from:"Dino Edwards"

[clamav-users] ignore yara rule

2022-04-12 Thread Dino Edwards via clamav-users

Hi,

Using clamav-unofficial-signatures and I'm trying to ignore a yara rule due to 
many FPs. The blocked message refers to the 
YARA.invalid_trailer_structure.UNOFFICIAL as the offending signature. However, 
entering any of following in local.ign2 file, clamav ignores it and keeps 
blocking:

YARA.invalid_trailer_structure

Any idea what I'm doing wrong here?

thanks


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ?/run/clamav?: File exists

2018-10-18 Thread Dino Edwards

I already did that before I posted that I couldn't find it. Probably missed it, 
regardless the issue has been resolved. 

http://lists.clamav.net/pipermail/clamav-users/2018-October/thread.html

Thanks for trying.

Dino

-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
G.W. Haywood
Sent: Thursday, October 18, 2018 8:22 AM
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ?/run/clamav?: 
File exists

Hi there,

On Wed, 17 Oct 2018, Dino Edwards wrote:

> I got a response from someone about this error but I can?t seem to 
> find their email.

Sigh.  That would have been from me:

Date: Wed, 10 Oct 2018 19:06:07 +0100 (BST)
From: G.W. Haywood 
To: clamav-users@lists.clamav.net
Subject: Re: /bin/mkdir: cannot create directory ?/run/clamav?: File exists

Check the list archives.  I'm not going to give you a direct link to the post 
here because I want you to do some work, and in the process teach yourself 
something about mailing lists.

-- 

73,
Ged.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-17 Thread Dino Edwards

Ok thanks! You really need to work on your social skills though. Here's how 
NORMAL people (i.e. people NOT in the autistic spectrum) would have handled 
this:

YOU:
"Hey I noticed the "-" prefix in "ExecStartPre=-/bin/mkdir /run/clamav" line. 
This does not indicate a problem, but rather a warning letting you know that 
the directory already exists. You don't have anything to worry about"

ME:
"Thanks! I appreciate you looking at it. You are awesome!"

See? It's simple. Just don't be a dick! Give it a try.

Thanks again!

Dino






-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net] 
Sent: Wednesday, October 17, 2018 1:08 PM
To: ClamAV users ML ; Dino Edwards 

Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists



Am 17.10.18 um 18:21 schrieb Dino Edwards:
> ExecStartPre=-/bin/mkdir /run/clamav
> ExecStartPre=/bin/chown clamav /run/clamav

you don't get an error, an error is when the service don't start

"If I delete the /var/run/clamav directory, I don’t get the error, but if I 
restart clamd again I get the error again. I’m not sure what the problem is" - 
idiot there is no problem

"ExecStartPre=-/bin/mkdir /run/clamav" is prefixed with - so that the service 
don't fail in case the directory exists and "mkdir" natuarlly fails when a 
directory already exists

when you delete the directory - guess what - it get created and no warning - 
frankly this is not a clamav topic at all but lack of basic understanding of 
your system
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-17 Thread Dino Edwards

Hi Kris thanks for trying to help,

Here you go:

dpkg -L clamav-daemon |grep system

/lib/systemd
/lib/systemd/system
/lib/systemd/system/clamav-daemon.service

cat /lib/systemd/system/clamav-daemon.service

[Unit]
Description=Clam AntiVirus userspace daemon
Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/
# Check for database existence
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}

[Service]
ExecStart=/usr/sbin/clamd --foreground=true
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
StandardOutput=syslog

[Install]
WantedBy=multi-user.target

cd /etc/systemd/system/clamav-daemon.service.d
root@hermes:/etc/systemd/system/clamav-daemon.service.d# ls
extend.conf
root@hermes:/etc/systemd/system/clamav-daemon.service.d# cat extend.conf
[Service]
ExecStartPre=-/bin/mkdir /run/clamav
ExecStartPre=/bin/chown clamav /run/clamav



-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
Kris Deugau
Sent: Wednesday, October 17, 2018 10:38 AM
To: ClamAV users ML 
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists

Dino Edwards wrote:
> Answering my own question on the /var/run and the /run directories. 
> There is a link between the two, I just didn’t go up a level in the 
> directory structure. The question about the error still remains though.

The chown and mkdir look a bit suspect to me;  I'm not seeing anything like 
that in the Debian packages (which should be mostly the same in Ubuntu).  What 
I *do* see in one of the stock files
(/lib/systemd/system/clamav-daemon.socket) is this stanza:

[Socket]
ListenStream=/run/clamav/clamd.ctl
#ListenStream=127.0.0.1:1024
SocketUser=clamav
SocketGroup=clamav
RemoveOnStop=True

which if I understand correctly, implies that clamd on this system is using 
systemd's socket creation/handling voodoo rather than doing so itself.

Can you post:

- Output from  "dpkg -L clamav-daemon |grep system"

- Contents of any .service or .socket files from the above list

- Contents of any files in /etc/systemd/system/clamav-daemon.service.d


> Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; 
> vendor preset: enabled)
> 
>    Drop-In: /etc/systemd/system/clamav-daemon.service.d
> 
>     └─extend.conf

This seems to indicate that you're not using the stock systemd service 
definitions from Ubuntu/Debian upstream.

-kgd
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-17 Thread Dino Edwards

@ GBlorst Thanks for the heads up. I’m going to try and stop feeding the troll.

From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of
Sent: Wednesday, October 17, 2018 10:47 AM
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists

Hi, Dino.

Reindl is a scared little boy. This is normal behavior for him. He has low-self 
esteem and needs to make his little boy self feel better. Don't worry about him.
Ignore him and he will go away!

He has been banned from many lists for his childish behavior!

Bye Bye Reindl.

GBlorst

How about you contribute something of value to this discussion instead of a 
link about how this was added in Linux 7 years ago so you can show everyone how 
clever you are.

Do I really need to know the history of this change? No, I was able to figure 
it out and I posted that with my 2nd post.

The main issue still remains, "/bin/mkdir: cannot create directory 
‘/run/clamav’: File exists". Do you have any insight on that? I'm thinking no?

Thanks

-Original Message-

From: Reindl Harald [mailto:h.rei...@thelounge.net]

Sent: Wednesday, October 17, 2018 8:29 AM

To: ClamAV users ML 
<mailto:clamav-users@lists.clamav.net>; Dino 
Edwards <mailto:dino.edwa...@mydirectmail.net>

Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists

Take your old mailboxes with you. Free, fast and secure: eclipso Mail & 
Cloud<https://www.eclipso.eu>. Time to change!.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-17 Thread Dino Edwards

Get real. When I and others called you out, you decided to put a little more 
detail to cover the obvious fact that you were just trying to be a dick.

The important thing you fail to understand that I did NOT write the script to 
start the service. So any "mkdir/chown dance" as you put it, was NOT done by 
me, but rather the package maintainer. This USED to work in previous 
Ubuntu/clamd version, now it no longer works. So, I'm trying to figure out why 
it's not working and if I should bring this up in the appropriate Ubuntu forum.

Your link and "contribution" continues to be void of any value and substance in 
this discussion.

So, I'm going to stop feeding this troll.




-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net] 
Sent: Wednesday, October 17, 2018 11:39 AM
To: ClamAV users ML ; Dino Edwards 
; gblo...@eclipso.eu
Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists



Am 17.10.18 um 14:33 schrieb Dino Edwards:
> How about you contribute something of value to this discussion instead of a 
> link about how this was added in Linux 7 years ago so you can show everyone 
> how clever you are. 

i contributed the link which explains how these folders are supposed to get 
created at boot and any mkdir/chown dance is plain wrong - it's not my fault 
that you don't recognize input when you get it 
https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html

and if one insists in "ExecStartPre=/bin/mkdir /run/clamav" he should make it 
proper as "ExecStartPre=-/bin/mkdir /run/clamav" which don't fail the whole 
service in case the directory already exists

> -Original Message-
> From: Reindl Harald [mailto:h.rei...@thelounge.net]
> Sent: Wednesday, October 17, 2018 8:29 AM
> To: ClamAV users ML ; Dino Edwards 
> 
> Subject: Re: [clamav-users] /bin/mkdir: cannot create directory 
> ‘/run/clamav’: File exists
> 
> 
> Am 17.10.18 um 13:12 schrieb Dino Edwards:
>> Good morning? 
> 
> what about read posted links and don't strip context?
> 
> /run was introduced 7 years ago and the discussion about it made it to 
> every it news portal and that's what i mean when somebody is surprised 
> that /run is a tmpfs available at early boot which also means you need 
> to make sure folders there are created at boot
> 
> https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html
> 
>> Am 16.10.18 um 19:12 schrieb Dino Edwards:
>>> good morning in 2018
> 
> 
>  Weitergeleitete Nachricht 
> 
> Am 16.10.18 um 19:12 schrieb Dino Edwards:
>> Answering my own question on the /var/run and the /run directories.
>> There is a link between the two
> good morning in 2018
> 
> http://www.h-online.com/open/news/item/Linux-distributions-to-include-
> run-directory-1219006.html
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-17 Thread Dino Edwards

How about you contribute something of value to this discussion instead of a 
link about how this was added in Linux 7 years ago so you can show everyone how 
clever you are. 

Do I really need to know the history of this change? No, I was able to figure 
it out and I posted that with my 2nd post. 

The main issue still remains, "/bin/mkdir: cannot create directory 
‘/run/clamav’: File exists". Do you have any insight on that? I'm thinking no?

Thanks





-Original Message-
From: Reindl Harald [mailto:h.rei...@thelounge.net] 
Sent: Wednesday, October 17, 2018 8:29 AM
To: ClamAV users ML ; Dino Edwards 

Subject: Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: 
File exists



Am 17.10.18 um 13:12 schrieb Dino Edwards:
> Good morning? 

what about read posted links and don't strip context?

/run was introduced 7 years ago and the discussion about it made it to every it 
news portal and that's what i mean when somebody is surprised that /run is a 
tmpfs available at early boot which also means you need to make sure folders 
there are created at boot

https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html

> Am 16.10.18 um 19:12 schrieb Dino Edwards:
>> good morning in 2018


 Weitergeleitete Nachricht 

Am 16.10.18 um 19:12 schrieb Dino Edwards:
> Answering my own question on the /var/run and the /run directories.
> There is a link between the two
good morning in 2018

http://www.h-online.com/open/news/item/Linux-distributions-to-include-run-directory-1219006.html
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-17 Thread Dino Edwards

Good morning? 

Am 16.10.18 um 19:12 schrieb Dino Edwards:
> good morning in 2018

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-16 Thread Dino Edwards

Answering my own question on the /var/run and the /run directories. There is a 
link between the two, I just didn’t go up a level in the directory structure. 
The question about the error still remains though.


Hello,

I’m getting the following error on clamav on Ubuntu 16.04 LTS when I look at 
the service status:

Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor 
preset: enabled)
  Drop-In: /etc/systemd/system/clamav-daemon.service.d
   └─extend.conf
   Active: active (running) since Tue 2018-10-09 12:12:22 EDT; 4s ago
 Docs: man:clamd(8)
   man:clamd.conf(5)
   https://www.clamav.net/documents/
  Process: 14202 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, 
status=0/SUCCESS)
  Process: 14199 ExecStartPre=/bin/mkdir /run/clamav (code=exited, 
status=1/FAILURE)
Main PID: 14207 (clamd)
Tasks: 1
   Memory: 225.1M
  CPU: 3.902s
   CGroup: /system.slice/clamav-daemon.service
   └─14207 /usr/sbin/clamd --foreground=true

Oct 09 12:12:22 hermes systemd[1]: Starting Clam AntiVirus userspace daemon...
Oct 09 12:12:22 hermes systemd[1]: Started Clam AntiVirus userspace daemon.
Oct 09 12:12:22 hermes mkdir[14199]: /bin/mkdir: cannot create directory 
‘/run/clamav’: File exists

I got a response from someone about this error but I can’t seem to find their 
email. One thing I noticed is that the clamd.conf file sets the “LocalSocket” 
to the  “/var/run/clamav” directory, however the error refers to the 
“/run/clamav” directory. I don’t see a symlink for those two directories, but 
the clamd.ctl file looks like the exact same file in both directories. If I 
delete the /var/run/clamav directory, I don’t get the error, but if I restart 
clamd again I get the error again. I’m not sure what the problem is, and I hope 
someone can help.

Thanks a lot




___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-16 Thread Dino Edwards

Hello,

I’m getting the following error on clamav on Ubuntu 16.04 LTS when I look at 
the service status:

Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor 
preset: enabled)
  Drop-In: /etc/systemd/system/clamav-daemon.service.d
   └─extend.conf
   Active: active (running) since Tue 2018-10-09 12:12:22 EDT; 4s ago
 Docs: man:clamd(8)
   man:clamd.conf(5)
   https://www.clamav.net/documents/
  Process: 14202 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, 
status=0/SUCCESS)
  Process: 14199 ExecStartPre=/bin/mkdir /run/clamav (code=exited, 
status=1/FAILURE)
Main PID: 14207 (clamd)
Tasks: 1
   Memory: 225.1M
  CPU: 3.902s
   CGroup: /system.slice/clamav-daemon.service
   └─14207 /usr/sbin/clamd --foreground=true

Oct 09 12:12:22 hermes systemd[1]: Starting Clam AntiVirus userspace daemon...
Oct 09 12:12:22 hermes systemd[1]: Started Clam AntiVirus userspace daemon.
Oct 09 12:12:22 hermes mkdir[14199]: /bin/mkdir: cannot create directory 
‘/run/clamav’: File exists

I got a response from someone about this error but I can’t seem to find their 
email. One thing I noticed is that the clamd.conf file sets the “LocalSocket” 
to the  “/var/run/clamav” directory, however the error refers to the 
“/run/clamav” directory. I don’t see a symlink for those two directories, but 
the clamd.ctl file looks like the exact same file in both directories. If I 
delete the /var/run/clamav directory, I don’t get the error, but if I restart 
clamd again I get the error again. I’m not sure what the problem is, and I hope 
someone can help.

Thanks a lot




___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

2018-10-09 Thread Dino Edwards

Hello,

I’m getting the following error on clamav on Ubuntu 16.04 LTS when I look at 
the service status:

Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor 
preset: enabled)
  Drop-In: /etc/systemd/system/clamav-daemon.service.d
   └─extend.conf
   Active: active (running) since Tue 2018-10-09 12:12:22 EDT; 4s ago
 Docs: man:clamd(8)
   man:clamd.conf(5)
   https://www.clamav.net/documents/
  Process: 14202 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, 
status=0/SUCCESS)
  Process: 14199 ExecStartPre=/bin/mkdir /run/clamav (code=exited, 
status=1/FAILURE)
Main PID: 14207 (clamd)
Tasks: 1
   Memory: 225.1M
  CPU: 3.902s
   CGroup: /system.slice/clamav-daemon.service
   └─14207 /usr/sbin/clamd --foreground=true

Oct 09 12:12:22 hermes systemd[1]: Starting Clam AntiVirus userspace daemon...
Oct 09 12:12:22 hermes systemd[1]: Started Clam AntiVirus userspace daemon.
Oct 09 12:12:22 hermes mkdir[14199]: /bin/mkdir: cannot create directory 
‘/run/clamav’: File exists

Can someone point me in the right direction?

Thanks


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV for EnterPrise

2017-04-19 Thread Dino Edwards

Thank you Captain Obvious for the outstanding insight. I already answered his 
question so find somebody else to troll

-Original Message-
From: Groach [groachmail-stopspammin...@yahoo.com]
Received: Wednesday, 19 Apr 2017, 2:44PM
To: clamav-users@lists.clamav.net [clamav-users@lists.clamav.net]
Subject: Re: [clamav-users] ClamAV for EnterPrise

It only takes up peoples time of they CHOOSE to want to answer. And if
they choose to answer then they have no right to be annoyed about their
time being used.   If people dont want to answer, or get annoyed by
other posters questions, then they should simply stay away from the
reply button and move on to more important things in their lives. (This
also helps to save reading time for others who get annoyed by people who
get annoyed and waste time telling people they are getting annoyed).

On 19/04/2017 13:30, Dino Edwards wrote:
> or do you just randomly post things to take up people's time
>
>
>
> -Original Message-
> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf 
> Of crazy thinker
> Sent: Wednesday, April 19, 2017 8:20 AM
> To: ClamAV users ML<clamav-users@lists.clamav.net>
> Subject: Re: [clamav-users] ClamAV for EnterPrise
>
> @Joel
>
> That Sounds good  but ClamAV is OpenSource.. how can we use it in Commercial 
> Product ?

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV for EnterPrise

2017-04-19 Thread Dino Edwards

 I already gave you an answer about going with a commercial product, even 
gave you a recommendation. Are you stuck on ClamAV and insisting on somehow 
integrating it in an enterprise setting which was not designed to do by itself 
or do you just randomly post things to take up people's time or do you not 
understand?



-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
crazy thinker
Sent: Wednesday, April 19, 2017 8:20 AM
To: ClamAV users ML 
Subject: Re: [clamav-users] ClamAV for EnterPrise

@Joel

That Sounds good  but ClamAV is OpenSource.. how can we use it in Commercial 
Product ?

On 19 April 2017 at 17:07, Joel Esler (jesler)  wrote:

> All --
>
> ClamAV does not have any plans on making an enterprise version or 
> management console. We make a commercial product for that, which also 
> uses ClamAV in its engine.
>
> I think that settles the conversation.
>
> --
> Sent from my iPhone
>
> > On Apr 19, 2017, at 04:08, Reindl Harald  wrote:
> >
> >
> >
> >> Am 19.04.2017 um 07:16 schrieb crazy thinker:
> >> @G.W Haywood..
> >> it would be sounds good if you speak  in polite way.. evey one can 
> >> bark
> on
> >> others.. but that is not solution here. i hope you understand well
> >
> > that was polite after following your posts for some days now
> >
> >>> On 19 April 2017 at 02:00, G.W. Haywood 
> >>> 
> wrote:
> >>> Hi there,
> >>>
> >>> On Tue, 18 Apr 2017, crazy thinker wrote:
> >>>
> >>>  - I am looking for  below features in Enterprise Environment
>   -
>   - *Antivirus/Antispyware*
>   - *Desktop Firewall*
>   - *Intrusion Prevention*
>   - *Browser Protection*
>   - *Antivirus for Mac & Linux*
>   - *Device & Application Control*
>   - *Virtualization Features*
>   - *Centralized and Granular Policy Management*
> 
> >>>
> >>> The more questions you ask on this and the development list, the 
> >>> more painfully obvious it becomes to me that you have no idea what 
> >>> you are talking about.  The list which you have provided above is 
> >>> garbage; if you took that to a commercial supplier they would 
> >>> probably fall about laughing after they have sold you a lot of 
> >>> useless junk and shown you out of the door.
> >>>
> >>> The best thing you can do is get yourself some good training, so 
> >>> that you will become capable of making rational decisions based on 
> >>> sound (and not crazy) thinking.  You should expect the training, 
> >>> if pursued full-time, to take at least a couple of years to get 
> >>> you to the point where you at least know what a firewall does.  To 
> >>> know how properly to configure one would, if you were no more than 
> >>> an average pupil in the first course, probably take a couple more 
> >>> years.  If this sounds a bit like a batchelor's degree in computer 
> >>> science, that's not far wrong.
> >>>
> >>> The next best thing would be to employ someone competent, but with 
> >>> your current level of understanding I have no idea how you are 
> >>> going to be able to judge the competence of a prospective employee.
> >>>
> >>> To give you a rough idea of what level of skill you should be 
> >>> looking for, I would not allow someone with a new computer science 
> >>> degree to make unsupervised configuration changes to computer 
> >>> defences until he or she had worked for me for at least a few 
> >>> months - probably more like a couple of years - so that I could assess 
> >>> his/her capabilities.
> >>> I managed to get a first class honours degree in engineering in 
> >>> 1976, I've been working with computers for over forty years, and 
> >>> I'm STILL learning new, interesting and sneaky tricks which could 
> >>> easily eat my lunch if I weren't careful.  It's a jungle out there, it 
> >>> really is.
> >>>
> >>> If you plan to risk the livelihoods of employees on your own 
> >>> present computer skills, then I'd have to say I think that is 
> >>> irresponsible, and with the present threat levels simply begging for 
> >>> trouble.
> > ___
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> >
> >
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive

Re: [clamav-users] Need help: clamd stops after starting without any error message

2017-04-19 Thread Dino Edwards

Anything in syslog?



-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
Torge Riedel
Sent: Wednesday, April 19, 2017 4:42 AM
To: clamav-users@lists.clamav.net
Subject: [clamav-users] Need help: clamd stops after starting without any error 
message

Hi,

I'm using clamav on my server (Ubuntu 12.04 LTS) for long time without any 
problem. Now I get messages from amavis that it cannot connect to socket

/var/run/clamav/clamd.ctl

The file exists and the file clamd.pid exists too, but there is no running 
process with this PID.

If I execute

service clamav-daemon start

these two files are updated and a clamd-process is running for some seconds, 
then it stops.

This is all I get in /var/log/clamav/clamav.log:

Wed Apr 19 10:25:11 2017 -> +++ Started at Wed Apr 19 10:25:11 2017 Wed Apr 19 
10:25:11 2017 -> Received 0 file descriptor(s) from systemd.
Wed Apr 19 10:25:11 2017 -> clamd daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, 
CPU: x86_64) Wed Apr 19 10:25:11 2017 -> Running as user clamav (UID 113, GID 
119) Wed Apr 19 10:25:11 2017 -> Log file size limited to 4294967295 bytes.
Wed Apr 19 10:25:11 2017 -> Reading databases from /var/lib/clamav Wed Apr 19 
10:25:11 2017 -> Not loading PUA signatures.
Wed Apr 19 10:25:11 2017 -> Bytecode: Security mode set to "TrustSigned".
Wed Apr 19 10:25:22 2017 -> Loaded 6267692 signatures.
Wed Apr 19 10:25:24 2017 -> LOCAL: Removing stale socket file 
/var/run/clamav/clamd.ctl Wed Apr 19 10:25:24 2017 -> LOCAL: Unix socket file 
/var/run/clamav/clamd.ctl Wed Apr 19 10:25:24 2017 -> LOCAL: Setting connection 
queue length to 15 Wed Apr 19 10:25:24 2017 -> Limits: Global size limit set to 
104857600 bytes.
Wed Apr 19 10:25:24 2017 -> Limits: File size limit set to 26214400 bytes.
Wed Apr 19 10:25:24 2017 -> Limits: Recursion level limit set to 10.
Wed Apr 19 10:25:24 2017 -> Limits: Files limit set to 1.
Wed Apr 19 10:25:24 2017 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Wed Apr 19 10:25:24 2017 -> Limits: MaxHTMLNormalize limit set to 10485760 
bytes.
Wed Apr 19 10:25:24 2017 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Wed Apr 19 10:25:24 2017 -> Limits: MaxScriptNormalize limit set to 5242880 
bytes.
Wed Apr 19 10:25:24 2017 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Wed Apr 19 10:25:24 2017 -> Limits: MaxPartitions limit set to 50.
Wed Apr 19 10:25:24 2017 -> Limits: MaxIconsPE limit set to 100.
Wed Apr 19 10:25:24 2017 -> Limits: MaxRecHWP3 limit set to 16.
Wed Apr 19 10:25:24 2017 -> Limits: PCREMatchLimit limit set to 1.
Wed Apr 19 10:25:24 2017 -> Limits: PCRERecMatchLimit limit set to 5000.
Wed Apr 19 10:25:24 2017 -> Limits: PCREMaxFileSize limit set to 25.
Wed Apr 19 10:25:24 2017 -> Archive support enabled.
Wed Apr 19 10:25:24 2017 -> Algorithmic detection enabled.
Wed Apr 19 10:25:24 2017 -> Portable Executable support enabled.
Wed Apr 19 10:25:24 2017 -> ELF support enabled.
Wed Apr 19 10:25:24 2017 -> Mail files support enabled.
Wed Apr 19 10:25:24 2017 -> OLE2 support enabled.
Wed Apr 19 10:25:24 2017 -> PDF support enabled.
Wed Apr 19 10:25:24 2017 -> SWF support enabled.
Wed Apr 19 10:25:24 2017 -> HTML support enabled.
Wed Apr 19 10:25:24 2017 -> XMLDOCS support enabled.
Wed Apr 19 10:25:24 2017 -> HWP3 support enabled.
Wed Apr 19 10:25:24 2017 -> Self checking every 3600 seconds.

Any help is appreciated. I read the FAQ and googled but did not found any 
helpful solution.

Thanks in advance
Torge
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV for EnterPrise

2017-04-18 Thread Dino Edwards

Maybe give him the benefit of the doubt, although I have to admit his questions 
are suspect at best. Most of the requirements that he's looking for would 
certainly be checked off by a commercial AV vendor (not really sure what 
browser protection means) but most of it should.

-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
G.W. Haywood
Sent: Tuesday, April 18, 2017 4:31 PM
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] ClamAV for EnterPrise

Hi there,

On Tue, 18 Apr 2017, crazy thinker wrote:

>  - I am looking for  below features in Enterprise Environment
>  -
>  - *Antivirus/Antispyware*
>  - *Desktop Firewall*
>  - *Intrusion Prevention*
>  - *Browser Protection*
>  - *Antivirus for Mac & Linux*
>  - *Device & Application Control*
>  - *Virtualization Features*
>  - *Centralized and Granular Policy Management*

The more questions you ask on this and the development list, the more painfully 
obvious it becomes to me that you have no idea what you are talking about.  The 
list which you have provided above is garbage; if you took that to a commercial 
supplier they would probably fall about laughing after they have sold you a lot 
of useless junk and shown you out of the door.

The best thing you can do is get yourself some good training, so that you will 
become capable of making rational decisions based on sound (and not crazy) 
thinking.  You should expect the training, if pursued full-time, to take at 
least a couple of years to get you to the point where you at least know what a 
firewall does.  To know how properly to configure one would, if you were no 
more than an average pupil in the first course, probably take a couple more 
years.  If this sounds a bit like a batchelor's degree in computer science, 
that's not far wrong.

The next best thing would be to employ someone competent, but with your current 
level of understanding I have no idea how you are going to be able to judge the 
competence of a prospective employee.

To give you a rough idea of what level of skill you should be looking for, I 
would not allow someone with a new computer science degree to make unsupervised 
configuration changes to computer defences until he or she had worked for me 
for at least a few months - probably more like a couple of years - so that I 
could assess his/her capabilities.
I managed to get a first class honours degree in engineering in 1976, I've been 
working with computers for over forty years, and I'm STILL learning new, 
interesting and sneaky tricks which could easily eat my lunch if I weren't 
careful.  It's a jungle out there, it really is.

If you plan to risk the livelihoods of employees on your own present computer 
skills, then I'd have to say I think that is irresponsible, and with the 
present threat levels simply begging for trouble.

-- 

73,
Ged.
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV for EnterPrise

2017-04-18 Thread Dino Edwards

If you are looking for all these features you are going to have to go with a 
commercial offering. For example, Eset is decent lightweight and reasonably 
priced. Their management tools are very good also.

https://www.eset.com/us/business/



-Original Message-
From: crazy thinker [crazythinke...@gmail.com]
Received: Tuesday, 18 Apr 2017, 6:44AM
To: ClamAV users ML [clamav-users@lists.clamav.net]
Subject: Re: [clamav-users] ClamAV for EnterPrise

   -
   - I am looking for  below features in Enterprise Environment
   -
   - *Antivirus/Antispyware*
   - *Desktop Firewall*
   - *Intrusion Prevention*
   - *Browser Protection*
   - *Antivirus for Mac & Linux*
   - *Device & Application Control*
   - *Virtualization Features*
   - *Centralized and Granular Policy Management*
   -

   -


On 18 April 2017 at 16:01, Dino Edwards <dino.edwa...@mydirectmail.net>
wrote:

> What do you mean by that exactly? What features are you looking for?
>
>
>
> -Original Message-
> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On
> Behalf Of crazy thinker
> Sent: Tuesday, April 18, 2017 6:29 AM
> To: ClamAV users ML <clamav-users@lists.clamav.net>; ClamAV Development <
> clamav-de...@lists.clamav.net>
> Subject: [clamav-users] ClamAV for EnterPrise
>
> Hi ClamAV Developers, ClamAV Users
>
>
> I have refered ClamAV Docs but i could find any info to set up clamav in
> Business Environment. i have a small business office  where 50-75 employees
> are working
>
> Could anyone of you please help me in this?
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV for EnterPrise

2017-04-18 Thread Dino Edwards

What do you mean by that exactly? What features are you looking for?

-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
crazy thinker
Sent: Tuesday, April 18, 2017 6:29 AM
To: ClamAV users ML ; ClamAV Development 

Subject: [clamav-users] ClamAV for EnterPrise

Hi ClamAV Developers, ClamAV Users

I have refered ClamAV Docs but i could find any info to set up clamav in 
Business Environment. i have a small business office  where 50-75 employees are 
working

Could anyone of you please help me in this?
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Heuristics.Encrypted.PDF

2017-04-15 Thread Dino Edwards

We seem to be getting a lot of false positives with the following message:

INFECTED, message contains virus: Heuristics.Encrypted.PDF

The reason I know they are false positives is because when looking at the 
attached PDFs, there is no passwords set on them. The simple answer would be to 
simply set ArchiveBlockEncrypted to false, however that's not a good solution. 
We need ArchiveBlockEncrypted enabled to block potential malware but we need to 
somehow stop these false positives.

Our clamav version is ClamAV 0.99.2


Thanks


Dino Edwards
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] password protected encrypted .docx files

2017-04-05 Thread Dino Edwards

Didn't realize the ArchiveblockEncrypted included MS Word files. I thought it 
would be for password protected zip rar and such

-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of 
Benny Pedersen
Sent: Wednesday, April 5, 2017 11:22 AM
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] password protected encrypted .docx files

Dino Edwards skrev den 2017-04-05 16:48:
> Any way to get clamav to block password protected Microsoft word files?

Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf (it's off by 
default)

if not working pastebin your clamconf (clamav section only) 
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] password protected encrypted .docx files

2017-04-05 Thread Dino Edwards

Any way to get clamav to block password protected Microsoft word files?

Thanks


___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] ignore yara rule

Re: [clamav-users] /bin/mkdir: cannot create directory ?/run/clamav?: File exists

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

[clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

Re: [clamav-users] ClamAV for EnterPrise

Re: [clamav-users] ClamAV for EnterPrise

Re: [clamav-users] Need help: clamd stops after starting without any error message

Re: [clamav-users] ClamAV for EnterPrise

Re: [clamav-users] ClamAV for EnterPrise

Re: [clamav-users] ClamAV for EnterPrise

[clamav-users] Heuristics.Encrypted.PDF

Re: [clamav-users] password protected encrypted .docx files

[clamav-users] password protected encrypted .docx files

20 matches

Site Navigation

Mail list logo

Footer information