Hi,
I need a bit of a clarification regarding
clamscan --version. I don't know if I'm going
crazy or what, but I did a clamscan --version,
and it showed yesterday's date, which I assumed
it meant the date of compilation.
But I *don't* even remember compiling it yeserday.
ClamAV 0.83/837/Sun Apr
On Mon, 18 Apr 2005 16:15:15 +0800 cc wrote:
Hi,
I need a bit of a clarification regarding
clamscan --version. I don't know if I'm going
crazy or what, but I did a clamscan --version,
and it showed yesterday's date, which I assumed
it meant the date of compilation.
But I *don't* even
I am always running on FreeBSD (4.11 and 5.4) if that matters.
I am only wondering if anyone has managed to successfully compile
Clamav from CVS, or even the snapshot-20050417 at all.
My normal built methods do fail when I do 'make'.
I don't see anything in the ChangeLog to help me get out of
On Mon, 2005-04-18 at 13:50 +0300, Odhiambo Washington wrote:
I am always running on FreeBSD (4.11 and 5.4) if that matters.
I am only wondering if anyone has managed to successfully compile
Clamav from CVS, or even the snapshot-20050417 at all.
My normal built methods do fail when I do
On Friday 15 Apr 2005 23:46, Carl Thompson wrote:
*** REPLY SEPARATOR ***
On 4/15/2005 at 5:49 PM Nigel Horne wrote:
*** REPLY SEPARATOR ***
On 4/15/2005 at 3:58 PM Nigel Horne wrote:
On Friday 15 Apr 2005 15:56, Carl Thompson wrote:
Didi Rieder [EMAIL PROTECTED] wrote:
the virus Worm.Mytob.A is not recognized by clamav 0.83 on Sparc
Solaris 9.
[EMAIL PROTECTED] root]# clamscan --version
ClamAV 0.83/837/Sun Apr 17 17:25:32 2005
[EMAIL PROTECTED] root]# clamscan /tmp/ENTIRE_MESSAGE
/tmp/ENTIRE_MESSAGE: OK
Have you
Arnaud Huret [EMAIL PROTECTED] wrote:
As we are experimenting ClamAV, we still maintain during evaluation
period a second (and historic) defense line with TrendMicro
VirusWall which we plan to abandon shortly. I observed that
VirusWall (the second line defense) reported 8 hits on
[EMAIL PROTECTED] wanted us to know:
Hello
Please, we have seen this in one of our servers:
qscand 20687 13.4 0.0 19528 936 ?RApr13 389:37
/usr/local/clamav/bin/clamscan --verbose --debug
/var/spool/qmailscan/tmp/servername111342211948731875
Turn off --debug.
Any one have seen
On Mon, 18 Apr 2005, Trog wrote:
; On Mon, 2005-04-18 at 13:50 +0300, Odhiambo Washington wrote:
; I am always running on FreeBSD (4.11 and 5.4) if that matters.
; I am only wondering if anyone has managed to successfully compile
; Clamav from CVS, or even the snapshot-20050417 at all.
;
; My
Arnaud Huret wrote:
If detecting broken executables is the problem, then:
[snip]
#DisableDefaultScanOptions
##
## Executable files
##
ScanPE
DetectBrokenExecutables
[snip]
does not enable detecting them. Why? because you have to uncomment
DisableDefaultScanOptions to enable or
On Mon, 18 Apr 2005 14:10:35 -0500
René Berber [EMAIL PROTECTED] wrote:
does not enable detecting them. Why? because you have to uncomment
DisableDefaultScanOptions to enable or disable the other options; even
if you have DetectBrokenExecutables uncommented the default value of
disabled is
I'm running clamav with clamav-milter on two nearly identical sendmail
systems: Solaris 8 on Ultrasparc, compiled with gcc 3.4.0,, sendmail is
8.13.4 . (The only difference between the two sendmails is one has SMTP AUTH
and SSL, the other doesn't). Clamav-milter runs with these options:
Tomasz Kojm wrote:
On Mon, 18 Apr 2005 14:10:35 -0500
René Berber [EMAIL PROTECTED] wrote:
does not enable detecting them. Why? because you have to uncomment
DisableDefaultScanOptions to enable or disable the other options; even
if you have DetectBrokenExecutables uncommented the default
SNIP
As we are experimenting ClamAV, we still maintain during evaluation period
a second (and historic) defense line with TrendMicro VirusWall which we
plan to abandon shortly. I observed that VirusWall (the second line
defense) reported 8 hits on (SomeFool) Worm.Netsky.P .Y .and .W.
I used to
René Berber wrote:
Tomasz Kojm wrote:
On Mon, 18 Apr 2005 14:10:35 -0500
René Berber [EMAIL PROTECTED] wrote:
does not enable detecting them. Why? because you have to uncomment
DisableDefaultScanOptions to enable or disable the other options; even
if you have DetectBrokenExecutables uncommented
On Mon, 18 Apr 2005 14:39:02 -0500
René Berber [EMAIL PROTECTED] wrote:
Tomasz Kojm wrote:
On Mon, 18 Apr 2005 14:10:35 -0500
René Berber [EMAIL PROTECTED] wrote:
does not enable detecting them. Why? because you have to uncomment
DisableDefaultScanOptions to enable or disable the
On Tue, 19 Apr 2005 06:22:31 +1000
Owen [EMAIL PROTECTED] wrote:
I used to get the same thing when I set up Clamav. I will point out
that I run Clamav for Windows and call clamscan.exe, not clamdscan.
I have a pretty low volume mail server so the overhead is ot a
concern to me. The
On Mon, Apr 18, 2005 at 02:39:02PM -0500, René Berber said:
Tomasz Kojm wrote:
On Mon, 18 Apr 2005 14:10:35 -0500
René Berber [EMAIL PROTECTED] wrote:
does not enable detecting them. Why? because you have to uncomment
DisableDefaultScanOptions to enable or disable the other options;
Stephen Gran wrote:
[snip]
This option is by default disabled, and is not part of the set
DefaultScanOptions. If you see Default: enabled, it is a member of
the set. Does that make it more clear?
So the OP has a correct configuration but his setup seems to not detect broken
executables...
So the OP has a correct configuration but his setup seems to not detect broken
executables...
Back to the original problem. Is Simon's answer the cause (only broken PE
headers are detected not broken somewhere else executables)?
--
René Berber
As the config seems to be OK (or at least
On Monday 18 Apr 2005 20:22, Christopher X. Candreva wrote:
I'm running clamav with clamav-milter on two nearly identical sendmail
systems: Solaris 8 on Ultrasparc, compiled with gcc 3.4.0,, sendmail is
8.13.4 . (The only difference between the two sendmails is one has SMTP AUTH
and SSL,
Quoting Simon [EMAIL PROTECTED]:
Didi Rieder [EMAIL PROTECTED] wrote:
the virus Worm.Mytob.A is not recognized by clamav 0.83 on Sparc
Solaris 9.
[EMAIL PROTECTED] root]# clamscan --version
ClamAV 0.83/837/Sun Apr 17 17:25:32 2005
[EMAIL PROTECTED] root]# clamscan /tmp/ENTIRE_MESSAGE
On Monday 18 Apr 2005 22:23, Didi Rieder wrote:
Didi Rieder [EMAIL PROTECTED] wrote:
the virus Worm.Mytob.A is not recognized by clamav 0.83 on Sparc
Solaris 9.
[EMAIL PROTECTED] root]# clamscan --version
ClamAV 0.83/837/Sun Apr 17 17:25:32 2005
[EMAIL PROTECTED] root]# clamscan
Hi All,
We've had some problems with ligitimate bounces coming
from qmail that contain one text/plain mime part. This
single mime part contains some error information and
then the original raw infected mail in MIME format.
We scan emails on a part by part basis, so clam was
given the text/plain
René Berber [EMAIL PROTECTED] wrote:
So the OP has a correct configuration but his setup seems to not
detect broken executables...
Back to the original problem. Is Simon's answer the cause (only
broken PE headers are detected not broken somewhere else executables)?
It really depends on
On Mon, 18 Apr 2005, Nigel Horne wrote:
-ol local:/var/clamav/clmilter.sock
Try it without the -o option.
Didn't help.
Why are you using -o anyway?
Machine runs a web server, I want to scan anything possibly generated by a
buggy/compromised cgi-script, web mail,
26 matches
Mail list logo
