And be careful if using the -l option of clamscan.
On 6/22/15 1:13 PM, Noel Jones wrote:
On 6/22/2015 2:50 PM, MarkusGMX wrote:
Am 20/06/15 um 19:15 schrieb Markus Egg:
Hello,
how can I use clamscan on multicore CPUs ?
I found clamdscan with --multiscan but for some reasons
--multiscan does
.
Referencing other rules within a condition is one of the yara features that
is not supported in ClamAV 0.99 beta1. We are looking at how to include it
in a future release.
On Wed, Jun 10, 2015 at 10:50 AM, Dennis Peterson denni...@inetnw.com
wrote:
That is a pretty nice addition, Joel. Naturally somebody
That is a pretty nice addition, Joel. Naturally somebody is going to ask if
there is an on-line rule testing utility anywhere so that might as well be me
:). I'm particularly interested in knowing if the linefeeds between the keyword
rule and the closing brace in the rules can be left out so
On 5/29/15 4:20 AM, Paul Martin wrote:
Hello,
I have many false positive when clamav detects malware
Html.Exploit.CVE_2015_0045,
what can I do to stop these false positive ?
Thanks, Paul
___
Help us build a comprehensive ClamAV guide:
Nice work, Steve and Adrian.
dp
On 5/14/15 6:13 AM, Steve Basford wrote:
Hi All,
Just in case this is useful to anyone:
Adrian of extremeshok-dot-com has forked Bill Landry's
clamav-unofficial-sigs script and made quite a few new changes to the
script:
Original
My opinion is well-framed by this wikitedia page:
http://en.wikipedia.org/wiki/Heuristic_analysis
To summarize, no, I don't trust best-guesses. Not even mine.
dp
On 4/12/15 4:52 AM, Franklin Wang wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi guys,
I've been collecting reviews
On 4/9/15 7:31 AM, sanes wrote:
Does clamscan --remove=yes only delete infected file from hard disk, or
also if running in memory (RAM)?
we rather manually delete files that are infected, but not sure how to
handle
Having clamscan remove files before you review them is probably the worst
On 3/29/15 4:55 AM, TR Shaw wrote:
On Mar 29, 2015, at 1:45 AM, Dennis Peterson denni...@inetnw.com wrote:
On 3/28/15 10:43 PM, Jinwon Lee wrote:
Thanks for that. I guess ‘Hash Value’ refers to the ClamAV identifying the
.dmg as a known file that contains virus/es.
Jinwon
On 3/29/15 12:08 AM, Al Varnell wrote:
On Sat, Mar 28, 2015 at 09:50 PM, Dennis Peterson wrote:
It should be possible to use cpio to extract the contents to a stream and feed
that into the ClamAV engine
OS X does include cpio but I have been unsuccessful in getting it to do anything
On 3/28/15 6:48 PM, Al Varnell wrote:
On Sat, Mar 28, 2015 at 06:35 PM, Jinwon Lee wrote:
Thanks for the responses. I am not a computer expert so I might not fully
understand
all that has been discussed but it sounds like ClamXav extracts(decompose?)
archive files like zip, RAR and then scan.
On 3/28/15 10:43 PM, Jinwon Lee wrote:
Thanks for that. I guess ‘Hash Value’ refers to the ClamAV identifying the
.dmg as a known file that contains virus/es.
Jinwon
That was the case too for password protected zip files. If you can't burst the
contents you condemn the wrapper.
dp
Forgot to include dmg files are as described when mounted - else they are disk
images (cpio). I don't know what the clam product does with unmounted disk images.
dp
On 3/26/15 11:09 PM, Dennis Peterson wrote:
The dmg files are logical structures. They are comprised of Unix directories
The dmg files are logical structures. They are comprised of Unix directories and
files and clam doesn't need to treat them differently than any other directory
tree. if you have support compiled in for zip, RAR, TAR, and several other
archiving formats it should decompose them and scan each of
The string you are looking for is not necessarily the only one you should be
looking for for that exploit. More information here:
http://somewebgeek.com/2014/wordpress-remote-code-execution-base64_decode/
Steve at SaneSecurity has a nice document on creating your own signatures here:
65.19.179.67
http://lurker.clamav.net/message/20150212.145031.f8669263.en.html
-Al-
On Wed, Mar 11, 2015 at 05:24 PM, Dennis Peterson wrote:
Mirror #12
IP: 65.19.179.67
Successes: 0
Failures: 23
Last access: Mon Feb 9 03:45:32 2015
Ignore: No
-Al-
___
Help
Features that have graduated from deprecated to deleted should have all remnants
removed from associated files. Sounds like it's past time to tidy up the
clamd.conf and freshclam.conf files.
dp
On 2/26/15 10:10 AM, Steven Morgan wrote:
Hi Vladislav,
Unfortunately there is currently not an
Maybe it's time to run that nmap script they might have :)
Hopefully they have something more elegant, though.
dp
On 2/26/15 11:49 AM, Smith, David wrote:
Nope .. not yet! :)
[root@SERVERNAME]# wget http://database.clamav.net/daily.cvd
--2015-02-26 14:46:30--
On 2/22/15 12:32 PM, Daniel Spies wrote:
On 02/22/2015 09:18 PM, Dennis Peterson wrote:
While I disagree with everything you've said I am glad you've spoken
out. My job would be far easier if everyone did so.
Could you be more precise? The quintessence of my last message was:
1. A company
On 2/17/15 3:58:02PM, Manoj Ramakrishnan wrote:
At the moment there is no settings in squidclamav to extract the
multipart form data and send only the attachment to clamd. As Kevin
mentioned, if clamd doesn't natively support parsing HTTP messages
then we need to find a way to pass correct
It takes a lot of cores to run multiple VM's and scanning other VM's from a peer
VM across the virtual switch and creates a lot of traffic in the vSwitch layer
of the hosting system. It doesn't work to scan the vdisk of a VM itself unless
you can mount the virtual disk and scan it as you would
Is this a deprecated feature we can/should ignore?
dp
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
AM, Joel Esler (jesler) wrote:
The feature still exists. However, I don’t believe we distribute any
“ExtraDatabase”s on the mirrors.
On Jan 29, 2015, at 7:05 AM, Dennis Peterson denni...@inetnw.com wrote:
Is this a deprecated feature we can/should ignore?
dp
On 1/27/15 2:32 AM, stef stef wrote:
Thanks for this. So, now I write on my freshclam.conf :PrivateMirror
192.168.0.200
And no more Error can't find Name or service not known
But, my client don't find .cvd :WARNING: main.cld not found on remote server
Now, how indicate to the client that it
He wants to know if ClamAV takes any corrective action such as quarantine or
even remediate the problem by replacing corrupted files with originals. ClamAV
does neither, but it can alert tertiary software to perform quarantining and
provide notification of a need for user initiated remediation.
The documentation in freshclam.conf for private mirrors says:
# This option allows you to easily point freshclam to private mirrors.
# If PrivateMirror is set, freshclam does not attempt to use DNS
# to determine whether its databases are out-of-date, instead it will
# use the If-Modified-Since
On 1/21/15 2:26 PM, E R wrote:
Hi to all,
I made this post over at Github, my assumptions that this is Clamav's
Github?
https://github.com/vrtadmin/clamav-devel/issues/14
I'm trying to figure out how to compile clamav as only a stand alone
scanner when needed...
Any help would be
On 1/21/15 5:22 PM, E R wrote:
@Dennis, Al asked what platform, I said; Slack which = Slackware, hence I'm
a Slacker. ;)
What you don't think a Slacker knows how to do? ./configure --help log :)
JUST KIDDING Dennis! :)
But seriously, there's nothing in there to really strip it down, just a
On 1/13/15 7:17 AM, Richard Thibaudeau wrote:
Hi everyone
For at least two weeks I'm searching the Internet to find a solution to:
root@debian:/# freshclam
ERROR: Parse error at line 4: Unknown option LocalSocket
ERROR: Can't open/parse the config file /etc/clamav/freshclam.conf
Please see
On 12/31/14 11:22 PM, Franklin Wang wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I've tried nod32, Dr. Web, AVG, clamav(the only open source one?),
comodo, F-prot on the desktop(x86_64). Why can't I find reviews for
them? There're many reviews for Windows platform, but few for Linux
On 1/1/15 10:26 AM, Joel Esler (jesler) wrote:
I think the answer you are going to get from the ClamAV list is ClamAV.
--
Joel Esler
Open Source Manager
Threat Intelligence Team Lead
Talos
It is also worth pointing out to n00bs and old timers alike this tag line from
the ClamAV home page:
intellectual
property and that is justification for just about any solution you can come up with.
dp
On 12/29/14 6:43 AM, Torge Husfeldt wrote:
Hi,
Am 24.12.2014 um 12:09 schrieb Arnaud Jacques / SecuriteInfo.com:
Le mardi 23 décembre 2014, 10:56:37 Dennis Peterson a écrit :
Second try:
What
What problem are you trying to solve with https? The data contain no secrets and
are freely available to any who wish to have it, so the immediate effect of
encryption is unneeded. Secondarily, https creates a greater server load to
encrypt the data, trusted SSL certs are an added expense, and
What a dummy - I responded to the wrong post :)
On 12/23/14 10:41 AM, Dennis Peterson wrote:
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
Second try:
What problem are you trying to solve with https? The data contain no secrets and
are freely available to any who wish to have it, so the immediate effect of
encryption is unneeded. Secondarily, https creates a greater server load to
encrypt the data, trusted SSL certs are an added
On 12/18/14 6:29 AM, polloxx wrote:
Since more and more malware is not attached to a mail but only an url to
it, detecting it is challenge. Is there any good url scanner avalable for
Clamav?
Thx,
P.
The Sendmail/Postfix milter J-Chkmail (and front end for ClamAV) can use DNS or
regular
On 11/18/14 2:11 PM, Joel Esler (jesler) wrote:
http://blog.clamav.net/2014/11/clamav-0985-has-been-released.html
ClamAV 0.98.5 has been released!
Will there be a Clamav 1.0 in my lifetime? I'm pushing 70 :)
dp
___
Help us build a comprehensive
On 11/15/14 9:22 AM, G.W. Haywood wrote:
Hi there,
On Sat, 15 Nov 2014, PJ Balsley wrote:
I use clamav on hundreds of linux systems in our network. ...
This is not a facetious question, it's one of genuine interest.
Why?
I did it too and the reason is compliance with credit card/social
On 11/9/14 4:52 AM, Saker Hamdy Mohamoud Salama wrote:
Dears,
I want to know the date of updated files (daily.cvd main.cvd).
From a command line type:
$ cd /path_to_files ls -l daily* main*
For example,
cd /var/lib/clamav ls -l daily* main*
Compare the dates against your freshclam
On 10/6/14 7:21 AM, Tim Smith wrote:
Seriously, why should I mess around with creating virus signatures, its a
waste of my time.
Because that is the norm for community-supported products and because nobody but
you is ultimately responsible for protecting your systems from malware.
dp
On 10/3/14 8:10:24AM, Mark Allan wrote:
On 3 Oct 2014, at 03:39 pm, Gene Heskett ghesk...@wdtv.com wrote:
On Friday 03 October 2014 07:19:13 Tim Smith did opine
Over the last 24-48 hours, I submitted a number of email attachments.
RAR files that contained viruses.
Running one or two of them
On 10/3/14 2:11:15PM, Charles Swiger wrote:
On Oct 3, 2014, at 1:54 PM, Leonardo Rodrigues leolis...@solutti.com.br wrote:
On 03/10/14 08:19, Tim Smith wrote:
All of the commercial vendors I submitted the samples to had analysed
and created samples in timeframes ranging from hours to one day.
The question he asked is are regex expressions allowed in the whitelist file.
I've never looked into it so don't know, but it seems like it could be a useful
feature although extremely easy to abuse.
What he would like to do is replace multiple similar entries that are causing
FP's:
Better, I think, is to start with what processes can lock the log file.
Logrotate being one such. It is a small matter to disable this and wait and see.
dp
On 9/23/14 8:50 AM, Kevin Lin wrote:
Have you tried to query what process is locking the log file?
It is possible that multiple
On 9/16/14 2:28 PM, Al Varnell wrote:
The following file was found in Adobe PhotoShop CS6 infected with
Win.Worm.Chir-681 (apparently added to the database earlier today):
/Applications/Adobe Photoshop CS6/Adobe Photoshop
CS6.app/Contents/Required/Droplet Template.exe
I’ve submitted it as a
On 9/5/14 2:10 AM, Steve Basford wrote:
Hi All,
For those using Sanesecuriy foxhole databases, I've finally updated
their usage information:
http://sanesecurity.com/foxhole-databases/
Cheers,
Steve
Sanesecurity.com
Steve - thanks for your contribution to the success of the ClamAV products.
On 7/24/14, 12:47 PM, Bernard Thédié wrote:
Le 24/07/2014 21:08, Matus UHLAR - fantomas a écrit :
On 24.07.14 20:23, Bernard Thédié wrote:
Silly reason... my computer has a very, very noisy fan.
I'm afraid you can avoid this problem only by not using anything that eats
CPU.
well,
On 7/4/14, 12:01 PM, René Bellora wrote:
hi!
I'm trying to compile Clamav 0.98.4 in Centos4, and i get this:
configure: error: Your OpenSSL installation is missing the X509_VERIFY_PARAM
function. Please upgrade to a more recent version of OpenSSL.
this is a server that I don't control (I
On 6/26/14, 9:47 PM, Henrik K wrote:
Hello, HAVP developer here. I'll release a new version if it's required, but
I guess that will have to wait on the discussions. Hopefully it's not even
necessary and 0.98.4 will remain an unused dark horse version..
Cheers,
Henrik
It is here.
dp
Why wouldn't ClamAV be interested in creating this signature as part of their
own distribution? It's a virus, it's what you do, no?
dp
On 6/24/14, 11:14 AM, Joel Esler (jesler) wrote:
On Jun 24, 2014, at 11:01 AM, Bowie Bailey
bowie_bai...@buc.commailto:bowie_bai...@buc.com wrote:
On
On 6/24/14, 9:16 PM, Al Varnell wrote:
That’s certainly a valid question and deserves a ClamAV® answer, but I’ll throw
this comment out.
The signature team has always been overwhelmed by the number of new samples it
receives every day and even though the team is bigger today, so is the input.
The OP brought up several points, none of which were addressed.
1. Nevertheless, the detection rate of viruses, trojans, etc. is not very good.
Almost every time I submit a sample file on virustotal.com ClamAV can not detect
the virus or malware.
2. Up to now, I never got a notification,
Quick dump of found signature results: ClamAV vs Basford et al
Unofficial sigs, total:
grep UNOFFICIAL clam* |wc -l
174
Unofficial Sane Security sigs found
grep Sanesecur.*FOUND clam* |wc -l
141
Official ClamAV sigs found:
grep FOUND clam* |grep -c -v UNOFFICIAL
10
Non-Sanesecurity unofficial
On 5/27/14, 7:45 PM, Michael Heuberger wrote:
Thanks but sorry, the thread is too long and I'd prefer to get to the
point ...
Buy more memory.
dp
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
On 5/23/14, 11:15 AM, Matus UHLAR - fantomas wrote:
On 23.05.14 12:25, Claudio Cuqui wrote:
I would like to known if is it possible to create a virus signature that
match the subject of a mail message. I tried everything and the signature
only match when the pattern is located in the email
Built and runs fine in Centos 6.5. Signature updates works, sigusr2 forces a
reload, no crashes. Works like a Mac.
dp
Platform information
uname: Linux 2.6.32-431.17.1.el6.x86_64 #1 SMP Wed May 7 23:32:49 UTC 2014
x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
zlib
On 5/9/14, 7:26 PM, Eric Shubert wrote:
On 05/09/2014 04:41 PM, Dennis Peterson wrote:
On 5/9/14, 7:33 AM, Bowie Bailey wrote:
On 5/8/2014 10:35 PM, Eric Shubert wrote:
[root@qmt-cos5 etc]# grep -v ^# clamd.conf | grep -v ^$
Inefficiency bugs me... You can do multiple patterns
On 5/9/14, 7:33 AM, Bowie Bailey wrote:
On 5/8/2014 10:35 PM, Eric Shubert wrote:
[root@qmt-cos5 etc]# grep -v ^# clamd.conf | grep -v ^$
Inefficiency bugs me... You can do multiple patterns with a single grep using
the -e flag.
grep -v -e ^# -e ^$ clamd.conf
Try (and there are surely
On 5/8/14, 8:23 AM, Shawn Webb wrote:
Hey Martin,
Is there a way you can get to me main.cvd.broken? I'm wondering if the
change to OpenSSL for hashing has somehow changed parsing CVDs and CLDs on
big-endian machines running Solaris. I thoroughly tested the code on a
sparc64 machine (an old
On 5/8/14, 9:00 AM, Dennis Peterson wrote:
On 5/8/14, 8:23 AM, Shawn Webb wrote:
Hey Martin,
Is there a way you can get to me main.cvd.broken? I'm wondering if the
change to OpenSSL for hashing has somehow changed parsing CVDs and CLDs on
big-endian machines running Solaris. I thoroughly
On 5/7/14, 6:38 PM, James Brown wrote:
Have just upgraded to version 0.98.3 from 0.98.1.
Clamd starts fine, but anytime I reload the database (e.g. running freshclam)
clamd will crash.
Would you mind pasting in the output of clamconf too, please. I'd like to see
the build options compared
On 5/2/14, 8:34 AM, Greg Mueller wrote:
Thank you for your response
I did not install clamav, it came on a used computer.(not the one I'm using
to write this email)
I can't get that computer to boot at all so I can't upgrade.
I just need to get the computer to go past the block in the boot
On 4/17/14, 8:30 AM, Greg Folkert wrote:
You wouldn't happen to be a Solaris or SCO person, would you?
I'm retired after 3+ decades of using (in no particular order) SunOS, Solaris,
AIX, HP-UX, OSF/1-Tru64, HP-3000 running MPE, VAX-11/7XX, OS/400, BSD Unix, a
brief stint with SCO Unix, and
On 4/17/14, 8:10 AM, David Raynor wrote:
Though inconsistent, it is less interesting then it may appear. The scanning
behavior is the same. Both return a clean disposition if limits are reached
and no signatures alert, including a message at debug level describing which
limit was exceeded. The
On 4/17/14, 8:13 AM, Alain Zidouemba wrote:
ClamAV does scan for linux viruses.
If you install ClamAV, you can use the sigtool command to find signatures
for unix-specific malware.
Eg:
sigtool --list-sigs /usr/local/share/clamav/daily.cld | grep -i 'unix'
.
.
.
Exploit.Shellcode.Unix-Gen-1
On 4/15/14, 7:36 AM, Steven Morgan wrote:
Good news, it works. We are considering a --warn-on-limit-exceeded option
to cover messaging in these types of cases.
Steve
I've found an interesting inconsistency when scanning archives. I tested this on
an xz compressed tar file (the ClamAV
On 4/11/14, 1:31 AM, Mischa Coenen wrote:
Hi,
Clamscan can scan the contents of tar-balls for virusses, when I tar only a
eicar-file than clamav detects it. But I did a test in which i have put an
eicar file in different directories including the top-directory, clamscan
cannot detect
On 3/17/14, 7:43 AM, Marco wrote:
I don't see log on Postfix correlated to these warning.
Just two or three error a day like this, really:
2014-03-17T12:47:34.538025+01:00 postfix2 postfix/smtpd[17215]: warning:
milter inet:example.com:7357: can't read SMFIC_MAIL reply packet header:
On 3/12/14, 12:13:53PM, Scott Kitterman wrote:
http://www.clamav.net/lang/en/2014/02/22/introducing-openssl-as-a-dependency-to-clamav/
I just noticed this. I do the clamav packages for Debian/Ubuntu. Adding the
dependency is fine from a technical perspective, but there is, at least
currently,
On 3/3/14, 4:28 AM, Steve Hill wrote:
I'm using clamd together with exim under Scientific Linux 6.3 and I'm having
problems with Clam not detecting many viruses - in fact, looking back through
the logs it basically only seems to be finding a few phishing emails.
Did you just send a link to a
On 3/3/14, 8:50 AM, Brian Morrison wrote:
Steve is your Exim installation set up to reject mail on spamminess,
using SpamAssassin or similar?
I find that SA detects a lot of mail using SA rules that probably
contain attachments or inline images that are virus laden, but it's
cheaper on system
On 3/2/14, 7:55 PM, Scott Snow wrote:
I'm working on a MapReduce project using Amazon's EC2. The only bottleneck
I have is that it takes ~35-40 seconds to scan each file, which seems very
high. I'm using a c program as a wrapper for ClamAV, which takes a single
file and the mode. Does anyone
On 2/27/14, 3:43:08PM, Paul Kosinski wrote:
The blog post concerning OpenSSL being required for ClamAV only has
one reason as to why it might *benefit* ClamAV, the other reasons are
why OpenSSL *itself* in good.
That single reason is:
We will be able to provide a better freshclam experience
On 2/26/14, 8:08 AM, Joel Esler (jesler) wrote:
On Friday last week I put a blog post up about introducing OpenSSL into the
ClamAV ecosystem. I wanted to make sure everyone saw it, so please have a look
at the blog post here:
On 2/26/14, 12:32 PM, Shawn Webb wrote:
On Wed, Feb 26, 2014 at 1:01 PM, Dennis Peterson denni...@inetnw.comwrote:
On 2/26/14, 8:08 AM, Joel Esler (jesler) wrote:
On Friday last week I put a blog post up about introducing OpenSSL into
the ClamAV ecosystem. I wanted to make sure everyone saw
On 2/19/14, 7:03:15PM, Jobst Schmalenbach wrote:
On Wed, Feb 19, 2014 at 09:32:18PM -0500, Shawn Webb (sw...@sourcefire.com)
wrote:
On Feb 19, 2014 9:28 PM, Jobst Schmalenbach jo...@barrett.com.au wrote:
[root /tmp] #yum list installed clamav*
Loaded plugins: fastestmirror
Installed
On 2/19/14, 7:32:12PM, Dennis Peterson wrote:
# yum list installed clam*
clamav.x86_640.98.1-1.el6 installed
clamav-db.x86_64 0.98.1-1.el6 installed
clamav-devel.x86_64 0.98.1-1.el6 installed
clamav-unofficial-sigs.noarch3.7.1
On 2/12/14, 6:29 AM, Andrew Kelly wrote:
On Tue, 2014-02-11 at 21:28 -0800, Dennis Peterson wrote:
On 2/11/14, 8:06 AM, Andrew Kelly wrote:
So. bump!
So. Andy - You do know that this is the wrong list for complaints about
Debian support, right? You might have better luck here
On 2/11/14, 8:06 AM, Andrew Kelly wrote:
So. bump!
Nearly mid February 2014 now. 0.98.1 has been available for a
month already, and Debian is still stuck at 0.97.8.
Is there any kind of formal statement from the package maintainer,
or is this simply an orphaned project?
Andy
So.
FYI - I had some bounces this week because Gene Heskett's URI in the following
quote is trapped by uribl.com:
nslookup geneslinuxbox.net.multi.uribl.com
Server: 127.0.0.1
Address:127.0.0.1#53
Non-authoritative answer:
Name: geneslinuxbox.net.multi.uribl.com
Address: 127.0.0.2
On 2/6/14, 7:54 AM, Douglas Goddard wrote:
Looking at the original file and what was uploaded to VT, this signature is
the md5sum of 43180 null bytes. While I would say this is definitely
Junk.Corrupted, it's not malicious. I'll drop it.
Thanks for the report.
There's more you should do
geneslinuxbox.net.multi.uribl.com should return address not found. If
it is 127.0.0.X then there is still an issue.
dp
On 2/6/14, 1:09 PM, Gene Heskett wrote:
On Thursday 06 February 2014 16:08:01 Dennis Peterson did opine:
Dennis, you seem to be using a very old cache of uribl, I have been cleared
from
On 2/6/14, 1:54 PM, Bryan Burke wrote:
Perhaps your blackholing problem is an indication of more problems -
we can ask the members to repeat the nslookup of your domain to see
if others get the results I got below.
nslookup geneslinuxbox.net.multi.uribl.com should return address not
found. If
: Dennis Peterson denni...@inetnw.com
nslookup geneslinuxbox.net.multi.uribl.com is only going to tell someone
where the first (of probably many) layered DNS servers are. Ubuntu 12.04
(LTS) takes this to an extreme by running a cacheing name server on the
desktop. i.e.:
Unfortunately, I'm not aware
On 2/6/14, 3:12:09PM, Joel Esler (jesler) wrote:
http://blog.clamav.net/2014/02/clamav-mailing-list-maintenance-monday.html
ClamAV Mailing List Maintenance, Monday, February 10th, 2014
This notice is for the members of the ClamAV mailing lists found here:
On 2/4/14, 4:17 AM, Andre Hübner wrote:
Hello,
is a signatur like this HTML.CVE_2012_1526-3 really needed?
What are the zlib failure details? You will probably also need
zlib-devel to compile Clamav.
dp
On 12/23/13, 9:29:43PM, Joshua Soulwin Malayappan wrote:
Hi,
I tried to install Clam av in Red Hat Enterprise Server Release:6.3
I got the below error
Failed dependencies:
...@lists.clamav.net
[mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Dennis Peterson
Sent: Tuesday, December 24, 2013 11:40 AM
To: ClamAV users ML
Subject: Re: [clamav-users] clam av Red Hat installation
What are the zlib failure details? You will probably also need zlib-devel to
compile Clamav
On 11/26/13, 5:27 PM, Michael Orlitzky wrote:
On 11/26/2013 06:47 PM, Dave Pitts wrote:
Like at 4:30pm MT every day. It may play at other times. But, I can't say.
Do you have any asshole friends who've used your PC lately?
This sounds like the answer to the question, I have my buddy Dave's
On 11/8/13, 10:59 AM, xxdiskoxx2011 . wrote:
Clamav is perfectly installed. Other i have installed GUI for CLAMAV
Il 08/nov/2013 19:40 David Raynor dray...@sourcefire.com ha scritto:
Clamav is probably perfectly installed, but Clamav does not necessarily include
clamd or clamd.conf,
On 11/8/13, 7:57 AM, xxdiskoxx2011 . wrote:
/etc/cron.daily/freshclam:
ERROR: Parse error at line 17: Unknown option UpdateLogFile
ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamd.conf
Type the following at the command line:
rpm -qa |grep clam
Send back the results -
On 10/31/13, 5:08 PM, Paolo De Michele wrote:
hi everybody,
I installed a web/mail server correctly with the suite ispconfig.
between the packages I installed amavis and clamav
However, the email will be populated with the object UNCECKED and the system
logs I see this:
Run the clamconf
On 9/27/13 5:14 PM, Bob Miller wrote:
I am sorry that this reply is rather late, but for the sake of
completeness and for the benefit of anyone who finds himself chasing
this same problem, I would report that I have determined that the
problem here was simscan, and not clamav.
Thanks for
On 9/25/13 9:36 AM, David Raynor wrote:
ClamAV does not currently have that functionality, though as you found in
your testing it does have support for cpio if you unpack the contents. We
are working on a bunch of things for upcoming releases, but as always I
cannot make any promises about
On 9/23/13 1:59:42PM, Shawn Webb wrote:
Maybe this time I'll actually attach the patch. ;)
I believe the list server discourages attachments.
dp
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
On 9/20/13 2:01 AM, Jose-Marcio Martins wrote:
Is there a problem with database mirrors ?
The download behaviour I see from my side, since yesterday, when trying to get
clamav databases (main.cvd, daily.cvd, ...) is something like a 600 K/s pic for
(probably) just a single packet, then the
On 9/19/13 12:04 PM, Joel Esler wrote:
http://blog.clamav.net/2013/09/clamav-098-has-been-released.html
ClamAV 0.98 has been released!
The link on the clamav.net site still references 0.97.8.
dp
___
Help us build a comprehensive ClamAV guide:
On 9/19/13 1:04 PM, Joel Esler wrote:
which page? I’m seeing .98
http://www.clamav.net/lang/en/download/sources/
It's fixed now - thanks.
dp
On Sep 19, 2013, at 3:21 PM, Dennis Peterson denni...@inetnw.com wrote:
On 9/19/13 12:04 PM, Joel Esler wrote:
http://blog.clamav.net/2013
On 8/14/13 2:23:28PM, David Raynor wrote:
I'll look a bit more at how we are loading the interim signature state and
see what else we could do with the sorting. Meanwhile, this is a change you
could put into practice now and get faster startup times. Before making any
change on a server
On 7/30/13 11:18:36AM, Bob Miller wrote:
Hello,
I am trying to trace the reasoning behind behaviour I don't understand
with regard to permissions on the clamd.socket and simscan.
What is the state of selinux on your system? This is found in some
distributions by running getenforce at the
Running clamd as root is probably a bad idea but I can imagine a lot of
debate I'm not interested in rising from that statement. It is not
something I would do. When I hit this problem of allowing clamd and my
milters to share that and other sockets I put them all in the same
UID/GID (not
201 - 300 of 1693 matches
Mail list logo
