tomasz Kojm [EMAIL PROTECTED] See the signature matches (ie the math works to verify that the package has not been changed since the person with key 985a444b signed it). gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. This just means that *YOU* have not signed the key saying you trust it. That's normal, you should *NOT* just sign every key you come across. You should only sign keys of people you have personally met or worked with. - -- Regards... Todd They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. --Benjamin Franklin Linux kernel 2.6.22.9-desktop-1mdv 3 users, load average: 1.00, 0.90, 0.70 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (GNU/Linux) iD8DBQFHHQGpY2VBGxIDMLwRAkDxAJ9KIm68nYxeaxVr4/+t1sC5+RQa3ACdHvLB AYN26AlEspG7B5GTUIwRRdY= =xFWv -END PGP SIGNATURE- ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Signature precedence
On Mon, 2007-10-22 at 14:43 -0500, Noel Jones wrote: At 12:37 PM 10/22/2007, Karsten Bräckelmann wrote: When using additional, third party signatures, is there any particular order in the signatures? No particular order. If both, the official as well as the third party sigs match, which one is being reported? One or the other will be reported, but not both. The one actually reported is unpredictable. Thanks, Noel. That's exactly what I needed, though I did hope for another answer. ;) Guess my logs are just that -- logs. No way to turn them into half-decent stats, unless I rerun per signature set. guenther -- char *t=[EMAIL PROTECTED]; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1: (c=*++x); c128 (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}} ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html