Re: [clamav-users] using older clients to download from internal clam proxy
On Thu, 2 Dec 2021, novpenguincne via clamav-users wrote: Thank you for the quick response. So that would lead into the logical next question. What would be the earliest client version that would work? I tried installing the 103.x client on that box but 103.x requires SystemD and this older box is still using SystemV. So is there a version of the client that is new enough to accept the new definition files but still old enough to install on a SystemV-based o/s? If you keep your existing SystemV scripts and build from source I don't expect problems with the SystemD bits. You probably wont get on-access scanning. Alternatively you could use one of your SLES15 machines as a clamd server and do your scanning with clamdscan ... But I would put my effort into restricting the SLES11 machine to local network access only (or even sneaker-net if you can work with that) before worrying about clamav. -- Andrew C. Aitchison Kendal, UK and...@aitchison.me.uk ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] using older clients to download from internal clam proxy
Good luck! > On Dec 2, 2021, at 13:31, novpenguincne via clamav-users > wrote: > > OK. It might be difficult to get the new client to run on the old o/s but > I'll see what I can do. > > Thanks for the input! > > James > > Sent with ProtonMail Secure Email. > > ‐‐‐ Original Message ‐‐‐ > > On Thursday, December 2nd, 2021 at 12:14 PM, Joel Esler (jesler) > wrote: > >> The oldest version that is currently supported is the 0.101.x line, but that >> will be EOL in January. So I would recommend 0.103.x or higher. >> >> — >> >> Sent from my iPad >> >>> On Dec 2, 2021, at 13:10, novpenguincne via clamav-users >>> clamav-users@lists.clamav.net wrote: >>> >>> Thank you for the quick response. So that would lead into the logical next >>> question. What would be the earliest client version that would work? I >>> tried installing the 103.x client on that box but 103.x requires SystemD >>> and this older box is still using SystemV. So is there a version of the >>> client that is new enough to accept the new definition files but still old >>> enough to install on a SystemV-based o/s? >>> >>> James >>> >>> Sent with ProtonMail Secure Email. >>> >>> ‐‐‐ Original Message ‐‐‐ >>> On Thursday, December 2nd, 2021 at 10:49 AM, Joel Esler (jesler) jes...@cisco.com wrote: James, Thanks for your email. ClamAV definitions won’t even work on those older versions anymore. The Flevel for the main.cvd and daily.cvd are now set higher than that, so those systems shouldn’t be able to load the newer definitions. — Sent from my iPad >> On Dec 2, 2021, at 11:08, novpenguincne via clamav-users >> clamav-users@lists.clamav.net wrote: > > To facilitate bandwidth issues, I've set up an internal clam proxy server > on SLES15 running the 103.x client. I have successfully connected to it > using a different SLES15 box also running the 103.x client and downloaded > updates to it. > > However, I still have an older SLES11 box running the 98.x client. Due to > extenuating circumstances, this box is not a candidate for an o/s > upgrade. I also know from CLAM documentation that clients older than > 100.x are no longer supported. But I would still like to have some a/v on > this box until its retirement so I was trying to have it download from > the proxy server as well. > > When I first attempted, it failed because it was trying to download > main.cld which didn't exist on the proxy. So I turned off "scripted > updates" on both the proxy and the target SLES11 box which is now forcing > everything to use cvd files only. But now when I run freshclam on the > SLES11 box, I'm getting different errors. It downloads the daily.cvd > successfully. Then it tries to load signatures from daily.cvd. And then I > get a sequence of errors: > > ERROR: During database Load > > WARNING: [LibClamAV] cli_ac_addsig: Signature for > Win.Backdoor.SystemBC-9885562-0 is too short > > ERROR: Failed to load new database: Malformed database > > WARNING: Database load exited with status 55 > > ERROR: Failed to load new database > > Do I need to make a change in the freshclam.conf to get this to work? Or > is it a matter of the 98.x client unable to read datafiles designed for > 103.x clients? > > James > > clamav-users mailing list > > clamav-users@lists.clamav.net > > https://lists.clamav.net/mailman/listinfo/clamav-users > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >>> >>> clamav-users mailing list >>> >>> clamav-users@lists.clamav.net >>> >>> https://lists.clamav.net/mailman/listinfo/clamav-users >>> >>> Help us build a comprehensive ClamAV guide: >>> >>> https://github.com/vrtadmin/clamav-faq >>> >>> http://www.clamav.net/contact.html#ml > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] using older clients to download from internal clam proxy
OK. It might be difficult to get the new client to run on the old o/s but I'll see what I can do. Thanks for the input! James Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Thursday, December 2nd, 2021 at 12:14 PM, Joel Esler (jesler) wrote: > The oldest version that is currently supported is the 0.101.x line, but that > will be EOL in January. So I would recommend 0.103.x or higher. > > — > > Sent from my iPad > > > On Dec 2, 2021, at 13:10, novpenguincne via clamav-users > > clamav-users@lists.clamav.net wrote: > > > > Thank you for the quick response. So that would lead into the logical next > > question. What would be the earliest client version that would work? I > > tried installing the 103.x client on that box but 103.x requires SystemD > > and this older box is still using SystemV. So is there a version of the > > client that is new enough to accept the new definition files but still old > > enough to install on a SystemV-based o/s? > > > > James > > > > Sent with ProtonMail Secure Email. > > > > ‐‐‐ Original Message ‐‐‐ > > > > > On Thursday, December 2nd, 2021 at 10:49 AM, Joel Esler (jesler) > > > jes...@cisco.com wrote: > > > > > > James, > > > > > > Thanks for your email. ClamAV definitions won’t even work on those older > > > versions anymore. The Flevel for the main.cvd and daily.cvd are now set > > > higher than that, so those systems shouldn’t be able to load the newer > > > definitions. > > > > > > — > > > > > > Sent from my iPad > > > > > > > > On Dec 2, 2021, at 11:08, novpenguincne via clamav-users > > > > > clamav-users@lists.clamav.net wrote: > > > > > > > > To facilitate bandwidth issues, I've set up an internal clam proxy > > > > server on SLES15 running the 103.x client. I have successfully > > > > connected to it using a different SLES15 box also running the 103.x > > > > client and downloaded updates to it. > > > > > > > > However, I still have an older SLES11 box running the 98.x client. Due > > > > to extenuating circumstances, this box is not a candidate for an o/s > > > > upgrade. I also know from CLAM documentation that clients older than > > > > 100.x are no longer supported. But I would still like to have some a/v > > > > on this box until its retirement so I was trying to have it download > > > > from the proxy server as well. > > > > > > > > When I first attempted, it failed because it was trying to download > > > > main.cld which didn't exist on the proxy. So I turned off "scripted > > > > updates" on both the proxy and the target SLES11 box which is now > > > > forcing everything to use cvd files only. But now when I run freshclam > > > > on the SLES11 box, I'm getting different errors. It downloads the > > > > daily.cvd successfully. Then it tries to load signatures from > > > > daily.cvd. And then I get a sequence of errors: > > > > > > > > ERROR: During database Load > > > > > > > > WARNING: [LibClamAV] cli_ac_addsig: Signature for > > > > Win.Backdoor.SystemBC-9885562-0 is too short > > > > > > > > ERROR: Failed to load new database: Malformed database > > > > > > > > WARNING: Database load exited with status 55 > > > > > > > > ERROR: Failed to load new database > > > > > > > > Do I need to make a change in the freshclam.conf to get this to work? > > > > Or is it a matter of the 98.x client unable to read datafiles designed > > > > for 103.x clients? > > > > > > > > James > > > > > > > > clamav-users mailing list > > > > > > > > clamav-users@lists.clamav.net > > > > > > > > https://lists.clamav.net/mailman/listinfo/clamav-users > > > > > > > > Help us build a comprehensive ClamAV guide: > > > > > > > > https://github.com/vrtadmin/clamav-faq > > > > > > > > http://www.clamav.net/contact.html#ml > > > > clamav-users mailing list > > > > clamav-users@lists.clamav.net > > > > https://lists.clamav.net/mailman/listinfo/clamav-users > > > > Help us build a comprehensive ClamAV guide: > > > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] using older clients to download from internal clam proxy
The oldest version that is currently supported is the 0.101.x line, but that will be EOL in January. So I would recommend 0.103.x or higher. — Sent from my iPad > On Dec 2, 2021, at 13:10, novpenguincne via clamav-users > wrote: > > Thank you for the quick response. So that would lead into the logical next > question. What would be the earliest client version that would work? I > tried installing the 103.x client on that box but 103.x requires SystemD and > this older box is still using SystemV. So is there a version of the client > that is new enough to accept the new definition files but still old enough to > install on a SystemV-based o/s? > > James > > Sent with ProtonMail Secure Email. > > ‐‐‐ Original Message ‐‐‐ > >> On Thursday, December 2nd, 2021 at 10:49 AM, Joel Esler (jesler) >> wrote: >> >> James, >> >> Thanks for your email. ClamAV definitions won’t even work on those older >> versions anymore. The Flevel for the main.cvd and daily.cvd are now set >> higher than that, so those systems shouldn’t be able to load the newer >> definitions. >> >> — >> >> Sent from my iPad >> On Dec 2, 2021, at 11:08, novpenguincne via clamav-users clamav-users@lists.clamav.net wrote: >>> >>> To facilitate bandwidth issues, I've set up an internal clam proxy server >>> on SLES15 running the 103.x client. I have successfully connected to it >>> using a different SLES15 box also running the 103.x client and downloaded >>> updates to it. >>> >>> However, I still have an older SLES11 box running the 98.x client. Due to >>> extenuating circumstances, this box is not a candidate for an o/s upgrade. >>> I also know from CLAM documentation that clients older than 100.x are no >>> longer supported. But I would still like to have some a/v on this box until >>> its retirement so I was trying to have it download from the proxy server as >>> well. >>> >>> When I first attempted, it failed because it was trying to download >>> main.cld which didn't exist on the proxy. So I turned off "scripted >>> updates" on both the proxy and the target SLES11 box which is now forcing >>> everything to use cvd files only. But now when I run freshclam on the >>> SLES11 box, I'm getting different errors. It downloads the daily.cvd >>> successfully. Then it tries to load signatures from daily.cvd. And then I >>> get a sequence of errors: >>> >>> ERROR: During database Load >>> >>> WARNING: [LibClamAV] cli_ac_addsig: Signature for >>> Win.Backdoor.SystemBC-9885562-0 is too short >>> >>> ERROR: Failed to load new database: Malformed database >>> >>> WARNING: Database load exited with status 55 >>> >>> ERROR: Failed to load new database >>> >>> Do I need to make a change in the freshclam.conf to get this to work? Or is >>> it a matter of the 98.x client unable to read datafiles designed for 103.x >>> clients? >>> >>> James >>> >>> clamav-users mailing list >>> >>> clamav-users@lists.clamav.net >>> >>> https://lists.clamav.net/mailman/listinfo/clamav-users >>> >>> Help us build a comprehensive ClamAV guide: >>> >>> https://github.com/vrtadmin/clamav-faq >>> >>> http://www.clamav.net/contact.html#ml > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] using older clients to download from internal clam proxy
Thank you for the quick response. So that would lead into the logical next question. What would be the earliest client version that would work? I tried installing the 103.x client on that box but 103.x requires SystemD and this older box is still using SystemV. So is there a version of the client that is new enough to accept the new definition files but still old enough to install on a SystemV-based o/s? James Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Thursday, December 2nd, 2021 at 10:49 AM, Joel Esler (jesler) wrote: > James, > > Thanks for your email. ClamAV definitions won’t even work on those older > versions anymore. The Flevel for the main.cvd and daily.cvd are now set > higher than that, so those systems shouldn’t be able to load the newer > definitions. > > — > > Sent from my iPad > > > On Dec 2, 2021, at 11:08, novpenguincne via clamav-users > > clamav-users@lists.clamav.net wrote: > > > > To facilitate bandwidth issues, I've set up an internal clam proxy server > > on SLES15 running the 103.x client. I have successfully connected to it > > using a different SLES15 box also running the 103.x client and downloaded > > updates to it. > > > > However, I still have an older SLES11 box running the 98.x client. Due to > > extenuating circumstances, this box is not a candidate for an o/s upgrade. > > I also know from CLAM documentation that clients older than 100.x are no > > longer supported. But I would still like to have some a/v on this box until > > its retirement so I was trying to have it download from the proxy server as > > well. > > > > When I first attempted, it failed because it was trying to download > > main.cld which didn't exist on the proxy. So I turned off "scripted > > updates" on both the proxy and the target SLES11 box which is now forcing > > everything to use cvd files only. But now when I run freshclam on the > > SLES11 box, I'm getting different errors. It downloads the daily.cvd > > successfully. Then it tries to load signatures from daily.cvd. And then I > > get a sequence of errors: > > > > ERROR: During database Load > > > > WARNING: [LibClamAV] cli_ac_addsig: Signature for > > Win.Backdoor.SystemBC-9885562-0 is too short > > > > ERROR: Failed to load new database: Malformed database > > > > WARNING: Database load exited with status 55 > > > > ERROR: Failed to load new database > > > > Do I need to make a change in the freshclam.conf to get this to work? Or is > > it a matter of the 98.x client unable to read datafiles designed for 103.x > > clients? > > > > James > > > > clamav-users mailing list > > > > clamav-users@lists.clamav.net > > > > https://lists.clamav.net/mailman/listinfo/clamav-users > > > > Help us build a comprehensive ClamAV guide: > > > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] using older clients to download from internal clam proxy
Hi there, On Thu, 2 Dec 2021, novpenguincne via clamav-users wrote: ... I still have an older SLES11 box running the 98.x client. ... Would you at least try to convince me that there's any need to do that? What prevents you from installing a supported version of ClamAV? Now that you've announced to the whole world that you're begging to be shafted, rather than run ridiculously old code of dubious utilty with published vulnerabilites [*] would it not be better, even, not to run it at all, and instead do something else (or several something elses) about your security which would in any case be much more effective? [*] See for example http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=clamav -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] using older clients to download from internal clam proxy
James, Thanks for your email. ClamAV definitions won’t even work on those older versions anymore. The Flevel for the main.cvd and daily.cvd are now set higher than that, so those systems shouldn’t be able to load the newer definitions. — Sent from my iPad > On Dec 2, 2021, at 11:08, novpenguincne via clamav-users > wrote: > > > To facilitate bandwidth issues, I've set up an internal clam proxy server on > SLES15 running the 103.x client. I have successfully connected to it using a > different SLES15 box also running the 103.x client and downloaded updates to > it. > > However, I still have an older SLES11 box running the 98.x client. Due to > extenuating circumstances, this box is not a candidate for an o/s upgrade. I > also know from CLAM documentation that clients older than 100.x are no longer > supported. But I would still like to have some a/v on this box until its > retirement so I was trying to have it download from the proxy server as well. > > When I first attempted, it failed because it was trying to download main.cld > which didn't exist on the proxy. So I turned off "scripted updates" on both > the proxy and the target SLES11 box which is now forcing everything to use > cvd files only. But now when I run freshclam on the SLES11 box, I'm getting > different errors. It downloads the daily.cvd successfully. Then it tries to > load signatures from daily.cvd. And then I get a sequence of errors: > > ERROR: During database Load > WARNING: [LibClamAV] cli_ac_addsig: Signature for > Win.Backdoor.SystemBC-9885562-0 is too short > ERROR: Failed to load new database: Malformed database > WARNING: Database load exited with status 55 > ERROR: Failed to load new database > > Do I need to make a change in the freshclam.conf to get this to work? Or is > it a matter of the 98.x client unable to read datafiles designed for 103.x > clients? > > James > > > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] using older clients to download from internal clam proxy
To facilitate bandwidth issues, I've set up an internal clam proxy server on SLES15 running the 103.x client. I have successfully connected to it using a different SLES15 box also running the 103.x client and downloaded updates to it. However, I still have an older SLES11 box running the 98.x client. Due to extenuating circumstances, this box is not a candidate for an o/s upgrade. I also know from CLAM documentation that clients older than 100.x are no longer supported. But I would still like to have some a/v on this box until its retirement so I was trying to have it download from the proxy server as well. When I first attempted, it failed because it was trying to download main.cld which didn't exist on the proxy. So I turned off "scripted updates" on both the proxy and the target SLES11 box which is now forcing everything to use cvd files only. But now when I run freshclam on the SLES11 box, I'm getting different errors. It downloads the daily.cvd successfully. Then it tries to load signatures from daily.cvd. And then I get a sequence of errors: ERROR: During database Load WARNING: [LibClamAV] cli_ac_addsig: Signature for Win.Backdoor.SystemBC-9885562-0 is too short ERROR: Failed to load new database: Malformed database WARNING: Database load exited with status 55 ERROR: Failed to load new database Do I need to make a change in the freshclam.conf to get this to work? Or is it a matter of the 98.x client unable to read datafiles designed for 103.x clients? James ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml