Re: [clamav-users] Restriction of downloads

Team— The qnap and synology issues are a result of the EOL of <0.100. Not as a result of the abusive downloaders. Two separate issues. Our EOL policy that has been in place is “current version with all minor patches and one back with all minor patches”. This has been our policy for about 8–10

Re: [clamav-users] Restriction of downloads

Please don’t. You have two solutions provided from us. Please use one of them. Sent from my  iPhone On Mar 13, 2021, at 06:18, Eero Volotinen wrote:  Just use that php based freshclam replacement? Eero On Sat 13. Mar 2021 at 13.53, Matus UHLAR - fantomas mailto:uh...@fantomas.sk>> wrote:

Re: [clamav-users] Restriction of downloads

estinataire, et toute diffusion ou publication ultérieure du contenu de ce message, en totalité ou en partie, est interdite sauf autorisation préalable et écrite de l'émetteur" ____ De: "Joel Esler (jesler) via clamav-users" À: "ClamAV users ML&

Re: [clamav-users] Unable to download clamav cvd file using google cloud python function

vailable? > > > >> On Wed, 10 Mar 2021 22:29:41 + >> "Joel Esler \(jesler\) via clamav-users" >> wrote: >> >> To give everyone a frame of reference. This is what a Cdiff release and >> download cycle should look like: >> >>

Re: [clamav-users] Private Mirror Via Artifactory

environment. Please Immediately switch to using Freshclam or https://github.com/micahsnyder/cvdupdate to update your AV definitions. Sorry for the inconvenience, but we are currently in emergency mode and have to make several drastic changes over the last several days. -- Joel Esler Manager

Re: [clamav-users] Restriction of downloads

You’ll have to work with qnap. We can’t update qnap. Sent from my  iPhone On Mar 11, 2021, at 13:39, Harv Azad via clamav-users wrote:  I’m a simple QNAP 509 (x2) user and having read the emails I’m a bit confused on how to resolve the issue of definitions not updating automatically.

Re: [clamav-users] looks like I have a problem too

On Mar 10, 2021, at 3:29 PM, Paul Kosinski via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: I wrote a little script that run off cron every hour or so. But it *only* invokes freshclam after querying ClamAV's DNS TXT record to see if any advertised versions of 'daily',

Re: [clamav-users] looks like I have a problem too

> On Mar 10, 2021, at 3:58 PM, Arjen de Korte via clamav-users > wrote: > > Citeren Paul Smith via clamav-users : > >> That's certainly how it seems to behave here. If the DNS record hasn't >> changed, then it just says "everything's fine" and does nothing else. So, if >> you ran Freshclam

Re: [clamav-users] Unable to download clamav cvd file using google cloud python function

hat, I agree a prominent message about the obsolescence of ClamAV < 0.100 and the current download limits is desireable. Traffic wise? About 80% of people aren’t using Freshclam or cvdupdate. What that equates to in real person numbers? I have not done that calculation. -- Joel Esler Manag

Re: [clamav-users] Unable to download clamav cvd file using google cloud python function

On Mar 10, 2021, at 12:31 PM, Paul Smith via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: On 10/03/2021 17:00, Paul Kosinski via clamav-users wrote: I wonder how many "ordinary" users of ClamAV are giving up on using it after getting permanent 403s. I would imagine there are

Re: [clamav-users] freshclam getfile failed - and clamav links Cloudfare 1020 error.

That browser is blocked because it’s old as heck, and we’re dealing with automated bots that are randomizing and using illegitimate browser User-Agents to try and bypass the controls. On Mar 10, 2021, at 2:01 PM, r.dodin via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hi, My

Re: [clamav-users] Database update downloads blocked with 403 error

Preach. On Mar 10, 2021, at 11:48 AM, Paul Smith via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: People think if they're downloading to a server and then their users' PCs download from that server, then they're saving bandwidth, but about 11,000 client computers getting a CDIFF

Re: [clamav-users] Database update downloads blocked with 403 error

the ClamAV environment. Please Immediately switch to using Freshclam or https://github.com/micahsnyder/cvdupdate to update your AV definitions. Sorry for the inconvenience, but we are currently in emergency mode and have to make several drastic changes over the last several days. -- Joel Esler

Re: [clamav-users] Rate-limiting question

You shouldn’t be rate limited if Freshclam is operating correctly. Can you give me an IP to look up? Sent from my  iPhone On Mar 9, 2021, at 16:58, Jimmy Tigert via clamav-users wrote:  Greetings, We are experiencing the results of the current rate-limits due to some parties’ activities

Re: [clamav-users] Rate Limiting Downloads

mav-users > wrote: > > Hi there, > > On Thu, 4 Mar 2021, Joel Esler (jesler) via clamav-users wrote: > >> ... >> Downloading using other than FreshClam has now been limited. >> ... > > Should this not have gone to

Re: [clamav-users] Freshclam network unreachable

Thanks team, was just wondering. On Mar 9, 2021, at 11:52 AM, Gene Heskett via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: On Tuesday 09 March 2021 09:37:59 Joel Esler (jesler) via clamav-users wrote: Out of procedural curiosity, why would someone want to disable ipv6?

Re: [clamav-users] Freshclam network unreachable

Out of procedural curiosity, why would someone want to disable ipv6? > On Mar 8, 2021, at 6:40 PM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Mon, 8 Mar 2021, Adam Bashore via clamav-users wrote: > >> I'm able to telnet to port 80 at db.local.clamav.net without issue. but I

Re: [clamav-users] Blocked by Cloudflare

the ClamAV environment. Please Immediately switch to using Freshclam or https://github.com/micahsnyder/cvdupdate to update your AV definitions. Sorry for the inconvenience, but we are currently in emergency mode and have to make several drastic changes over the last several days. -- Joel Esler

Re: [clamav-users] Rép. : Re: ASP : Forbidden 403 on download virus database

the ClamAV environment. Please Immediately switch to using Freshclam or https://github.com/micahsnyder/cvdupdate to update your AV definitions. Sorry for the inconvenience, but we are currently in emergency mode and have to make several drastic changes over the last several days. -- Joel Esler

Re: [clamav-users] Freshclam network unreachable

the ClamAV environment. Please Immediately switch to using Freshclam or https://github.com/micahsnyder/cvdupdate to update your AV definitions. Sorry for the inconvenience, but we are currently in emergency mode and have to make several drastic changes over the several days. -- Joel Esler Manager

Re: [clamav-users] Not able to use curl to download the cvd files successfully

On Mar 8, 2021, at 11:30 AM, Todd Aiken mailto:todd.ai...@ubishops.ca>> wrote: > From: clamav-users > mailto:clamav-users-boun...@lists.clamav.net>> > on behalf of "Joel Esler (jesler) via clamav-users" > mailto:clamav-users@lists.clamav.net>> >

Re: [clamav-users] ASP : Forbidden 403 on download virus database

Vincent, I don’t show that IP in our logs. However, check out: https://lists.clamav.net/pipermail/clamav-users/2021-March/010577.html -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org On Mar 8, 2021, at 5:12 AM

Re: [clamav-users] Not able to use curl to download the cvd files successfully

No! Don’t “bypass” it. And “protecting” does not need to be in quotes, it’s quite literally what we are doing. And people doing the above are the problem. As I said in countless other emails, either use Freshclam or https://github.com/micahsnyder/cvdupdate. The more people that d

Re: [clamav-users] Script PHP to refresh private miror in sinergy with freshclam

Okay, users of this script should be good to go. I would suggest that you put this on GitHub, and we’ll link to it from the official FAQ. On Mar 7, 2021, at 6:06 PM, Vincent GUESNARD via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: My last edit for today just to magnify cli

Re: [clamav-users] 回覆: Not able to use curl to download the cvd files successfully

Please use either FreshClam or our new tool cvdupdate: https://github.com/micahsnyder/cvdupdate Just replace your CURL script with this. On Mar 8, 2021, at 9:19 AM, Lo Nelson via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hi Matus, I use a Windows server with Cygwin installed

Re: [clamav-users] Restriction of downloads

ground right now, for anyone on the client side that has been paying attention to the downloads over the last couple days, you’ve seen it work then not work then work again. Please use Freshclam. Sent from my  iPhone On Mar 6, 2021, at 19:33, Joel Esler (jesler) wrote:  ClamAV community

Re: [clamav-users] Script PHP to refresh private miror in sinergy with freshclam

Also this: “ SERIOUSLY ? MORE THAN 100 DAYS WITHOUT UPDATE ? IT WILL COST LESS MONEY ON BANDWITH AT CLAMAV IF YOU DOWNLOAD THE FULL NEW DATABASE";” Is incorrect. It costs less to download 100 cdiffs than it does to download the full daily. Sent from my  iPhone On Mar 7, 2021, at 18:07,

Re: [clamav-users] QNAP - Cannot update virus definition & cannot wget *.cvd (receive error 403 forbidden)

:48 PM, Joel Esler (jesler) via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: So, Qnap is up to date? But people using older versions need to update their Qnap software? Is that what’re your saying? It seems like the holdouts are ClamWin and Qnap. A lot of the issues that I

Re: [clamav-users] QNAP - Cannot update virus definition & cannot wget *.cvd (receive error 403 forbidden)

So, Qnap is up to date? But people using older versions need to update their Qnap software? Is that what’re your saying? It seems like the holdouts are ClamWin and Qnap. A lot of the issues that I have seen of versions lower than 0.100 are those two. — Sent from my  iPad > On Mar 7,

Re: [clamav-users] I can't update Clamav database for 5 days

Thank you all for understanding, and yes, I could have been more clear in the blog post. But the intention is that when EOL happens, those versions are now disabled. — Sent from my  iPad > On Mar 7, 2021, at 11:18, Paul Smith via clamav-users > wrote: > >  > On 07/03/2021 15:55, Arjen

Re: [clamav-users] (no subject)

ClamWin is not a ClamAV product. They use our engine, but we don’t make it. ClamWin needs to update to a more current version of ClamAV, they are very far behind. — Sent from my  iPad > On Mar 6, 2021, at 21:54, Tech Support via clamav-users > wrote: > >  > Hi, > > > I’m using

[clamav-users] Restriction of downloads

. — Joel Esler The guy putting in the time to try snd solve this Sent from my  iPhone ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https

Re: [clamav-users] Downloading CVD files manually..

Correct. Wget is restricted. I wrote that in my email. So if you upgrade your version of freshclam/ClamAV, you should be good. Please see our blog post made back in the beginning of February. Sent from my  iPhone > On Mar 6, 2021, at 16:10, Paul Smith via clamav-users > wrote: > > OK,

Re: [clamav-users] Virus def download results in 403 Forbidden

nd this seemed to be the best fit. > > >> On Mar 5, 2021, at 10:20 AM, Joel Esler (jesler) via clamav-users >> wrote: >> >> Are you using Freshclam to download the updates? >> >>> On Mar 5, 2021, at 12:58 PM, Ritch Parker wrote: >>> >>> Hello

Re: [clamav-users] Virus def download results in 403 Forbidden

Are you using Freshclam to download the updates? > On Mar 5, 2021, at 12:58 PM, Ritch Parker wrote: > > Hello, > > Yesterday, for some reason, all my AWS VMs receive a 403 Forbidden response > from clamav when attempting to pull the latest cvd files. I’ve tried from > two different

Re: [clamav-users] Rate Limiting Downloads

downloading is now in place. If you are getting “429” back from Cloudflare - you are part of the problem. 2. Use of Wget, Curl, and the link is now severely limited. 3. Use FreshClam 4. We’re modifying FreshClam in upcoming releases to deal with this problem better. 5. See #3 -- Joel Esler

[clamav-users] Rate Limiting Downloads

. There’s no reason to download the full main and daily. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org signature.asc Description: Message signed with OpenPGP

Re: [clamav-users] FreshClam can't download database

You’re not sending “server-name” in your test there: echo | openssl s_client -connect database.clamav.net:443 -servername database.clamav.net | openssl x509 -text -noout > On Feb 24, 2021, at 5:05 PM, Royce Souther via clamav-users > wrote: > > It looks like the SSL cert for

Re: [clamav-users] Virus Sigs not updating

step up and take on this task. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Feb 20, 2021, at 10:58 AM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Sat, 20 Feb 2021,

Re: [clamav-users] ClamAV not even mentioned in article "The 6 Best Antiviruses for Linux 2021"

These types of articles are written purely for seo. We get contacted constantly about this type of thing. Sent from my  iPhone > On Feb 19, 2021, at 17:26, Andrew C Aitchison via clamav-users > wrote: > >  >> On Fri, 19 Feb 2021, Paul Kosinski via clamav-users wrote: >> >>

Re: [clamav-users] ClamAV not even mentioned in article "The 6 Best Antiviruses for Linux 2021"

This is what happens when you don’t pay people for SEO. Sent from my  iPhone > On Feb 19, 2021, at 12:10, Paul Kosinski via clamav-users > wrote: > > https://www.safetydetectives.com/best-antivirus/linux/ > > ___ > > clamav-users mailing list

Re: [clamav-users] Problem updating dats

Please send me the IP that you are attempting to connect from off list. > On Feb 12, 2021, at 11:58 AM, Justus Addiss via clamav-users > wrote: > > About three days ago our HP-UX server stopped being able to get DAT updates > via freshclam. A SPARC system is still getting them successfully,

Re: [clamav-users] Freshclam failing to get update

Everyone should upgrade to current. So many CVEs have been patched in the past couple of major versions. We’ve shut off older versions as it’s costing a fortune for us to keep feeding older versions of ClamAV, which download the daily.cvd in its entirety, once a second. (So many people do

[clamav-users] ClamAV® blog: ClamAV EOL versions prior to 0.100

> > https://blog.clamav.net/2021/02/clamav-eol-versions-prior-to-0100.html > > > ClamAV EOL versions prior to 0.100 > > <>ClamAV community, we want to inform you that, effective March 1, ClamAV > 0.99.0 (and all minor

Re: [clamav-users] [When was 0.103.1 announced on *this* list?

Nothing to read into. I just forgot. Life is good. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Feb 9, 2021, at 2:55 PM, Paul Kosinski wrote: > > Thanks. > > It's good to know that my

Re: [clamav-users] [SUSPECTED SPAM] When was 0.103.1 announced on *this* list?

I forgot to announce it. Sorry about that. — Sent from my  iPad > On Feb 9, 2021, at 10:14, Paul Kosinski via clamav-users > wrote: > > I save all the ClamAV mail, and couldn't find an announcement. > > ___ > > clamav-users mailing list >

[clamav-users] ClamAV® blog: ClamAV 0.103.1 patch release

> > https://blog.clamav.net/2021/02/clamav-01031-patch-release.html > > > ClamAV 0.103.1 patch release > > ClamAV 0.103.1 is out now. Users can head over to clamav.net/downloads > to download

Re: [clamav-users] freshclam logs "DNS record is older than 3 hours."

> On Jan 29, 2021, at 7:50 AM, Gary R. Schmidt wrote: > > On 29/01/2021 21:57, G.W. Haywood via clamav-users wrote: >> Hi there, >> On Fri, 29 Jan 2021, Gary R. Schmidt wrote: >>> I've just noticed that freshclam has logged "DNS record is older than 3 >>> hours." twice in the last few days.

Re: [clamav-users] Problem with private mirror and cld, inc files

on for the clamav-daemon to > run, but the files are not available for download > I am afraid that in the long run my service could again DoS > database.clamav.net <http://database.clamav.net/> and it would be prudent for > me to proceed with the private mirror solution. > > Regards

Re: [clamav-users] Problem with private mirror and cld, inc files

les is the only blocker to make this > work :/ > > On Tue, Jan 26, 2021 at 7:00 PM Joel Esler (jesler) <mailto:jes...@cisco.com>> wrote: > Why wouldn’t you just download less often? Instead of doing all of this? We > publish updates once a day, there’s no need to download the

Re: [clamav-users] Problem with private mirror and cld, inc files

Why wouldn’t you just download less often? Instead of doing all of this? We publish updates once a day, there’s no need to download the entire package once a second. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https

Re: [clamav-users] ClamAv help

What would you like to do other than what you have done? Seems like you were able to cover the basics. Sent from my  iPhone > On Dec 31, 2020, at 15:47, Jay A. Schoon via clamav-users > wrote: > >  Hello: > > I have installed ClamAV on a Mac running Mojave 10.14.6. I have successfully

Re: [clamav-users] [SUSPICIOUS] Re: Question about Urlhaus.Malware.452652-9766253-0

You should set it to ignore if you don’t want to use it. Sent from my  iPad > On Dec 30, 2020, at 20:16, Orion Poplawski wrote: > > So that is a apparently a malicious site as determined by Urlhaus and is on > their filter list. But how is it useful as a ClamAV signature? You are not >

Re: [clamav-users] Remove from list

Please go to here: https://lists.clamav.net/mailman/listinfo/clamav-users At the bottom and follow the links to unsubscribe. Sent from my  iPad > On Dec 30, 2020, at 20:54, Jim and Jenn Guild via clamav-users > wrote: > >  Hi, > > Would you please remove me from the mailing list? > >

Re: [clamav-users] freshclam can't download updates due to SSL issue

Nothing has changed on our end. Sent from my  iPhone > On Dec 23, 2020, at 13:57, Chris via clamav-users > wrote: > >  > Hello > > I'm using ClamAV version 0.103.0 and recently whenever I try to update ClamAV > with freshclam, for some reason it spits out this error: > > WARNING:

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Isn’t that literally the opposite of what needs to happen? On Dec 22, 2020, at 1:27 AM, Brent Clark via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hiya Can you please submit to Sanesecurity too. https://sanesecurity.com/contact-us/ Regards Brent On 2020/12/21 18:44,

Re: [clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Yes Sent from my  iPhone > On Dec 22, 2020, at 02:30, Luca Sironi via clamav-users > wrote: > >  > Hello, > are those signatures coming from FireEye github already included on the > regular update ? > > regards > Luca > > ___ > > clamav-users

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

On Dec 21, 2020, at 4:02 PM, eric-l...@truenet.com wrote: Joel, I pretty much disagree with this. 90% or greater of what is sent into http://clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

I pretty much disagree with this. 90% or greater of what is sent into clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover just the sample you sent in, we cover all the variants of that sample at the time, if possible. On Dec 21,

Re: [clamav-users] ClamAV Fireeye Rules?

Again, same as I wrote on the Snort list, we rewrote all of this detection and it is in the official ClamAV database, so If you are using fresh clam to update from clamav, you already have it. On Dec 17, 2020, at 3:44 PM, bobby via clamav-users mailto:clamav-users@lists.clamav.net>> wrote:

Re: [clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Also, we have shipped detection which detects the same things Fireeye was detecting and much more, also rewritten to be more efficient in the official ruleset. Sent from my  iPhone > On Dec 14, 2020, at 18:54, G.W. Haywood via clamav-users > wrote: > > Hi there, > >> On Mon, 14 Dec

Re: [clamav-users] local server takes time to update clamav db

Both of those things are done as well. Sent from my  iPhone > On Dec 13, 2020, at 19:24, Dave Warren via clamav-users > wrote: > > On 2020-12-11 08:51, Paul Kosinski via clamav-users wrote: >> "The whole CVD filename is not versioned (always "daily.cvd") which is >> why the CloudFlare

Re: [clamav-users] local server takes time to update clamav db

If the >>> second attempt still fails then give the error to the user. >> >> I want to be clear -- the message that was originally reported is not an >> error message. It's a verbose (a.k.a debug-level) message. If you're >> running freshclam relatively frequently, then

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 12:21 PM, G.W. Haywood via clamav-users > wrote: > > But the real fix must be in the hands of Cloudflare, or perhaps those > of Cloudflare's customers (making more fuss about something which, at > first sight, could very easily be remedied). While I agree, I am sure

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 11:58 AM, Paul Kosinski via clamav-users > wrote: > > I would imagine that Cloudflare has a means of fetching a specific file > from any of their own mirror servers (via its unique, non-anycast, IP > address) to check its operation. If ClamAV DB files could be requested

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 9:07 AM, Andrew C Aitchison > wrote: > > On Thu, 10 Dec 2020, Joel Esler (jesler) via clamav-users wrote: > >>> >>> >> >> By “unable to resolve” Micah means: “There’s nothing more we can do >> to solve th

Re: [clamav-users] local server takes time to update clamav db

ink the way to fix this is, freshclam, if it receives an “I’m behind” error from the PoP, to do a sleep for awhile and then try again. If the second attempt still fails then give the error to the user. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosi

Re: [clamav-users] ClamAV perform monitoring of traffic

ClamAV scans files. Mail is one of those files it can scan. Attachments to those emails as well. ClamAV doesn’t scan traffic. As in Network Traffic. For that, see Snort. (snort.org <http://snort.org/>) -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Grou

Re: [clamav-users] Errir parsing PNG files and 451_mail_server_temporarily_rejected_message

ouble for you and for some others. ... > > Has this been reported elsewhere? Nothing in Bugzilla AFAICT. > > Interesting, yes, all bugs should be in bugzilla, however, this may be permission secured. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.

Re: [clamav-users] Google safebrowsing types and usage questions

Added. > On Oct 17, 2020, at 11:41 AM, G.W. Haywood wrote: > > Hi Joel, > > On Sat, 17 Oct 2020, Joel Esler (jesler) via clamav-users wrote: > >> That documentation lives here: >> https://github.com/Cisco-Talos/clamav-faq/blob/master/faq/faq-safebrowsing.md &g

Re: [clamav-users] Google safebrowsing types and usage questions

That documentation lives here: https://github.com/Cisco-Talos/clamav-faq/blob/master/faq/faq-safebrowsing.md A pull request will allow me to review and approve. Sent from my  iPhone > On Oct 17, 2020, at 07:56, Iulian Stan via clamav-users > wrote: > >  > Hi Ged, > > Yes, the

Re: [clamav-users] ClamAV - Emotet - Malware not detected

Can you provide the SHA256 hash of a couple of the files? -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Sep 16, 2020, at 4:43 AM, clamav-users@lists.clamav.net wrote: > > Hello, >

[clamav-users] ClamAV® blog: ClamAV 0.103.0 released!

> > https://blog.clamav.net/2020/09/clamav-01030-released.html > > > ClamAV 0.103.0 released! > > Please visit the ClamAV Downloads page to > get your copy now! > > ClamAV 0.103.0 highlights > >

Re: [clamav-users] Listserve

Enjoy Stephen! Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users or by sending an email to clamav-users-le...@lists.clamav.net Thanks! -- Joel Esler Manager, Communities Division Cisco Talos Intelligence

Re: [clamav-users] freshclam frequency ?

Several of the problems that we’ve observed are things like a dockerized container or a VM that is reset constantly, so instead of being able to download the cdiffs, those machines have to download the whole daily/main. Those could benefit from a local mirror. Abusers are present but

Re: [clamav-users] Transferring licence to new MacBook

Are you writing about ClamXav? As that is a product that is not produced by us. Our engine is taken and repackaged for that. > On Aug 30, 2020, at 9:43 AM, G. Hoffman via clamav-users > wrote: > > Hi users, > > I have just purchased a new MacBook and am trying to move my registration to >

Re: [clamav-users] ClamAV for commercial use

Rajat, As long as your use of it is compliance with the GPLv2, then yes. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Aug 27, 2020, at 5:22 AM, Rajat Gupta via clamav-users > wrote: > >

[clamav-users] ClamAV® blog: ClamAV 0.103.0 release candidate

> > https://blog.clamav.net/2020/08/clamav-01030-release-candidate.html > > > ClamAV 0.103.0 release candidate > > Today we are pleased to announce the ClamAV 0.103.0 release candidate > !

Re: [clamav-users] [ext] Re: ClamAV® blog: Freshclam, cdiffs and bandwidth are your friends

As I said, checking the DNS TXT entry is fine. Checking that every hour is fine, (just in case we push something immediate). Downloading the cdiffs is fine. Downloading the entire CVD files constantly is not fine. Sent from my  iPad > On Jul 29, 2020, at 04:37, Ralf Hildebrandt via

Re: [clamav-users] ClamAV HTML RealURL DisplayURL failed

Are you writing your rule to detect the correct file type? Sent from my  iPad > On Jul 29, 2020, at 06:02, shishab...@vollbio.de wrote: > > hi @ all, > > i use postfix, amavisd and clamav with urlhaus ndb (for ClamAV) sig from > urlhaus.abuse.ch. if i send or receive a mail with a hyperlink

Re: [clamav-users] ClamAV® blog: Freshclam, cdiffs and bandwidth are your friends

in between? In > other words, is it always useless to check the TXT record more often? > > > >> On Mon, 27 Jul 2020 22:09:31 + >> "Joel Esler \(jesler\) via clamav-users" >> wrote: >> >> https://blog.clamav.net/2020/07/freshclam-cdiffs-

Re: [clamav-users] Clam AV Central Management Serve

gt; Sudhir Kumar Maharjan > Sent: Tuesday, July 28, 2020 2:59:11 PM > To: Joel Esler (jesler) > Cc: ClamAV users ML > Subject: Re: [clamav-users] Clam AV Central Management Serve > > Thanks, I'll check it out. > > On Tue, Jul 28, 2020, 7:39 PM Joel Esler (jesler) <m

Re: [clamav-users] Clam AV Central Management Serve

c> | Facebook > <https://www.facebook.com/Deerwalk> | YouTube > <https://www.youtube.com/channel/UCawrNx5J26lzWs4viyaakRA> > > On Tue, Jul 28, 2020 at 6:06 PM Joel Esler (jesler) via clamav-users > mailto:clamav-users@lists.clamav.net>> wrote: > There is n

Re: [clamav-users] Clam AV Central Management Serve

There is not a central management system for ClamAV. We have a commercial product for that. It also contains ClamAV. Sent from my  iPad > On Jul 27, 2020, at 22:57, Sudhir Kumar Maharjan > wrote: > >  > Hello, > > We are using ClamAV for More than 500 Servers(Centos 7.8). And Till now

[clamav-users] ClamAV® blog: Freshclam, cdiffs and bandwidth are your friends

https://blog.clamav.net/2020/07/freshclam-cdiffs-effect-on-bandwidth.html Freshclam, cdiffs and bandwidth are your friends During a recent review of file downloads from our ClamAV CDN network, we've noticed hundreds

Re: [clamav-users] ClamAV Database update issue

Did sustain a DDoS last night, Cloudflare kicked in it’s anti-DDoS work that it does, but we’ve served about 6TB of update traffic in the past 30 minutes, so we should be good now. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com

Re: [clamav-users] ClamAV Database update issue

Sudhir, At what time exactly? We sustained a small DoS last night against the update server. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Jul 24, 2020, at 9:09 AM, Sudhir Kumar Maharjan >

[clamav-users] ClamAV® blog: ClamAV 0.102.4 security patch released

use the file type signatures in daily.cvd will not enable the EGG archive parser in affected versions. We will be publishing a release candidate for version 0.103.0 in the next couple of weeks. Stay tuned! -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Grou

Re: [clamav-users] How to determine virus database version from behind proxy?

hu, Jul 9, 2020 at 11:55 PM Joel Esler (jesler) wrote: >> You’re just giving your lookup to someone else. > > That includes typical lookups to DNS servers. One could ask who has access > to each query, what they do with it, how long do they keep it, who else do > they give i

Re: [clamav-users] How to determine virus database version from behind proxy?

You’re just giving your lookup to someone else. Sent from my  iPhone > On Jul 9, 2020, at 14:11, Richard Graham via clamav-users > wrote: > >  > Or for more advertised privacy: > > curl -H 'accept: application/dns-json' >

[clamav-users] ClamAV® blog: ClamAV 0.102.3 security patch released

> https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html > > > ClamAV 0.102.3 security patch released > > Today, we're publishing 0.102.3. Navigate to ClamAV's downloads page >

Re: [clamav-users] freshclam reports 403

Please give me your IP or the RayID that you receive in the error so I can lookup why you are blocked. Sent from my  iPhone > On May 2, 2020, at 07:09, Andreas Piesk via clamav-users > wrote: > > Hi list, > > for some time i get 403 when updating definitions with freshclam. > > The

Re: [clamav-users] clamsubmit error 500

Interesting. Please let me know if this occurs again. Thank you for your submissions! From: Arnaud Jacques Sent: Friday, May 1, 2020 12:45 PM To: ClamAV users ML Cc: Joel Esler (jesler) Subject: Re: [clamav-users] clamsubmit error 500 It works now. Thank you

Re: [clamav-users] clamsubmit error 500

Interesting, please try again? I'm not able to replicate the issue. On 5/1/20, 12:42 PM, "clamav-users on behalf of Arnaud Jacques" wrote: Hello Joel, Every time. Le 01/05/2020 à 17:46, Joel Esler (jesler) via clamav-users a écrit : > Does it happen every

Re: [clamav-users] clamsubmit error 500

Does it happen every time, or just once? On 5/1/20, 10:42 AM, "clamav-users on behalf of Arnaud Jacques" wrote: Hello, Using clamsubmit, I got : Unexpected POST submit response code: 500 -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com

Re: [clamav-users] IP Blacklisted by Mirror

Team — I control Cloudflare. Who is blocked and who is not is literally up to me. If you are being blocked, feel free to write me 1:1, share your IP with me, and I’ll tell you why you’re blocked. A ticket can also be filed on bugzilla.clamav.net under “mirrors”

Re: [clamav-users] ClamAV users

Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users or by sending an email to clamav-users-le...@lists.clamav.net Thanks! Sent from my  iPhone > On Apr 10, 2020, at 15:58, Stephen Baron via clamav-users >

Re: [clamav-users] Squid + ClamAV

> On Apr 7, 2020, at 10:24 AM, Henrik K wrote: > > On Tue, Apr 07, 2020 at 11:27:50AM +0100, G.W. Haywood via clamav-users wrote: >> >> I certainly don't subscribe to the view expressed in this thread (if >> that's the view that was expressed, and I'm not simply misrepresenting >> it) that

Re: [clamav-users] Status of SafeBrowsing CVD

able to get this out with competing development priorities. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Apr 2, 2020, at 5:38 AM, Erik Lax via clamav-users > wrote: > > Hi, > > W

Re: [clamav-users] Mirror at microsoft has obsolete cvd files

Yes. You should ask Microsoft to stop distributing mirror updates, and people should get the official mirror updates from Clamav itself. Sent from my  iPhone > On Mar 27, 2020, at 07:34, Henrik Hoeg Thomsen1 via clamav-users > wrote: > > Mirrror at Microsoft is obsolete? > >

<    1   2   3   4   5   6   7   8   9   10   >