Re: [clamav-users] ClamAV: Local Private Mirror

> On Jul 31, 2019, at 9:52 AM, J.R. via clamav-users > wrote: > >> Then, when we had trouble with Cloudflare's BOS server often being out >> of sync (for CVDs) with the DNS TXT record, I removed it. Now, I am >> dismayed that I have to give our file server a bit of Internet access so >> that i

Re: [clamav-users] ClamAV: Local Private Mirror

gt; that ensured redundant systems were not all reloading signatures at the same > time. > > dp > >> On 7/30/19 10:13 AM, Joel Esler (jesler) via clamav-users wrote: >> I'm interested as to why people want to do priva

Re: [clamav-users] ClamAV: Local Private Mirror

Part I needed: > On Jul 30, 2019, at 1:25 PM, Henrik K wrote: > > Control. Part I didn't need: > Is it really necessary to go over basic IT management practises here? smime.p7s Description: S/MIME cryptographic signature ___ clamav-users maili

Re: [clamav-users] ClamAV: Local Private Mirror

I'm interested as to why people want to do private mirrors? Other than to save bandwidth going to "the internet"? > On Jul 30, 2019, at 9:40 AM, J.R. via clamav-users > wrote: > >> Can you please tell me the H/W and S/W Specification >> of the Private local Mirror Server as a best practice fo

Re: [clamav-users] Freshclam "Can't query daily" due to DNS issue

Let me have a look... Sent from my  iPhone > On Jul 27, 2019, at 13:14, Robert L Mathews wrote: > > For a few days, I've been seeing new messages like this in the logs, > once per day per server: > > freshclam[1133]: Sat Jul 27 01:49:03 2019 -> *Can't query > daily.25523.93.1.0.260647

Re: [clamav-users] ClamAV independent assessment?

it is the only real option we have available right now but we > don't have time to assess it ourselves at this time, hence my question asking > if there are any third party reports available to help us reduce our risk > concerns. That's all. Thanks. >> On Jul 24, 2019,

Re: [clamav-users] ClamAV independent assessment?

ClamAV is an open source project. Anyone can examine the code at any time and many continually do. Do you mean in terms of security of the code base or in terms of efficacy. Either way, the answer is the same. Sent from my  iPhone > On Jul 24, 2019, at 15:00, David Cantrell via clamav-use

Re: [clamav-users] Win.Malware.Krucky-7009041-0 false positive

It may be waiting on peer review internally. Sent from my  iPhone > On Jul 21, 2019, at 08:04, Arnaud Jacques wrote: > > Yes, confirmed > >> Le 21/07/2019 à 13:05, Groach via clamav-users a écrit : >> Confirmed.? Updated and rescanned: >> Scan Started Sun Jul 21 12:02:25 2019 >>

Re: [clamav-users] Win.Malware.Krucky-7009041-0 false positive

Signature has already been dropped. Sent from my  iPhone > On Jul 20, 2019, at 07:37, Groach via clamav-users > wrote: > > Already have done. But I have never (no exaggeration) had any success with it > being actioned when reported only on that website. So I am also sending this > notific

Re: [clamav-users] performance degradation of clamscan

addresses I > currently allow through are 104.16.218.84 and 104.16.219.84, and they > seem to be enough.) > > Any thoughts? > > > > On Tue, 9 Jul 2019 20:40:15 + > "Joel Esler (jesler)" wrote: > >> This has been fixed for some time has it not? &g

Re: [clamav-users] performance degradation of clamscan

This has been fixed for some time has it not? > On Jul 9, 2019, at 3:38 PM, Paul Kosinski via clamav-users > wrote: > > The CVD version delivered by Cloudflare's "BOS" > Anycast server was often behind the version advertised by the DNS TXT. smime.p7s Description: S/MIME cryptographic signat

Re: [clamav-users] ClamAV reputation rating

The short answer is "No". ClamAV does not do reputation ratings, unless you are talking about a scale of not malicious, heuristic, PUA, and full on malicious. But there is not a reputation system, no. > On Jun 26, 2019, at 7:25 PM, Epicon Elysium via clamav-users > wrote: > > Thank you al

Re: [clamav-users] ClamAV reputation rating

No. But can you share an example? And what you’d like to do? Sent from my  iPhone > On Jun 23, 2019, at 23:59, Epicon Elysium via clamav-users > wrote: > > Hi, > > Hoping someone could help with the info I'm looking for. > > Does ClamAV support in enabling the reputation rating? Seems I

Re: [clamav-users] ClamAV Info

It can. –move will do it. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com From: clamav-users on behalf of Christopher Do - IQ-C via clamav-users Reply-To: ClamAV users ML Date: Wednesday, May 22, 2019 at 10:52 AM To: ClamAV users M

Re: [clamav-users] 403 on clamav-virusdb webpage

Nope. Just going to the wrong server. https://lists.clamav.net is where everything is at. From: clamav-users on behalf of Al Varnell via clamav-users Sent: Thursday, May 16, 2019 8:35 PM To: ClamAV users ML Cc: Al Varnell Subject: Re: [clamav-users] 403 on cla

Re: [clamav-users] 403 on clamav-virusdb webpage

The wrong link. Head to https://lists.clamav.net Sent from my  iPhone > On May 16, 2019, at 19:53, Arnaud Jacques wrote: > > Hello, > > This link generates 403 error code : > https://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-virusdb > > What's wrong ? > > -- > Cordialement / Best

Re: [clamav-users] how to verify if a malware signature is in DB & adding hash

Run clamscan against the file? Or if you want to see what is published each release, you should subscribe to the clamav-virusdb list. Sent from my  iPad > On May 5, 2019, at 19:40, Sunhux G via clamav-users > wrote: > > Hi > > How can I check if a a specific malware (by providing a name/h

Re: [clamav-users] Update Failure

We should probably remove that "official-mirror-faq" link from freshclam. There are no "mirrors" anymore. :) -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com On Apr 22, 2019, at 5:43 PM, Michael Newman via clamav-users mailto:clamav-use

Re: [clamav-users] reg clamav un-Authenticated Command Exception Vulnerablity

What CVE are you referring to? > On Apr 18, 2019, at 2:18 PM, Manasa Rupireddy via clamav-users > wrote: > > Hi All, > > I have installed latest version of ClamAV which is 0.101.2 version,but i was > still facing the clamav un-Authenticated Command Exception Vulnerablity. > > Could anyone he

Re: [clamav-users] Scan very slow

Let us take a look at separating them. Sent from my  iPhone > On Apr 7, 2019, at 14:03, Steve Basford > wrote: > >> On 7 April 2019 17:25:56 Arnaud Jacques wrote: >> >> >> ... and one day I created a *huge* ign2 file and it crashed clamd. Ign2 >> files may not be appropriate to ignore to

Re: [clamav-users] Clamav for educational institutions ?

I > think Debian does a pretty good job as a clamav distributor. > > Scott K > >> On April 6, 2019 12:21:05 AM UTC, "Joel Esler (jesler)" >> wrote: >> Correct. Which is why we recommend people compile from source for full >> functionality. >&g

Re: [clamav-users] Clamav for educational institutions ?

gt;> >> EDIT - There is the GPLv2 contained in the COPYING file. I just >> realized each of those files gives the licence for each part of >> ClamAV. Probably the most notable is the unrar licence, which if I >> recall RHEL/CentOS disables due to licence conflicts? >> &g

Re: [clamav-users] Clamav for educational institutions ?

That’s the content on the website. ClamAV, the software, is governed by the GPLv2 and other associates licenses as indicated by the LICENSE file contained therein. Sent from my  iPhone > On Apr 5, 2019, at 17:18, J.R. via clamav-users > wrote: > > At the bottom of the page on the website

Re: [clamav-users] Clamav for educational institutions ?

It’s free for everyone regardless. Sent from my  iPhone > On Apr 5, 2019, at 17:11, Timi koli via clamav-users > wrote: > > Hi Guys, > > Does anyone knows if the usage of the clamav for linux is free for > educational institutions or does it have to be a paid one. > > I tried to find it

Re: [clamav-users] Scan very slow

> On Apr 5, 2019, at 09:13, Mark Allan via clamav-users > wrote: > > Also CC'ing Micah directly as the mailing list would appear to be offline (at > least lists.clamav.net isn't responding to http requests anyway May want to try https. smime.p7s Description: S/MIME cryptographic signature _

Re: [clamav-users] Updating multiple servers

You can run a local mirror. That might be a good alternative. Sent from my  iPhone > On Apr 4, 2019, at 21:03, Tim Hawkins wrote: > > We have a large number of services running inside kubernetes that need to > have access to clamav, given the sheer number, i dont want to have to run > fre

Re: [clamav-users] ClamAV 0.101.2 announcement?

This was my fault. Thanks JR. > On Mar 27, 2019, at 10:17 AM, J.R. via clamav-users > wrote: > > I saw 0.101.2 was released yesterday (3/26/2019) but I can't find an > announcement anywhere? > > Anything noteworthy on this release? > > ___ > > cla

[clamav-users] ClamAV® blog: ClamAV 0.101.2 and 0.100.3 patches have been released!

> > https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html > > > ClamAV 0.101.2 and 0.100.3 patches have been released! > > ClamAV 0.101.2 > > ClamAV 0.101.2 is a patch release to address a handful of

Re: [clamav-users] Are signatures for Windows only?

egard, and I'm thankful ClamAV exists for > many reasons, not least its extensibility! > > Graeme > > > From: clamav-users on behalf of Joel > Esler (jesler) via clamav-users > Sent: 25 March 2019 19:36 > To: ClamAV users ML > Cc: Joel Esler (jesler); G.W. Haywood >

Re: [clamav-users] Are signatures for Windows only?

Actually, from what we understand, ClamAV is mostly used to scan email. Sent from my  iPhone > On Mar 25, 2019, at 12:22, G.W. Haywood via clamav-users > wrote: > > Although we share files with Windows platforms we really > only use ClamAV to scan mail. I guess we're as untypical of a ClamA

Re: [clamav-users] Are signatures for Windows only?

Our signatures cover all platforms. Sorry, can’t type on watch. :) Sent from my  iPad > On Mar 25, 2019, at 08:20, Joel Esler (jesler) via clamav-users > wrote: > > Our signature is cover all platforms. > > Sent from my Apple Watch > >> On Mar 25, 2019, at 0

Re: [clamav-users] Are signatures for Windows only?

Our signature is cover all platforms. Sent from my Apple Watch On Mar 25, 2019, at 08:13, J.R. via clamav-users wrote: > I keep thinking about this from time to time, but keep forgetting to > post before I get sidetracked doing something else... > > Are the ClamAV default signature files gear

Re: [clamav-users] Slow reload

All these times, I would imagine, would be based on the amount of CPU and RAM, even disk read speed, available to the machine loading. So these times are relative. Sent from my  iPhone > On Mar 20, 2019, at 07:48, Steve Basford > wrote: > >> On 2019-03-19 14:35, Bowie Bailey wrote: >> >

Re: [clamav-users] Database updated over unencrypted connection?

As Micah said, when we roll out the new version of freshclam that supports https, this will be a done deal. Technically, https on the cdn is available now. Freshclam just doesn’t know how to use it. We want people to freshclam. As the way it functions does so in a way that reduces load on th

Re: [clamav-users] Mailman web UI for ClamAV currently inaccessible

Thank you. Sent from my  iPhone On Mar 14, 2019, at 11:40, Ralph Seichter via clamav-users wrote: >> https://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users returns >> "403 Forbidden". > > I should probably mention that the above URL is sent to subscribers in > the 'Welcome to the "c

[clamav-users] Freshclam / mirror updates

Yesterday we made some updates to our CDN that distributes our CVD / CLD / CDIFF files. These changes should result in a faster and more reliable download of these files. Please let me know if you see any issues positive or negative! Thanks! -- Joel Esler Manager, Communities Division Cisco T

Re: [clamav-users] Testing

This should be corrected now. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com > On Feb 20, 2019, at 5:19 PM, Benny Pedersen wrote: > > Joel Esler (jesler) skrev den 2019-02-20 23:14: >> Testing! > > DKIM and DMAR

Re: [clamav-users] Eingangsbestätigung IT-Service

Removed from list. Sent from my  iPhone > On Feb 20, 2019, at 18:12, IT-Service Theatergemeinde Köln > wrote: > > Vielen Dank für Ihre Nachricht. Sie ist bei uns ordnungsgemäß eingegegangen > und wird so schnell wie möglich bearbeitet. > > Mit freundlichen Grüßen > > Ihr IT-Service der Th

Re: [clamav-users] Testing

We are working on this currently. Sent from my  iPhone > On Feb 20, 2019, at 18:05, Benny Pedersen via clamav-users > wrote: > > Scott Kitterman skrev den 2019-02-20 23:34: > >> I'm not sure why anyone expects anything different. > > you are not on maillist with original senders get dmarc

Re: [clamav-users] Testing

May take time for DNS to get out. Sent from my  iPhone > On Feb 20, 2019, at 17:20, Benny Pedersen wrote: > > Joel Esler (jesler) skrev den 2019-02-20 23:14: >> Testing! > > DKIM and DMARC still fails > > no news there :( >

[clamav-users] Testing

Testing! Sent from my  iPhone smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https:/

Re: [clamav-users] Do you see clamav's exact detection rate and error detection rate?

I think that Shadowservers statistics are drastically wrong and haven’t changed in about 5 years. That’s number one. Sent from my  iPhone > On Feb 15, 2019, at 04:26, 조정환 wrote: > > Hello everyone ~ > > I looked around the other site bulletin board for .clamav, and I had a > question, so

[clamav-users] ClamAV® blog: Bugzilla Maintenance tomorrow Feb 12th

> https://blog.clamav.net/2019/02/bugzilla-maintenance-tomorrow-feb-12th.html > Notice to all ClamAV users, our bugzilla instance at bugzilla.clamav.net will be experiencing some downtime tomorrow at 9am EST, February

[clamav-users] Qnap

I’ve suddenly started receive a lot of emails from Qnap users saying they can’t update ClamAV anymore. Anyone have a Qnap system that is technically inclined that can help me troubleshoot? Sent from my  iPhone ___ clamav-users mailing list clamav-use

Re: [clamav-users] False Positives - Heuristics.Phishing.Email.SpoofedDomain

Check out http://www.clamav.net/documents/miscellaneous-faq > On Jan 8, 2019, at 2:43 PM, Ken Campney wrote: > > Emails from credit card companies I deal with have since 12/10/18 been > getting flagged by Heuristics.Phishing.Email.SpoofedDo

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.1 Patch has been released

Solaris is definitely not one of the OSs in our build farm. Just FYI. > On Jan 8, 2019, at 1:05 AM, Gary R. Schmidt wrote: > > On 08/01/2019 05:33, Joel Esler (jesler) wrote: >>> >>> https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html >&g

[clamav-users] ClamAV® blog: ClamAV 0.101.1 Patch has been released

> > https://blog.clamav.net/2019/01/clamav-01011-patch-has-been-released.html > > > ClamAV 0.101.1 Patch has been released > > ClamAV 0.101.1 is an urgent patch release to address an issue in 0.101.0 > specifically fo

Re: [clamav-users] ClamAV Scan results

Likely not. I would bet that there are some poorly written yara sigs in your environment. Sent from my  iPhone > On Jan 4, 2019, at 07:28, Kaushal Shriyan wrote: > > Hi, > > I have the below details > > [root@ clamav]# clamscan --version > ClamAV 0.100.2/25267/Fri Jan 4 06:17:25 2019 >

Re: [clamav-users] My second server is under 100.2

You mean: https://blog.clamav.net/2018/12/libclamav-missing-headers-issue.html ? -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com > On Dec 29, 2018, at 4:19 PM, J.R

Re: [clamav-users] One question 🙋

I’m sorry. I don’t understand the question. Sent from my  iPhone > On Dec 29, 2018, at 03:54, Dorian ROSSE wrote: > > Hello, > > > Do an e-mail server without machine learning script hasn't right to your last > clamav production 0.101.0 instead 0.100.2? > > Thank you in advance to answer

Re: [clamav-users] Freshclam update HTTP Error 403 Forbidden

Yours is a separate issue that I have to look into. I have to pull the logs and see why you are being blocked. Sent from my  iPhone > On Dec 21, 2018, at 14:22, Claudiu Albu wrote: > > Micah, Al and all, > > > Thanks a lot again for your prompt reply and willingness to assist. > > I su

Re: [clamav-users] Freshclam update HTTP Error 403 Forbidden

Please see other other email. Sent from my  iPhone > On Dec 21, 2018, at 06:11, Claudiu Albu wrote: > > Hello all, > > > Been browsing through similar previous occurrences but found nothing > conclusive to our particular scenario. > > We’ve installed ClamAV on a Centos7 server somewhe

Re: [clamav-users] Freshclam update HTTP Error 403 Forbidden

Please see other email. Sent from my  iPhone > On Dec 21, 2018, at 06:15, Claudiu Albu wrote: > > Hello all, > > > Been browsing through similar previous occurrences but found nothing > conclusive to our particular scenario. > > We’ve installed ClamAV on a Centos7 server somewhere in

Re: [clamav-users] Freshclam update HTTP Error 403 Forbidden

What IP are you coming from? What version ClamAV are you using? Sent from my  iPhone > On Dec 21, 2018, at 06:27, Claudiu Albu wrote: > > Hello all, > > > Been browsing through similar previous occurrences but found nothing > conclusive to our particular scenario. > > We’ve installed C

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

Right. We only publish at certain times a day. I think a check once an hour is probably fine. Sent from my  iPhone > On Dec 20, 2018, at 09:55, Paul Kosinski wrote: > > Only DNS TXT queries are done 3-5 times per hour. Freshclam itself is > only run whenever that reports that there is so

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

Inline > On Dec 19, 2018, at 4:08 PM, J.R. wrote: > > Joel - In regards to the comment on pointing everyone to Cloudflare... > I'm guessing that statement means you are using a mix of the > Cloudflare CDN and the original volunteer mirrors still? No. Cloudflare is currently handling EVERYTHIN

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

> On Dec 17, 2018, at 3:01 PM, Dennis Peterson wrote: > > On 12/17/18 11:57 AM, Joel Esler (jesler) wrote: >> Inline: >> >>> On Dec 15, 2018, at 6:23 PM, Paul Kosinski >> <mailto:clamav-us...@iment.com>> wrote: >>> >>> I don&

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

Inline: > On Dec 15, 2018, at 6:23 PM, Paul Kosinski wrote: > > I don't know if flushing the daily.cvd cache would be adequate, since > there are probably some downstream caches that wouldn't follow suit. Actually I had someone correct me after I wrote this email, we already have been doing th

Re: [clamav-users] No good deed goes unpunished, or, why CVD files don't work

When Sourcefire acquired ClamAV "back in the day", we stopped accepting donations, as accounting for them on a corporate revenue side is more of a hassle than it is worth, so we just support it out of pocket. That being said, this thread is long and I wanted to reply to is. What if I flushed th

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

It’s not a service we can turn off. This is a string match. Sent from my  iPhone > On Dec 13, 2018, at 19:17, Scott Kitterman wrote: > > If they are relying on it, it'd be a service to turn it off until 0.101.1 is > released. > > Scott K > >> On Thursday, December 13, 2018 06:49:08 PM J

Re: [clamav-users] ClamAV installation is OUTDATED! as reported by freshclam utility on CentOS Linux release 7.6.1810 (Core)

ClamAV cannot control when the package distros update their packages. Also, some of the package maintainers, I suspect, rely on updates like that to tell them when they need to go update packages. > On Dec 13, 2018, at 12:28 PM, Scott Kitterman wrote: > > Would it be possible to turn off the

Re: [clamav-users] Can't detect deceptive URL's as infected !!

lain > > On Wed, Dec 12, 2018 at 6:23 AM Joel Esler (jesler) <mailto:jes...@cisco.com>> wrote: > Not sure. Perhaps Alain can chime in. My team also runs the Phishtank > project, so this is about making our different properties work together > through the official signa

Re: [clamav-users] Can't detect deceptive URL's as infected !!

Not sure. Perhaps Alain can chime in. My team also runs the Phishtank project, so this is about making our different properties work together through the official signature set in a supported way. If false positives are reported on the phishtank sigs through ClamAV.net, they are automatically

Re: [clamav-users] A workaround for the major ClamAV DB update delays we have been experiencing

Cloudflare's cache timeout is set to 5 seconds. So, I would doubt that Cloudflare's cache is the issue, it may be an ISP thing in the middle doing the caching, which is what Paul is guessing at this point, if I am following the thread correctly. Out of an abundance of caution I did a worldwide

Re: [clamav-users] Clamav download

Correct. > On Dec 10, 2018, at 5:42 AM, Robert Chalmers wrote: > > http://www.clamav.net/downloads > > > > - > Robert Chalmers > https://robert-chalmers.uk > aut...@robert-chalmers.uk > @R_A

Re: [clamav-users] A workaround for the major ClamAV DB update delays we have been experiencing

As it should be. No one should be downloading the daily and main, (although thousands are), cdiffs were created for a reason. Sent from my  iPhone > On Dec 9, 2018, at 06:58, Eric Tykwinski wrote: > > From back in archives, I think he’s using wget to just pull the files, but > freshclam w

Re: [clamav-users] A workaround for the major ClamAV DB update delays we have been experiencing

Not sure what you’re saying here. Are you saying that the daily on the cache is out of date? Sent from my  iPhone > On Dec 8, 2018, at 20:30, Eric Tykwinski wrote: > > J.R. > > You are falling into the same trap I followed. The txt record is: > current.cvd.clamav.net.1749INTXT

Re: [clamav-users] "Can't query daily..." entries in log since 0.101.0

Can you give us the full logs please? Not just that one line. Sent from my  iPhone > On Dec 7, 2018, at 15:49, Brian Fluet wrote: > > Hi All, > > Since installing Win32 portable v0.101.0 I am seeing the following > entry in the fresclam.log at each download: > > Can't query daily.25186.10

Re: [clamav-users] freshclam. Service exited with abnormal code: 1

You'd have to talk to the maintainer for homebrew for ClamAV. To my knowledge, we don't control that. > On Dec 4, 2018, at 10:23 AM, Robert Chalmers wrote: > > @Mica Snyder, > > Is there any chance that this update will make it to the Homebrew repo soon? > It’s not causing me any problems he

[clamav-users] ClamAV® blog: ClamAV 0.101.0 has been released!

> > https://blog.clamav.net/2018/12/clamav-01010-has-been-released.html > > > ClamAV 0.101.0 has been released! > > We are pleased to announce the release of ClamAV 0.101.0! Please take a look > at the below release notes

Re: [clamav-users] ClamAV mirrors have gotten worse!

; < Content-Range: bytes 0-99/52542292 >< Server: cloudflare >< CF-RAY: 47fd0b8064d9c1b8-IAD >< >{ [data not shown] >* Closing connection 0 >ClamAV-VDB:26 Nov 2018 09-14 > -0500:25155:2160841:63:9817036334370e1482f3fc58c6ed745a:MDvX2VW3tQr3ba

Re: [clamav-users] ClamAV mirrors have gotten worse!

The “be” error was my fault. Plain and simple. I misconfigured a dns entry. Sent from my  iPhone On Nov 23, 2018, at 04:28, Pierre Dehaen wrote: >> On 11/22/18 8:51 PM, Paul Kosinski wrote: >> I wonder how many users of ClamAV actually log their freshclam updates. >> Those who don't likely

Re: [clamav-users] ClamAV mirrors have gotten worse!

ISP (Comcast) may be proxying / caching the ClamAV files -- and doing it badly. If that's the case, I don't know what we can do about it. On Tue, 20 Nov 2018 13:09:54 + "Joel Esler (jesler)" mailto:jes...@cisco.com>> wrote: Any particular reason that you are using a

Re: [clamav-users] ClamAV mirrors have gotten worse!

ers who log (and > actually examine) their entire freshclam output? > > P.S. I have very recently updated our clamavs to 0.100.2. I wonder if > that will improve things in this regard. > > > > On Thu, 15 Nov 2018 19:40:43 + > "Joel Esler (jesler)" wrot

[clamav-users] ClamAV® blog: The ClamAV 0.101.0 release candidate is here!

https://blog.clamav.net/2018/11/the-clamav-01010-release-candidate-is.html The ClamAV 0.101.0 release candidate is here! The ClamAV 0.101.0 release candidate is here! We have also made significant improvements to our User Manual

Re: [clamav-users] ClamAV mirrors have gotten worse!

Judging by the 60+TB of traffic we are transferring a day, it's working for at least 3M+ users. > On Nov 15, 2018, at 1:34 PM, Dennis Peterson wrote: > > On 11/13/18 12:04 PM, Paul Kosinski wrote: >> "Why are you looking at October reports?" >> >> It was the first one. And it also shows that t

Re: [clamav-users] Issue with freshclam in an IBM Cloud Private environment

What is the public IP? Feel free to answer off list, so I can check the logs. > On Nov 15, 2018, at 11:50 AM, Mark Johnson wrote: > > We are using 0.100.2 release, I’m not sure where the .93 is coming from. The > IP is a private IP address in our ICP environment. > _

Re: [clamav-users] Issue with freshclam in an IBM Cloud Private environment

This says you are running 0.93? Is that correct? What is the IP you are coming from? On Nov 14, 2018, at 5:19 PM, Mark Johnson mailto:mark.johnson...@gmail.com>> wrote: Hey everyone, We are trying to run clamAV in an IBM Cloud Private (ICP) environment. The issue that we are running into is

Re: [clamav-users] Problem with BE db

g to db.be.clamav.net (db.be.clamav.net)|104.16.185.138|:80... > connected. > HTTP request sent, awaiting response... 200 OK > > Thank you very much, > Pierre > > On 12 Nov 2018 at 18:12, Joel Esler (jesler) wrote: > > Can you try now? > >> On Nov 12, 2018

Re: [clamav-users] Problem with BE db

pgrade > soon. > > Thanks, > Pierre > > On 12 Nov 2018 at 16:41, Joel Esler (jesler) wrote: > > Okay, so a couple things. > > Wget probably isn't going to work in the manner you expect. Which is why you > got the 530 > response. > > What v

Re: [clamav-users] Problem with BE db

Okay, so a couple things. Wget probably isn't going to work in the manner you expect. Which is why you got the 530 response. What version of freshclam are you using? > On Nov 11, 2018, at 11:18 AM, Pierre Dehaen wrote: > > Hi, > > It seems the db.be.clamav.net does not work any more since N

Re: [clamav-users] Updates from ClamAV blocked by Cloudflare

I need more details (feel free to email me directly). Version of ClamAV you are attempting to update. Your IP The RAYId from Cloudflare. We have plenty of blocks in Cloudflare of people that are abusing the system. Hopefully that's not you :) > On Nov 6, 2018, at 9:57 PM, twee...@secmail.pro w

Re: [clamav-users] Updates from ClamAV blocked by Cloudflare

On Nov 6, 2018, at 10:37 PM, Al Varnell mailto:alvarn...@mac.com>> wrote: Look under “Virus Definitions” here . Download daily.cvd and replace daily.cld file with it. Which gets it from Cloudflare :) ___ clamav-users

Re: [clamav-users] Question about sending sample process

On Nov 6, 2018, at 4:46 AM, Luca Moscato mailto:l...@funambol.com>> wrote: Question 1 - Is this process correct to send samples? Please update the version of clamsubmit you are using. You are several versions behind. ___ clamav-users mailing list

[clamav-users] ClamAV 0.101.0 beta has been posted!

Welcome to the ClamAV 0.101.0 beta! Important notes about this release: • Changes to the libclamav API: • Those who build applications around our shared library will need to change how they declare and pass scanning options to libclamav. Please take a look at the change to our example code

Re: [clamav-users] Latest report on update "delays"

If you are testing connectivity, please state what version of ClamAV you are using. If you are not using the most up to date, please try that. Sent from my iPhone > On Oct 24, 2018, at 04:00, Michael Da Cova wrote: > > Hi > >> On 24/10/2018 04:09, Dave Warren wrote: >>> On Tue, Oct 23, 20

Re: [clamav-users] Latest report on update "delays"

We are aware that fresh clam is part of the issue. We are going to introduce some new code to freshclam (and have in the past two releases, IIRC) to prevent stuff like this happening. More updates to freshclam will come in future versions as well. That being said, it's important to realize th

Re: [clamav-users] Latest report on update "delays"

t;>> >>> Thus, what Cloudflare *should* have (if you can't explicitly upload >>> a file), is a mechanism to tell it that a file is out of date. This >>> mechanism could operate very quickly. Then, what Cloudflare would >>> do is either to stall the HTTP

Re: [clamav-users] Latest report on update "delays"

27;t explicitly upload a >> file), is a mechanism to tell it that a file is out of date. This >> mechanism could operate very quickly. Then, what Cloudflare would do is >> either to stall the HTTP response -- I doubt it would have to stall for >> long -- or reply with the app

Re: [clamav-users] Latest report on update "delays"

ve to stall for > long -- or reply with the appropriate HTTP status code warning the > requester that something is amiss. (Codes 503, 504 or 409 might be > applicable.) > > > On Thu, 18 Oct 2018 22:34:03 + > "Joel Esler (jesler)" wrote: > >> Cloudfl

Re: [clamav-users] Latest report on update "delays"

Cloudflare will grab the file from our infrastructure once it's been requested. (Otherwise it wouldn't know it was there, we can't push into Cloudflare.). But we have discussed a few ideas internally that I think will fix this, let us try a couple things and see if it cuts down on this. On Oct

Re: [clamav-users] Latest report on update "delays"

The DNS announcement is made as the last step in the process. The lag that may be seen is the lag in between when the DNS update is posted, and before the file is pushed out to the Tier 1 CDN servers. It has to be requested at the CDN server before it is cached. On Oct 18, 2018, at 12:07 PM

Re: [clamav-users] /bin/mkdir: cannot create directory ‘/run/clamav’: File exists

After several complaints in this thread and three others that have written me off list, I've gone ahead and made the decision to removed Reindl from the ClamAV-users list. Present conduct on the list is reflective of past behavior that he has been warned about. -- Joel Esler Manager, Communiti

Re: [clamav-users] ClamAV Central Management tools

Not to my knowledge. On Oct 16, 2018, at 12:36 PM, Mike Pmike mailto:pmik...@yahoo.com>> wrote: Hello. We are looking for ClamAV Central Management tools . The main thing is to be able to see an overview of the AV status on the our Ubuntu hosts so if there are any issues for instance definiti

Re: [clamav-users] ClamAV 0.100.2 has been released!

e in the style of Mozilla's "significant change" to > Firefox, which has just about destroyed it (IMHO, anyway). > > > On Thu, 4 Oct 2018 07:00:00 + > "Joel Esler (jesler)" wrote: > >> :) >> >> We have some thoughts around 1.0. We

Re: [clamav-users] ClamAV 0.100.2 has been released!

:) We have some thoughts around 1.0. We want it to be a significant change, not just an incremental improvement. Sent from my iPhone On Oct 3, 2018, at 23:48, Dennis Peterson mailto:denni...@inetnw.com>> wrote: On 10/3/18 10:37 AM, Joel Esler (jesler) wrote: https://blog.clamav.net/2

[clamav-users] ClamAV 0.100.2 has been released!

https://blog.clamav.net/2018/10/clamav-01002-has-been-released.html ClamAV 0.100.2 has been released! ClamAV 0.100.2 is a patch release to address a set of vulnerabilities. * Fixes for the following ClamAV vulnerabilities: * CVE-2018-15378

Re: [clamav-users] updates

shclam' is run >>> by cron under userid clamav (same as clamd) every so often >>> (currently every 15 mins) to determine if there are any relevant > > -- > > On Wed, 12 Sep 2018 20:59:45 + > "Joel Esler (jesler)" wrote: > >>

Re: [clamav-users] updates

27;report-delays' logs the delays (or non- delays) found. > > We keep various recent versions of ClamAV in /opt/clamav.d, both for > testing, and in case we have to backtrack. Thus, /opt/clamav is a > symlink to the current version, as in: > > /opt/clamav -> /opt/clamav.

Re: [clamav-users] updates

Paul, Can you give me some more information on how you do this? How often is the check ran, etc. I am working with cloudflare on the issue now. On Sep 7, 2018, at 2:25 PM, Paul Kosinski mailto:clamav-us...@iment.com>> wrote: Here is our recent CVD delay report showing how long the actual dai

<    1   2   3   4   5   6   7   8   9   10   >