Hi,
We've been running ClamAV successfully for years. Recently, I added a URL to
our local.gdb database to block a malicious URL. When I send a test message
containing this URL through an MX server, it does not detect the URL:
Jan 26 07:13:17 andrew-mx-t01 clamd[31673]:
OH, I see what you are saying. Sorry about that. Let me look into this.
On Jan 26, 2015, at 6:41 AM, Walter Bürger walter.buer...@arscons.de wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Remarkable,
I can see my last mail to the list on
—
Dan Langille
Infrastructure Operations
Talos Group
Sourcefire, Inc.
On Jan 26, 2015, at 9:19 AM, Joel Esler (jesler) jes...@cisco.com wrote:
OH, I see what you are saying. Sorry about that. Let me look into this.
On Jan 26, 2015, at 6:41 AM, Walter Bürger walter.buer...@arscons.de
Hi Steve,
Thanks for the suggestion. I didn't know clamdscan existed. Indeed, that
seems to work also:
[root@andrew-mx-t01 phish]# clamdscan ./phish_test.txt
./phish_test.txt: Heuristics.Phishing.URL.Blacklisted FOUND
--- SCAN SUMMARY ---
Infected files: 1
Time: 0.017 sec (0
Alright, so after our awesome ops team looked into this for me, looks like we
are archiving email in two places. So our current plan is to eliminate this
redundancy. We are looking at what we need to fix (in terms of links,
templates, etc) to move all the communication over to the mailing
Hi Dave,
I am wondering what happens if you use clamdscan on your phish_test file?
Steve
On Mon, Jan 26, 2015 at 7:42 AM, Dave McMurtrie dav...@andrew.cmu.edu
wrote:
Hi,
We've been running ClamAV successfully for years. Recently, I added a URL
to our local.gdb database to block a
Yes, you can enable debugging in clamd by uncommenting the following line
in you clamd.conf:
#Debug yes
I usually run clamd in foreground when debugging. This is done by
uncommenting:
#Foreground yes
Steve
On Mon, Jan 26, 2015 at 11:31 AM, Dave McMurtrie dav...@andrew.cmu.edu
wrote:
Hi
Can you give me a 256 of a couple samples?
On Jan 26, 2015, at 1:08 PM, Wagner De Queiroz wagnerdequei...@gmail.com
wrote:
Dear users. I receive new viruses (Brazilian malware trojans) all day, and
I submit to clamav, but my submissions never appear at virus list. I like
to suggest at
The documentation in freshclam.conf for private mirrors says:
# This option allows you to easily point freshclam to private mirrors.
# If PrivateMirror is set, freshclam does not attempt to use DNS
# to determine whether its databases are out-of-date, instead it will
# use the If-Modified-Since
Dear users. I receive new viruses (Brazilian malware trojans) all day, and
I submit to clamav, but my submissions never appear at virus list. I like
to suggest at clamav page to submit files a kind of verify the upload
sha256 or md5sum like virustotal website does to know if the submission are
new
On Mon, Jan 26, 2015 at 08:26AM, Joel Esler (jesler) wrote:
We are looking at what we need to fix (in terms of links, templates, etc) to
move all the communication over to the mailing list archives and eliminate
the separate need for “lurker”.
But as I said before, I need to be able to
No iptables !Thanks for your advice, I think I will do as you say, I will use a
wget to update my client dataBase and not the binary freshclam...
De : Del Monte Paolo paolo.delmo...@eng.it
À : ClamAV users ML clamav-users@lists.clamav.net
Envoyé le : Lundi 26 janvier 2015 11h15
Objet :
Sorry for my bad english.
My server : 192.168.0.200 (Debian)My client : 192.168.0.10 (Ubuntu)No VLAn, on
the same network.
My client can access on clamAV repository with url
http://192.168.0.200/my_repository and it can download with wget
http://192.168.0.200/my_repository/main.cvd;.
On my
Ok but it's interesting to know as the refresh is scheduled from your client to
your repository as configured on flaschclam conf file. Can u get more
information about the warning? How the update script works? It perform finally
a scp wget ftp...?
Maybe freshclam is designed to work with the
Hi,
I need help to configure freeshclam.conf on a client with a local server.
On my local server, i use clamdownloader.pl by Frederic Vanden Poel
I've downloaded the clamAV update in my webserver Repository and the script
works fine. I can see the *.cvd file with url :
Have you gone through all the documentation on Private Mirrors
http://www.clamav.net/doc/mirrors-private?
-Al-
On Mon, Jan 26, 2015 at 12:43AM, stef stef wrote:
Hi,
I need help to configure freeshclam.conf on a client with a local server.
On my local server, i use clamdownloader.pl by
Yes, I use this documentation to use the clamdownloader.pl script (and it
works)On this documentation, it's just specify DatabaseMirror machine1.mylan
And with my server URL (http://IP/my_repository) on my client freshclam.conf,
it don't work :(
Thanks for your help
De : Al Varnell
I'm on a local network, without proxy. When the client does : wget
http://mirror private_ip/my_repository/main.cvd, it works fine.
My server web is used for other services and I need to use a specific directory
(http://mirror ip/my_repository/main.cvd) and not the clamAv repository...
De
Do u resolv your local mirror server from the client?
-Messaggio originale-
Da: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] Per conto di
stef stef
Inviato: lunedì 26 gennaio 2015 10.29
A: ClamAV users ML
Oggetto: Re: [clamav-users] R: Need help to use a local server for
Hi Stef,
Are u sure that the main cvd file is present in your repository? If yes you
should check with attention the warning message. It sound like a permission or
network problems (proxy?).
You can perform a connection attempt in this simple way from your linux server:
wget http://mirror
It's not clear to me if u attempled a wget on your mirror server.
Secondary why do u configure as a prmary mirror a server in your vlan? Can u
check pls how the clamdownloader.pl script works? E.g. it perform a ftp a scp
U should simply put a debugger set -x in the head of your downloader
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Remarkable,
I can see my last mail to the list on
https://www.mail-archive.com/clamav-users@lists.clamav.net/msg40573.html
but not on
http://lurker.clamav.net/list/clamav-users.html
Best regards,
Walter.
On 01/26/15 11:54, Walter Bürger wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi all,
same here:
- From http://lurker.clamav.net/list/clamav-virusdb.en.html
I am missing:
19953
19955
19957-19961
19963-19965
19969-19970
19973
19976
Best regards,
Walter.
On 01/26/15 05:02, Al Varnell wrote:
Joel,
Thanks for getting back
23 matches
Mail list logo