On 7/9/13 8:33:33AM, Joel Esler wrote:
We're just going to have to recommend that you build from source on Fedora.
We'll have to put something on the website about it. The maintainers for
Fedora will not build unrar into Fedora as it is unfree.
That's why I don't use it, too. RAR
On 7/9/13 8:48:46AM, Nicholas Chua wrote:
Hmmm. Isn't there a libunrar?
Regards
Nic
This conversation has been about the unrar library.
dp
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
On 7/8/13 8:15 AM, Joel Esler wrote:
Instead of me having the scour the internet, can someone pass me the email
address for the package maintainer here, and I’ll try and coordinate with them
to fix this problem in their build?
Thanks.
--
Joel Esler
If you fetch the source RPM from the
On 7/8/13 8:39 AM, Nicholas Chua wrote:
Dear all,
Please take note that the requirement is unrar and it is free. Rar is non free
Regards
Nic
Is unrar also unencumbered? That does not appear to be the case according to the
license.
dp
___
On 7/7/13 8:38 AM, Benny Pedersen wrote:
Nicholas Chua skrev den 2013-07-07 16:44:
Don't seem to have that library
compiled from source ?
its part of clamav this lib
maybe just have an old lib that is not working with 0.97.8 installed ?
clamconf shows imho compile options, cant remember
On 7/7/13 9:03 AM, Nicholas Chua wrote:
It is not built in the Fedora RPMBuild process as a result. I build
my own RPM files and don't include it either.
Would you share your rpm or src with me?
unrar is free, rar is paid, why the heck rpm have precompiled problems
is beyong me
I wonder
On 6/25/13 8:19:50AM, Denis McMahon wrote:
I'm guessing that the interesting data here is:
open(/etc/resolv.conf, O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
and
sin_addr=inet_addr(127.0.0.1)}, 16) = 0
which, at a guess, I'd say meant that freshclam had been unable to open
On 6/25/13 12:28:39PM, Denis McMahon wrote:
$ ping current.cvd.clamav.net
ping: unknown host current.cvd.clamav.net
My error - that should have been ping database.clamav.net. I blame my
cut/paster :). I've installed Ubuntu server and can't replicate (yet)
your error.
dp
On 6/23/13 6:28:23PM, Denis McMahon wrote:
On 23/06/13 23:10, Dennis Peterson wrote:
One 'stupid' question and another test. Do you have any host table
entries that can be confusing your resolver?
Try running (via sudo or as root)
strace -f freshclam /tmp/freshclam.txt 21
then post
networks: files
protocols: db files
services: db files
ethers: db files
rpc:db files
netgroup: nis
$
On Sat, Jun 22, 2013 at 2:01 PM, Denis McMahon denismfmcma...@gmail.comwrote:
On 22/06/13 17:36, Dennis Peterson wrote:
On 6/22/13 9:08:48AM, Denis
On 6/22/13 9:08:48AM, Denis McMahon wrote:
$ sudo find / -name mirrors.dat . nothing
Rgds Denis
Show the output of these commands:
id clamav
ls -ld /var/lib/clamav
ls -l /var/lib/clamav/
clamconf
dp
___
Help us build a comprehensive ClamAV
On 6/21/13 5:45 AM, Denis McMahon wrote:
appear to suggest that my dns is fine (these are included in the log). I
have another machine on the LAN which updates fine.
Denis McMahon
What do you get if you run freshclam --list-mirrors ?
dp
___
On 6/14/13 8:40:16PM, Benny Pedersen wrote:
Toni Habich skrev den 2013-06-13 13:56:
is there any virus or common malware for solaris at all?
i don't know. and that's the point. so I ask again - are there any virus
patterns for solaris 10 in the clamav pattern db???
first define what is a
On 6/18/13 8:08 AM, Alain Zidouemba wrote:
As Joel Esler mentioned before, there are signatures for UNIX malware in
the official ClamAV DB.
- Alain
You would think such a simple question would have a simple answer. UNIX is not
Solaris. Solaris is one of a few UNIX's around. Are the UNIX
On 6/18/13 12:35 PM, Greg Folkert wrote:
On Tue, 2013-06-18 at 12:22 -0700, Dennis Peterson wrote:
On 6/18/13 8:08 AM, Alain Zidouemba wrote:
As Joel Esler mentioned before, there are signatures for UNIX malware in
the official ClamAV DB.
- Alain
You would think such a simple question
On 5/16/13 9:03:42AM, Bob Cohen wrote:
Hi Folks,
My server runs CentOS 5.x and I use yum to keep it updated. For a few weeks,
LogWatch has been complaining that my install is not current. Is there a better
yum repository for keeping my install current?
EPEL is also behind, still.
On 5/13/13 7:15:45PM, Patrick Kennedy wrote:
The manual says:
If you are installing ClamAV for the first time, you have to add a new user
and group to
your system:
# groupadd clamav
# useradd -g clamav -s /bin/false -c Clam AntiVirus clamav
Consult a system manual if your OS has not groupadd
On 11/25/12 7:19 PM, Paul Wise wrote:
Hi all,
Bill Landry is the developer of clamav-unofficial-sigs and since I'm the
Debian maintainer of that, I need to discuss some things with him but
his domain inetmsg.com doesn't respond to HTTP or SMTP connections. Does
anyone know what happened to him
On 2/11/13 10:03 PM, Al Varnell wrote:
On 2/11/13 12:32 PM, azurIt wrote:
is it somehow possible to exclude a database mirror? The mirror
clamav.mojhosting.sk is s slow that freshclam is freezeing while
downloading main.cvd (download takes about 30 minutes).
I've never figured out a
Bill Landry's unofficial sigs script does it right by using a random
function as an offset from cron time to actually initial a sig download.
For those of us with a couple dozen or more systems this is a
mirror-friendly way of not getting into lockstep with any fixed-offset
scheme. Here is the
On 1/24/13 10:40 AM, Lee Graber wrote:
I am just starting to try and get clamd + freshclam running on some Ubuntu
servers running on EC2 servers in the US Standard Region (east coast). The
documentation talks about specifying a mirror which is close to you but it
seems to default to the
On 1/12/13 5:22 AM, Pancho wrote:
All in all for me there is a fairly compelling argument for going this route
so I thought I would put it out there to see what others think.
Kind regards
Ricki
Is there something about real-time day one virus outbreaks and US
government involvement that you
On 12/7/12 11:44 PM, Jim Preston wrote:
On 12/06/2012 12:12 PM, Gene Heskett wrote:
On Thursday 06 December 2012 14:09:16 Dennis Peterson did opine:
On 12/6/12 10:44 AM, Gene Heskett wrote:
Speaking of clamd.conf, I wonder if some of you might be editing the
wrong clamd.conf file? I am
On 12/7/12 1:50 AM, franckm wrote:
Dennis Peterson wrote:
That is a functionality of the desktop, no? There are command line tools
as well. Inode cron will do this. If you're not in a hurry and
understand the risks of non-atomic file transfers you can do this with
cron. Here's a link
On 12/7/12 11:37 PM, Jim Preston wrote:
I too have used Dag Weir's packages and found them to be reliable.
Jim
Thank you Jim and everyone that has responded. I have a solution now.
dp
___
Help us build a comprehensive ClamAV guide: visit
On 12/6/12 8:25 AM, franckm wrote:
Thanks it works now but I am not getting the log line when a new file is
getting scanned. I only get the result (OK line)
Syslog uses a two-part record (facility.severity) to decide what to put
into a log file. Assuming you are using the default LOCAL6
On 12/6/12 9:20 AM, franckm wrote:
Thanks Dennis.
Do you mean LogSyslog can provide more detailed log than LogFile?
Does the LogFacility setting apply to LogSyslog only or it also applies to
LogFile.
I have noticed my LogFacility setting does not have the default value. It is
set to
On 12/6/12 10:30 AM, TR Shaw wrote:
Linux, bsd unix and MacOSX all support directory/folder changed actions.
Tom
On Dec 6, 2012, at 1:26 PM, Jari Fredriksson wrote:
06.12.2012 19:44, franckm kirjoitti:
Is it possible to have clamd (clamav deamon) watch a specific folder (and
only that one)
On 12/6/12 10:44 AM, Gene Heskett wrote:
Speaking of clamd.conf, I wonder if some of you might be editing the wrong
clamd.conf file? I am not sure how it got to be, but according the the
launcher script in /etc/init.d. it is using /etc/clamav/clamd.conf, but I
have others also.
You should
On 12/6/12 10:50 AM, Gene Heskett wrote:
On Thursday 06 December 2012 13:45:09 franckm did opine:
Is it possible to have clamd (clamav deamon) watch a specific folder
(and only that one) and automatically scan the files as they are
dropped into it?
You can do better than that if you're a
Barely on topic but I have a question about RPM's. I'm rolling out an
enterprise ClamAV solution for PCI compliance and need to use a reliably
sourced RPM distribution from a third party. I've always done this
myself but as a contractor that would not be appropriate as I won't be
there
On 12/6/12 11:14 AM, Gene Heskett wrote:
On Thursday 06 December 2012 14:13:13 Dennis Peterson did opine:
On 12/6/12 10:50 AM, Gene Heskett wrote:
On Thursday 06 December 2012 13:45:09 franckm did opine:
Is it possible to have clamd (clamav deamon) watch a specific folder
(and only that one
Just observing the OP did not specify email.
dp
Humm, an item I was remiss in not noting. Can I blame that on Oldtimers?
I certainly qualify at 78 I think. :)
I'm 67 and have so sure - you get a pass:)
dp
___
Help us build a
On 12/6/12 6:34 PM, Jari Fredriksson wrote:
06.12.2012 20:44, Dennis Peterson kirjoitti:
That is a functionality of the desktop, no? There are command line
tools as well. Inode cron will do this. If you're not in a hurry and
understand the risks of non-atomic file transfers you can do
Can we get a link to a SourceFire statement on the future of ClamAV? I just
rolled it out to a very large enterprise and they won't be happy if this thing
is going under or even looks like it is sputtering. The timing of this can't
have been worse so getting out ahead of the rumors is in
I was hoping to hear from someone higher up than a mentalist time lord.
On 11/27/12 10:11 AM, Nigel Houghton wrote:
On Nov 27, 2012, at 12:32 PM, Dennis Peterson denni...@inetnw.com wrote:
Can we get a link to a SourceFire statement on the future of ClamAV? I just
rolled it out to a very
On 11/27/12 2:19 PM, Nigel Houghton wrote:
On Nov 27, 2012, at 2:17 PM, Dennis Peterson denni...@inetnw.com wrote:
I was hoping to hear from someone higher up than a mentalist time lord.
Well, if Rassilon wasn't in a time lock he might reply, but since he is, I'm it.
It would have helped
On 11/9/12 3:34 PM, Ed Flecko wrote:
Thank you Chuck...that worked!
I was going to use the port, but I *like* to try and use source when I
can, only because they're current (of course) and I can use different
./config options, which I don't *think* you can do with a port...can
you?
Ed
Type
On 9/25/12 5:16 PM, Fredrich Maney wrote:
While a good idea, it's not really feasible for me. I'm dealing with several
hundred terabytes of data and I simply do not have that much spare disk
available.
Fpsm
This looks like another case where scanning only files that are new or changed
On 9/25/12 8:29 AM, Bowie Bailey wrote:
I posted this a few days ago with no response. I think it got lost in the
mailing list etiquette discussion.
I just visited the page and some idiot at SourceFire has decided I need to join
one of several social sites and deal with yet another EULA in
On 9/25/12 2:16 PM, Joel Esler wrote:
On Sep 25, 2012, at 2:39 PM, Dennis Peterson denni...@inetnw.com wrote:
On 9/25/12 8:29 AM, Bowie Bailey wrote:
I posted this a few days ago with no response. I think it got lost in the
mailing list etiquette discussion.
I just visited the page and some
On 9/23/12 9:18 AM, Fredrich Maney wrote:
I'm a little reluctant to fire up a daemon process just to scan a
system once a month or once a quarter. As I said, we aren't looking
for malware, so I don't really care if the database is somewhat out of
date and we aren't scanning email, so I don't
On 8/30/12 4:21 AM, G.W. Haywood wrote:
Please would someone explain to me the use of {7-8}? I do not
recognize it as valid regular expression syntax.
Here is an example used in a Sane Security signature:
http://sane.mxuptime.com/s.aspx?id=Sanesecurity.Phishing.Auction.1749
It is an
On 8/28/12 3:51 AM, G.W. Haywood wrote:
It is unrealistic to expect people to produce manuals or tutorials for
every permutation of users' whim. You need to learn about the systems,
learn about the packages, learn about their installation, learn about
their operation and learn about how they
On 8/26/12 3:56 PM, G.W. Haywood wrote:
What I wrote there is rubbish. Please ignore it and accept my apologies.
The man page is clear that PATT is a pattern. It is not terribly
clear on what sort of a pattern, so experiment. It definitely does
not say that it's a regular expression. ...
On 8/20/12 6:41 AM, G.W. Haywood wrote:
The vast majority of those will be detected via
third-party databases, in particular at the moment INetMsg.SpamDomain
is running at about 50% and Sansecurity about 20% of detections.
Unless something has changed again that I missed, the INetMsg
On 6/25/12 12:41 AM, Benny Pedersen wrote:
Den 2012-06-24 16:41, Dennis Peterson skrev:
On 6/24/12 7:37 AM, David Alix wrote:
which version of clamd are you running?
9.7.2, 9.7.4, and 9.7.5.
all at once to be sure ?
No - I have several systems around the world running ClamAV, each running
On 6/25/12 7:00 AM, mario.reyes@dot.gov wrote:
Hey Tom,
Thanks for the suggestion but it just gives me the same message over and over
that I find in the log.
ClamAV update process started at Mon Jun 25 09:55:43 2012
WARNING: Can't query current.cvd.clamav.net
WARNING: Invalid DNS reply.
On 6/25/12 7:52 AM, mario.reyes@dot.gov wrote:
Truss isn't installed on this server, nor can I make any changes to the
baseline...
Do you think it could be a firewall issue somewhere? I can resolve manually
db.local.clamav.net just no way to get a resolution on current.cvd.clamav.net?
On 6/23/12 9:14 PM, David Alix wrote:
Hello-
Since Thursday morning, sometime between the daily.cld 15065 and 15066 update,
my clamd daemon has been abending regularly (every couple of minutes to every
half hour). I am running clamd 0.97.2 on Solaris SPARC.
I haven't seen mention of this from
On 6/24/12 7:37 AM, David Alix wrote:
which version of clamd are you running?
Thanks
David
9.7.2, 9.7.4, and 9.7.5.
dp
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
On 6/23/12 9:54 AM, Frank Chan wrote:
I've double checked that it is clamav-0.97.5.tar.gz with the new VRT signature
and not the Tomaz signature. I also checked it I was compiling from the
clamav-0.97.5 directory and check it was compiling correctly. I've been using
clamav since 2004 so I've
On 4/27/12 3:46 AM, G.W. Haywood wrote:
It does seem odd to me that people appear to be running ClamAV on
memeory constrained systems. I'd suggest that those systems might not
be suitable for the task.
Adding memory to an older Sparc system does not affect the signature loading
time at all.
On 4/25/12 7:34 AM, Michael Orlitzky wrote:
On 04/25/12 07:55, Török Edwin wrote:
I don't know if this can help speeding up the process but I collected some
statistics on
clamscan of a small file (wallclock duration: ~25sec):
I think I'm missing some context here: which DB files are slow to
On 9/19/11 8:46 AM, Michael Orlitzky wrote:
A hostname cannot be all digits and except when the IP is used there
will be a TLD, so if you see a pattern such as
http:// 123456789/ cgi-bin/innocent_code.pl
(Ignore the spaces they are there to let this post slip by most antispam
detection)
On 9/18/11 6:41 PM, Michael Orlitzky wrote:
On 09/16/11 11:53, G.W. Haywood wrote:
The string 11064393 concatenated after the string 95. is converted
without fuss by browsers to the IP address of the criminal server.
I use most of the third party databases available for ClamAV. Using
On 9/13/11 10:51 PM, Jim Preston wrote:
Apple has chosen to go the Microsoft route of
our users are too stupid to be allowed to do their own customization and as
such we OS X users have to suffer as we do with the choices made in Redmond.
I'm a Mac user for my personal workstation and I don't
On 9/14/11 12:29 AM, sys...@ra-schaal.de wrote:
if you can´t connect to 88.198.67.125, you should fall back to
46.4.61.241. it seems, that freshclam won´t use the second ip.
nslookup clamav.akxnet.de
Server: 127.0.0.1
Address:127.0.0.1#53
Name: clamav.akxnet.de
Address:
On 9/13/11 7:53 PM, Noel Jones wrote:
On 9/13/2011 9:03 PM, Bryan Burke wrote:
My logs show successful update sources in the last line, but not when there
is no update.
Ok, well I did check the output of the grep before posting the number of lines
on this
list, and all log entries mentioning
On 9/13/11 8:05 PM, Dennis Peterson wrote:
I've just sent the URL to validator.wc3.org and got the same problem with this
message:
My fat fingers intended to type http://validator.wc.org and not what they did
type.
dp
___
Help us build
On 9/13/11 8:31 PM, Al Varnell wrote:
Sounds like the server will be pulled, so you may not care, but since I went
through the effort.
Made changes to the hosts file.
Ran dig $ db.us.clamav.net
Does your dig use the host table? Mine does not. Same with nslookup. I can't
imagine why they
On 9/13/11 8:34 PM, Al Varnell wrote:
On 9/13/11 8:07 PM, Dennis Petersondenni...@inetnw.com wrote:
On 9/13/11 8:05 PM, Dennis Peterson wrote:
I've just sent the URL to validator.wc3.org and got the same problem with
this
message:
My fat fingers intended to type http://validator.wc.org
On 9/9/11 3:07 PM, Nathan Gibbs wrote:
Not everyone on this list works in your kind of shop.
Our shop has a host whose main purpose in life is to torrent Debian ISO's.
All the other person is asking, is why can't we have the capability to
use torrents?
This solution could take load off the
On 9/9/11 4:25 AM, G.W. Haywood wrote:
So what's the problem?
I guess I'd like to see what your Checkpoint firewall rules in your DC look like
and read your presentation to your security team justifying connecting your
system to unknown systems using a distribution method most better known for
On 9/3/11 1:25 AM, Paul Kraus wrote:
On Fri, Sep 2, 2011 at 11:37 AM, Anne Wilsoncannewil...@googlemail.com wrote:
No. As I reported yesterday, that returns
ls: cannot access
/home/anne/.kde/share/apps/kmail/imap/.1687036093.directory/.INBOX.directory/Newsletters:
No such file or directory
On 8/2/11 6:35 AM, Alain Zidouemba wrote:
Alex,
Your (or any) submissions are not being ignored. We have have just
been facing a large volume of submissions and prioritization sometimes
makes it that it takes us longer than we'd want to to get to some
submission.
I will be contacting you
On 7/25/11 9:35 AM, Luca Gibelli wrote:
Hello,
The service is still in beta, you are welcome to contact Luca Gibelli
luca*clamav.net if you intend to join the beta program.
We especially welcome those who already distribute their own unofficial
signatures to join. A list of databases
I suggest that you rely on our twitter feed for real time info
(twitter.com/clamav)
In my opinion, if twitter is a requirement for using ClamAV then this project
is doomed. I don't see our 'business' endorsing our NOC playing with twitter as
part of the job. I hope they don't read
On 7/14/11 9:57 AM, James Ralston wrote:
On 2011-07-11 at 13:40-04 Christopher X Candrevach...@westnet.com wrote:
I have one machine run freshclam, and use rsync to update all my
other servers with the databases. The clamav user has to have ssl
keys set up so it can ssh to the other servers
On 5/26/11 7:27 AM, Michael Scheidell wrote:
Two different servers, in two different data centers, trying to pull the latest
safebrowsing list, hung, cpu 100%
Having a similar problem with the Canadian pool at IP: 24.215.0.24 - the
download never finishes, the socket is closed, freshclam
On 5/27/11 7:05 AM, Dennis Peterson wrote:
On 5/26/11 7:27 AM, Michael Scheidell wrote:
Two different servers, in two different data centers, trying to pull the
latest safebrowsing list, hung, cpu 100%
Having a similar problem with the Canadian pool at IP: 24.215.0.24 - the
download never
On 5/27/11 7:36 AM, Michael Scheidell wrote:
On 5/27/11 10:26 AM, Dennis Peterson wrote:
On 5/27/11 7:05 AM, Dennis Peterson wrote:
On 5/26/11 7:27 AM, Michael Scheidell wrote:
Two different servers, in two different data centers, trying to pull the
latest safebrowsing list, hung, cpu 100
On 5/27/11 8:11 AM, Michael Scheidell wrote:
On 5/27/11 11:07 AM, Dennis Peterson wrote:
Obviously, but a second verification is helpful whereas rants from a sample of
one? Well, not so much.
my email was clear, concise, and very the problem easily duplicated.
you really have a thin skin
On 4/16/11 1:50 PM, Nathan Gibbs wrote:
Which is right along the lines of what the OP wants.
The OP wanted ( Re: *.UNOFFICIAL Virus Names ):
It is a non-optional logging feature of ClamAV. I'd like to see a config
option in there to turn it on or off. As it is I edit the source code at
each
On 4/17/11 1:35 PM, Nathan Gibbs wrote:
* Steve Basford wrote:
I receive .UNOFFICIAL reports too, which aren't produced by Sanesecurity,
so instead I forward them on and/or whitelist.
This page shows FP contact details for all the .UNOFFICIAL ones
On 4/17/11 1:28 PM, Nathan Gibbs wrote:
* aCaB wrote:
On 04/17/11 05:05, Dennis Peterson wrote:
Adding the hard-coded UNOFFICIAL reduces some liability from the Clamav
team.
Which is why it shouldn't be changed in the underlying libclamav.
That! And lots of daily annoyances with FP
On 4/14/11 7:00 AM, Bowie Bailey wrote:
On 4/14/2011 9:49 AM, Antonio Pereira wrote:
Thanks
I ad put in
MBL_200562.UNOFFICIAL
instead of
MBL_200562
I reloaded clamav and now it works.
I would have done the same thing if I hadn't looked at the Sanesecurity
file first. I think UNOFFICIAL is
On 4/14/11 7:21 AM, Nathan Gibbs wrote:
* Dennis Peterson wrote:
It is a non-optional logging feature of ClamAV. I'd like to see a config
option in there to turn it on or off. As it is I edit the source code at
each build and turn it off.
Could you send me your code for that? I'll consider
On 3/18/11 10:18 AM, Chuck Swiger wrote:
On Mar 17, 2011, at 6:22 PM, Dennis Peterson wrote:
Since you're thinking in this direction you may discover locate is faster than
find though it has issues of it's own as well as opportunity. See more at man
locate. Locate searches a pre-built
On 3/18/11 11:12 AM, Chuck Swiger wrote:
On Mar 18, 2011, at 11:02 AM, Dennis Peterson wrote:
Yes, and while locate is great for older files, is not really intended for
detecting files which have appeared over the past day on a fileserver. By
default, the locate DB is only rebuilt once
On 3/18/11 11:29 AM, Chuck Swiger wrote:
On Mar 18, 2011, at 11:22 AM, Dennis Peterson wrote:
[ ... ]
Took a while but you're at least thinking.
Please spare the readers of the list this sort of pointless sarcasm. *plonk*
That wasn't sarcasm. It was a complement.
dp
On 3/16/11 7:24 AM, Russ Tyndall wrote:
On Mar 15, 2011, at 4:51 PM, Chuck Swiger wrote:
One thing you might consider doing is using find /location -mtime 1 to
generate a list of which files have been modified over the past day, and only scanning
these via clamdscan -f.
I experimented
On 3/6/11 1:43 PM, Alex wrote:
The MBL_144360 is still present in the mbl database, but now it
doesn't match.
That signature has a big google footprint. I found it here, for example:
http://permalink.gmane.org/gmane.comp.security.virus.clamav.sanesecurity/3094
It would seem there is a QA
On 3/5/11 8:36 AM, Jim Preston wrote:
You have missed the point, my system does serve my needs to the extent that
upgrading the OS is not worth the benefit till now. A major cause is the lack of
a clean upgrade path from the early FC versions. The recommended method was a
clean install. Since
On 2/28/11 7:30 AM, Török Edwin wrote:
Maybe we should tag all our new signatures with 0.96.4+ (ldb, bytecode,
and ndb at least)?
Of course that means that 0.95 would be even less effective at detecting
malware than it already is (no VI/IDB/CBC support there), but apparently
people running
=== quote =
Subject: Re:[Clamav-users]Locating Infected Files in Logs
Hi Dennis:
Can you answer this one regarding infected files. The log file is on
stdout as follows: is this reading the ClamAV files are infected? How
do I get rid of the 45 infected files if they are really infected.
On 10/29/10 6:22 AM, Carlos Mennens wrote:
My question is where or how can I see what the location of the two
infected files are? I looked at /var/log/clamav/freshclam.log didn't
see anything there when grep'ing for the word infected.
In my logs I look for FOUND.
dp
On 10/29/10 11:28 AM, Carlos Mennens wrote:
On Fri, Oct 29, 2010 at 1:12 PM, Dennis Petersondenni...@inetnw.com wrote:
On 10/29/10 6:22 AM, Carlos Mennens wrote:
My question is where or how can I see what the location of the two
infected files are? I looked at /var/log/clamav/freshclam.log
On 10/1/10 11:30 PM, Al Varnell wrote:
On 10/1/10 12:07 AM, Dennis Petersondenni...@inetnw.com wrote:
A short term solution until Apple updates bzip2 is to install MacPorts if not
already installed, and use it to install bzip2. It will install it in
/opt/local
so you need to add an option to
On 10/4/10 9:20 AM, Al Varnell wrote:
On 10/4/10 7:51 AM, Dennis Petersondenni...@inetnw.com wrote:
On 10/1/10 11:30 PM, Al Varnell wrote:
On 10/1/10 12:07 AM, Dennis Petersondenni...@inetnw.com wrote:
A short term solution until Apple updates bzip2 is to install MacPorts if
not
already
On 10/4/10 10:03 AM, Al Varnell wrote:
On 10/4/10 9:39 AM, Erwan Davider...@rail.eu.org wrote:
On 04/10/10 18:25, Dennis Peterson wrote:
On 10/4/10 9:20 AM, Al Varnell wrote:
On 10/4/10 7:51 AM, Dennis Petersondenni...@inetnw.com wrote:
On 10/1/10 11:30 PM, Al Varnell wrote:
On 10/1/10
On 10/4/10 6:03 PM, Al Varnell wrote:
I troubleshoot ClamXav for users and it's important for me to not get ahead
of the ClamXav developer or Apple, so I must leave things as they are until
Mark has a chance to compile and release 0.96.3 and or Apple gets around to
fixing bzip2.
I just don't
On 10/4/10 8:29 PM, Al Varnell wrote:
Could it be that clamd was somehow compiled with 1.0.2?
It appears that your library is 1.0.2 regardless of what the binary might be.
Did you ever do a restore of you /lib? That's most frequently how libs get
mysteriously backleveled. Assuming it was
On 9/30/10 10:44 PM, Dennis Peterson wrote:
On 9/30/10 10:36 PM, Dennis Peterson wrote:
On 9/30/10 10:22 PM, Dennis Peterson wrote:
On 9/30/10 10:10 PM, Al Varnell wrote:
Apple released an upgrade to bzip2 a few days ago - did you install it?
I don't think so. I just checked the user
On 10/1/10 3:24 AM, TR Shaw wrote:
Al
Just compile bzip2 from the source. Thats what I did and everything was fine.
Tom
The bzip2 source is a mess that requires much customization to build as the
author hasn't the resources to put it together right. It builds fine in Solaris,
not so fine
On 9/30/10 8:57 PM, Syed Zubair wrote:
This is what I get when I try to install ClamAV 96.3: Help
configure: Summary of engine detection features
autoit_ea06 : yes
bzip2 : bugged (CVE-2010-0405)
zlib: /usr
unrar :
On 9/30/10 10:10 PM, Al Varnell wrote:
Apple released an upgrade to bzip2 a few days ago - did you install it?
I don't think so. I just checked the user and developer support downloads and
there's no sign of it. It has been available from third party porting
publishers, but nothing
On 9/30/10 10:22 PM, Dennis Peterson wrote:
On 9/30/10 10:10 PM, Al Varnell wrote:
Apple released an upgrade to bzip2 a few days ago - did you install it?
I don't think so. I just checked the user and developer support downloads and
there's no sign of it. It has been available from third
On 9/30/10 10:36 PM, Dennis Peterson wrote:
On 9/30/10 10:22 PM, Dennis Peterson wrote:
On 9/30/10 10:10 PM, Al Varnell wrote:
Apple released an upgrade to bzip2 a few days ago - did you install it?
I don't think so. I just checked the user and developer support downloads and
there's
On 9/27/10 11:55 PM, Török Edwin wrote:
On Tue, 28 Sep 2010 04:36:15 +0200
If you want to reject by content, you can do that as well (only for
nonencrypted archives of course) by writing a signature for your
filetype, and treating it as if it was a virus.
Rather than depend on file
301 - 400 of 1693 matches
Mail list logo