Am 28.03.2017 um 23:02 schrieb Antonio Pavletich:
Thanks for the tip, I found the issue, it was that clamav-daemon was
running out of memory, crashing & serviced was indeed restarting it (only
for it the crash again & so it went).
yeah, clamav needs a ordinary amount of memory where others
Thanks for the tip, I found the issue, it was that clamav-daemon was
running out of memory, crashing & serviced was indeed restarting it (only
for it the crash again & so it went).
On 29 March 2017 at 00:58, Matus UHLAR - fantomas wrote:
> On 28.03.17 22:33, Antonio
That's always been true in the past and they could be disabled in the config
file, but that isn't the case here. For whatever reason, this is a signature
which is being executed despite heuristics being disabled and it can be
included in the .ign2 file successfully.
Not sure why this change.
On 28.03.17 22:33, Antonio Pavletich wrote:
Since upgrading I'm found clamd is spiking and staying put at 100%.
I've deleted all files in /var/lib/clamav & re-ran freshclam only to have
the same issue occur on the next inbound email?
top - 11:07:58 up 3 days, 3:49, 2 users, load average:
Using the whitelist works in this case and is sufficient for my use.
Thanks & have a nice day, folks.
Am 28.03.2017 um 13:53 schrieb Jonas Manusch:
Cheers folks,
since last weekend my clamscan states
Heuristics.Filetype.ZipWithJS-6162396-0 FOUND
on some files. These files are from 2015 and
On Tue, March 28, 2017 1:23 pm, Reindl Harald wrote:
>
>
> Am 28.03.2017 um 14:20 schrieb Matteo Dessalvi:
>
>> Hello.
>>
>>
>> Regarding your fist question you can execute the following
>> tools from the command line:
>>
>> sigtool --find-sigs=Heuristics.Filetype.ZipWithJS-6162396-0 | sigtool
On 03/28/2017 02:23 PM, Reindl Harald wrote:
Heuristics are *not* signatures
Uh-oh, sorry. You are right, my mistake entirely.
Regards,
Matteo
___
clamav-users mailing list
clamav-users@lists.clamav.net
Am 28.03.2017 um 14:20 schrieb Matteo Dessalvi:
Hello.
Regarding your fist question you can execute the following
tools from the command line:
sigtool --find-sigs=Heuristics.Filetype.ZipWithJS-6162396-0 | sigtool
--decode-sigs
Heuristics are *not* signatures
'ZipWithJS' is for sure not
Hello.
Regarding your fist question you can execute the following
tools from the command line:
sigtool --find-sigs=Heuristics.Filetype.ZipWithJS-6162396-0 | sigtool
--decode-sigs
'ZipWithJS' is for sure not in the ClamAV source code: it is just a part
of a string used to identify the
> 1. Where can I find information about what kind of threat this?
\.[A-Za-z]{3}\.js$
FP Source example:
https://www.mobileread.com/forums/showthread.php?p=3496981
Ie. any .js inside a zip file that's starts with 3 letters will get blocked.
--
Cheers,
Steve
Twitter: @sanesecurity
On 28/03/17 12:53, Jonas Manusch wrote:
Cheers folks,
since last weekend my clamscan states
Heuristics.Filetype.ZipWithJS-6162396-0 FOUND
on some files. These files are from 2015 and I assume it to be false
positive. Since these files contain sensitive data I cannot hand out
to third
Am 28.03.2017 um 13:53 schrieb Jonas Manusch:
Cheers folks,
since last weekend my clamscan states
Heuristics.Filetype.ZipWithJS-6162396-0 FOUND
on some files. These files are from 2015 and I assume it to be false
positive. Since these files contain sensitive data I cannot hand out to
third
Cheers folks,
since last weekend my clamscan states
Heuristics.Filetype.ZipWithJS-6162396-0 FOUND
on some files. These files are from 2015 and I assume it to be false
positive. Since these files contain sensitive data I cannot hand out to
third parties. I tried to find out what the above
Hi,
I've used clam-av for for years but not kept up to date with the many
changes.
Since upgrading I'm found clamd is spiking and staying put at 100%.
I've deleted all files in /var/lib/clamav & re-ran freshclam only to have
the same issue occur on the next inbound email?
I followed the guide
14 matches
Mail list logo