Re: [clamav-users] Unable to download daily.cvd after upgrade to RHEL 8

Looks like you’re trying to connect through a proxy.  Not directly.  — Sent from my iPhoneOn Mar 7, 2024, at 13:34, John Paul Guay via clamav-users wrote:Hello,We have performed an In-Place upgrade to RHEL 8 on our system that ClamAV resides on and afterwards we are no longer able to download

Re: [clamav-users] Cloudflare block me

You must use fresh clam to download updates. There are no country specific databases anymore.  They all just point at the same db. — Sent from my iPhoneOn Nov 17, 2023, at 02:00, Vedeau Jérôme via clamav-users wrote: Hello,   Can you help us to resolve this issue : We are blocked by

Re: [clamav-users] freshclam not working

Off the top of my head. I think database is right. — Sent from my iPhone > On Sep 13, 2023, at 02:12, Andrew C Aitchison via clamav-users > wrote: > > On Tue, 12 Sep 2023, Joel Esler via clamav-users wrote: > >> Curl won’t work at all. >> But it definit

Re: [clamav-users] freshclam not working

Curl won’t work at all.  But it definitely points to a dns problem. — Sent from my iPhoneOn Sep 11, 2023, at 13:07, Serge Slivitzky via clamav-users wrote:  Hi all,I'm using clamav on 2 systems built the same way: the first one is behind a firewall and freshclam is not working, the other one is

Re: [clamav-users] ClamAV Issue - 127.0.0.1:3310 Connection refused

Yup. Looks like your FreshClam can’t reach the internet. Or DNS is messed up. Or something. > On Aug 22, 2023, at 3:10 PM, Mona AlRekabi wrote: > > Kindly, find the attached file > ___ Manage your clamav-users mailing list subscription /

Re: [clamav-users] ClamAV Issue - 127.0.0.1:3310 Connection refused

Is perhaps your freshclam update attempting to connect to localhost or something?— Sent from my iPhoneOn Aug 22, 2023, at 03:54, Mona AlRekabi via clamav-users wrote:Dear,   Kindly, we installed ClamAV Antivirus on Windows Server and we face the following issue:   No connection could be made

Re: [clamav-users] Cloudflare ban?

403 is a specific ban. Maybe by country or an Ip specifically. — Sent from my iPhone > On Jul 11, 2023, at 02:50, Łukasz Baniecki via clamav-users > wrote: > > Today I did a clean cvd update, meaning I removed everything in > /var/lib/clamav, I flushed my fw rules, so it won't block

Re: [clamav-users] How do I get something added to the ignore list

What db do you think you want to add it to?— Sent from my iPhoneOn Jun 8, 2023, at 12:35, Tim McConnell via clamav-users wrote:Thanks for that AL, now how do I add to the DB? Two things I'm not is a programmer or DBA :-( -- Tim McConnell On Thu, 2023-06-08 at 05:01 -0700, Al Varnell

Re: [clamav-users] [EXTERNAL] Re: Off Line Signature updates.

You should use one of these tools to download the packages and keep them up to date.  — Sent from my iPhoneOn Jan 30, 2023, at 11:27, GARLICK, Andy W wrote: Thanks Joel,   It seems like it is no longer possible to download the signatures directly. If they can be, could you provide the

Re: [clamav-users] Off Line Signature updates.

Andy, You can download them on a standalone machine and move them over via thumb drive. > On Jan 30, 2023, at 10:30 AM, GARLICK, Andy W via clamav-users > wrote: > > Hi CLAMAV, > > We only operate an air gapped system but still require anti-malware. > > Do you provide any options (free

Re: [clamav-users] Errors after using clamdscan

> On Jan 12, 2023, at 11:19, Matus UHLAR - fantomas wrote: > > On 12.01.23 18:34, Antonio Galdieri via clamav-users wrote: >> We are trying to use the clamdscan command with a scripts that sends us the >> results of the scan via mail, problem is, whenever we try to use the script >> we get

Re: [clamav-users] Anyone else having trouble reaching the ClamAV website?

The system is probably set up that way on purpose to discourage automated bots from pounding on the site constantly, and ensure that the browser visiting the site is actually a human. — Sent from my  iPad > On Jan 6, 2023, at 14:55, Paul Kosinski via clamav-users > wrote: > > I

Re: [clamav-users] How many viruses/malware is clamav protecting us from?

Technically speaking, this is an impossible question to answer. Since there are millions of pieces of detection in ClamAV, but one piece of detection can cover millions of pieces of malware. > On Dec 15, 2022, at 9:09 AM, Michael Kyriacou via clamav-users > wrote: > > Hello, is there a way

Re: [clamav-users] Information about the signature database

The Talos team should be able to tell you, I’d you give them the name of the detection, they can look it up. — Sent from my iPhone > On Dec 9, 2022, at 07:10, Al Varnell via clamav-users > wrote: > > Yes I simply search the daily's. If you give me the signature name I can do > that for

Re: [clamav-users] ClamAV 1.0.0 release candidate now available

You wouldn’t download the cld from the server. Or am I reading this thread wrong. — Sent from my iPhone > On Oct 28, 2022, at 04:15, Ralf Hildebrandt via clamav-users > wrote: > > * Yasuhiro Kimura : > >> I experienced same problem while I'm working to update FreeBSD ClamAV >> port to

Re: [clamav-users] on my microsoft windows with both edited freshclam.conf and clamd.conf unfornately i can't update and i can't scan

Please read the first five lines of the FreshClam.conf file. You have to at least try do configure Dorian. The mailing lists are not place for us to do your work for you. > On Oct 17, 2022, at 10:24 AM, Dorian ROSSE wrote: > > Joel you answer aside the problems ... > > I understand the

Re: [clamav-users] on my microsoft windows with both edited freshclam.conf and clamd.conf unfornately i can't update and i can't scan

Dorian it looks like all your errors are below. Read the output. — Sent from my iPhone > On Oct 16, 2022, at 03:21, Dorian ROSSE via clamav-users > wrote: > >  > > ‘’’ > PS C:\Program Files\ClamAV> ./freshclam.exe > ERROR: Please edit the example config file C:\Program >

Re: [clamav-users] ClamAV Action is not working on WHM/cPanel

I am betting that Inmotion is running an old version of ClamAV that can’t update anymore. I’d bet money on that. > On Oct 13, 2022, at 1:43 PM, Javier Camacho via clamav-users > wrote: > > Hi there, I am not sure if this the correct channel to request help. We have > a dedicated

Re: [clamav-users] Are there test results for ClamAV and which malware is supported

Some tidbits from me. I do not speak for Cisco. > On Oct 6, 2022, at 5:21 PM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Thu, 6 Oct 2022, Julia - via clamav-users wrote: > >> I have a general question to ClamAV regarding how good ClamAV is. > > It's a good question. Most

Re: [clamav-users] remove me

> On Sep 9, 2022, at 12:40 PM, Matus UHLAR - fantomas wrote: > > On 09.09.22 12:29, Marc wrote: >> What about doing some sort of IQ test before users subscribe something like >> 2+2=? > > making unsubscribe easier would spare us from solving problems like these. > > unfortunately,

Re: [clamav-users] remove me

Check the bottom of every email sent to the list. — Sent from my  iPhone > On Sep 8, 2022, at 14:16, Michael Piziak via clamav-users > wrote: > > remove me > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net >

Re: [clamav-users] Best practices when using caching http proxy as cvd private mirror

What I don’t understand about threads like this: During my time at Cisco, Micah literally built multiple tools to correctly handle the CDN framework. CVDUPATE and Freshclam itself, and people are going out of their way to try and fake CVDUPDATE to create a local mirror. Which is literally

Re: [clamav-users] False Positive?

Exactly the only answer that is correct to this email. :) > On Aug 11, 2022, at 2:15 PM, Al Varnell via clamav-users > wrote: > > Did you submit to ? > > -Al- > -- > ClamXAV user > > On Aug 11, 2022, at 11:01 AM, David Laxer

Re: [clamav-users] Inquire about clamav latest stable version -

> On Aug 1, 2022, at 15:36, Paul Kosinski wrote: > > On Thu, 28 Jul 2022 17:38:20 -0400 > Joel Esler wrote: > >> ClamAV is a Cisco project. There’s no arguing that. >> All of the original team are observed here: https://www.clamav.net/about >> So, not sure what you’re getting at. > >

Re: [clamav-users] Inquire about clamav latest stable version -

ClamAV is a Cisco project. There’s no arguing that. All of the original team are observed here: https://www.clamav.net/about So, not sure what you’re getting at. — Sent from my  iPhone > On Jul 28, 2022, at 16:56, Paul Kosinski via clamav-users > wrote: > >  >> >> At the moment

Re: [clamav-users] Permanently banned from clamav

Freshclam and cvdupdate can be ran as often as you want. They check DNS to see if an update is needed before it attempts to download from the CDN, so knock yourself out. That being said, ClamAV only publishes updates once a day. So hourly is PLENTY of time to run the check. — Sent from

Re: [clamav-users] Permanently banned from clamav

This is correct. — Sent from my  iPhone > On Jul 2, 2022, at 11:50, Maarten Broekman via clamav-users > wrote: > > Downloading the entire databases unnecessarily (using web browsers, etc) is > banned because it results in higher volumes of data transfer which, in turn, > costs more

Re: [clamav-users] Off topic question...

Talosintelligence.com/support — Sent from my  iPhone > On Jun 29, 2022, at 10:59, Eric Tykwinski via clamav-users > wrote: > >  > Any one have an abuse contact for Cisco IronPorts hosted service? > > Customer of ours received a phishing email from a Cisco client but wasn’t > sent by

Re: [clamav-users] Version .105

https://www.clamav.net/downloads Seems to have what you need. > On Jun 29, 2022, at 10:02 AM, West, Hunter D [US] (ES) via clamav-users > wrote: > > Hello, > > I am unsure if I've come to the right place, but I need to install ClamAV > version .105. I work in a SAP environment with no

Re: [clamav-users] Scan reports

Is it not updating? Or not scanning? — Sent from my  iPhone > On May 31, 2022, at 07:09, John Paul Guay via clamav-users > wrote: > > Hello, > > I’m new to ClamAV and I need help to fix our master server so it will scan > each agent daily. I work in a federal department in government

Re: [clamav-users] How to stop receive messages.

https://lists.clamav.net/mailman/listinfo/clamav-users > On May 4, 2022, at 7:43 PM, Eric Jin via clamav-users > wrote: > > Dear Sir, > I don't want to receive any posted messages. Please tell me how to stop it. > Thanks. > > Best

Re: [clamav-users] clamav/safebrowsing updates?

> On Apr 26, 2022, at 4:08 PM, Alex via clamav-users > wrote: > > Hi, > >>> Is the clamav-safebrowsing repository still maintained? >> >> https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html > > Yes, that's exactly what I'm referring to - your link directs the user > to

Re: [clamav-users] DoD/IL4/Federal use case

Thanks. > On Apr 19, 2022, at 4:31 PM, Ivan Zanoth via clamav-users > wrote: > > Do what you need. > > Em ter., 19 de abr. de 2022 às 17:29, Joel Esler via clamav-users > mailto:clamav-users@lists.clamav.net>> > escreveu: > I’m pretty sure there should b

Re: [clamav-users] DoD/IL4/Federal use case

I’m pretty sure there should be an internal resource to the DoD to answer this question. > On Apr 19, 2022, at 2:27 PM, Enver Bahar via clamav-users > wrote: > > Hi, > > I tried before but didn't get a response, any directions would be great: > > I read on some forums that ClamAV is

Re: [clamav-users] DoD/IL4/Federal use case

https://lists.clamav.net/mailman/listinfo/clamav-users Look for unsubscribe at the bottom. — Sent from my  iPhone > On Apr 13, 2022, at 12:58, Eliya Voldman via clamav-users > wrote: > > Folks, > I unsubscribed my email from this list but still continue to receive email. > Is it my

Re: [clamav-users] Inquiry about ClamAV's usage within sandbox

If the purpose of doing all of this is to detect if malware is present, I would do it outside of the sandbox. The point of a sandbox is to let malware execute and NOT stop it. > On Mar 30, 2022, at 11:48 AM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Wed, 30 Mar 2022,

Re: [clamav-users] ClamAV 1020 when pulling 104.2.tar.gz

Should clear automatically after awhile. — Sent from my  iPhone > On Mar 16, 2022, at 13:09, Schneider, Arthur (A.V.) via clamav-users > wrote: > > Hello, > >Looks like we’re getting a 1020 when our automation is pulling the > 104.2.tar.gz. We’re currently in the process of

Re: [clamav-users] ClamAV 0.105 release candidate

On Wed, 16 Mar 2022, Bowie Bailey via clamav-users wrote: >>> On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: >>>> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: >>>>> On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote:

Re: [clamav-users] ClamAV 0.105 release candidate

> On Mar 16, 2022, at 11:25 AM, Bowie Bailey via clamav-users > wrote: > > On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: >> >>> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: >>> >>> On 16/03/2022 20:19, Christoph Moench-Teged

Re: [clamav-users] wget blocks - was Re: ClamAV 0.105 release candidate

> On Mar 16, 2022, at 10:55 AM, Andrew C Aitchison > wrote: > > On Wed, 16 Mar 2022, Joel Esler via clamav-users wrote: >>> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt >> <mailto:grschm...@acm.org>> wrote: >>> >>> On 16/03/2022

Re: [clamav-users] ClamAV 0.105 release candidate

> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: > > On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: >> ## Joel Esler via clamav-users (clamav-users@lists.clamav.net): >>> Can’t use wget. >> Looks like "can't use anything wh

Re: [clamav-users] ClamAV 0.105 release candidate

Can’t use wget. — Sent from my  iPhone > On Mar 14, 2022, at 20:28, Yasuhiro Kimura wrote: > > From: "Micah Snyder \(micasnyd\) via clamav-users" > > Subject: [clamav-users] ClamAV 0.105 release candidate > Date: Mon, 14 Mar 2022 20:14:18 + > >> Read this announcement online at >>

Re: [clamav-users] Virus database not updated since 14th July 2021

https://blog.clamav.net/2021/07/psa-freshclam-database-download-issue.html — Sent from my  iPhone > On Mar 9, 2022, at 16:25, clamav.mbou...@spamgourmet.com wrote: > > ReceiveTimeout=30 is probably the one causing you problems. I was bitten by > that when installing ClamAV on an

Re: [clamav-users] Minor bug or working as intended?

Pretty sure you can write what you’re trying to look for with an ldb signature anyway. — Sent from my  iPhone > On Feb 24, 2022, at 18:53, G.W. Haywood via clamav-users > wrote: > > Hi there, > >> On Thu, 24 Feb 2022, Kris Deugau wrote: >> >> After chasing docs back and forth and

Re: [clamav-users] Scan log parsing

I think the word “FOUND” is used. — Sent from my  iPhone > On Feb 20, 2022, at 20:16, Eliya Voldman via clamav-users > wrote: > >  > > Hello, > I'm completely new to ClamAV > I am setting up ClamAV on one laptop located behind VLAN and I don't have the > option to monitor result. >

Re: [clamav-users] Error 403 downloading virus updates

You’ll definitely need to upgrade. I imagine the minimum fLevel for the cvd files will have been moved as well, and if so, won’t work on older installations at all. > On Feb 10, 2022, at 10:55 AM, David Copeland via clamav-users > wrote: > > Hi Paul, > > According to

Re: [clamav-users] Unable to mirror ClamAV database

Cvdupdate is where it’s at for what you’re trying to do. Clammirror was one of our problems, and why we had to put a stop to it. — Sent from my  iPhone > On Feb 9, 2022, at 05:08, Roy Cohen via clamav-users > wrote: > > Sorry, I (wringly) assumed clammirror was a clamav provided tool

Re: [clamav-users] help with my system please hybrid os does not update signatures

Side comment about the below though: — Sent from my  iPhone > On Jan 21, 2022, at 18:16, G.W. Haywood via clamav-users > wrote: > > Since you're running Linux, and most of the published signatures are > intended to detect threats to Windows and other Microsoft products Only because of the

Re: [clamav-users] Where can I download daily.cvd, bytecode.cvd and main.cvd from?

> On Jan 17, 2022, at 2:03 PM, Matus UHLAR - fantomas wrote: > > On 17.01.22 16:30, Nick Howitt via clamav-users wrote: >> I give up. This is like pushing water up hill. There is no sensible way of >> building the packages in one pass which allows me to package the sigs >> automatically. It

Re: [clamav-users] Where can I download daily.cvd, bytecode.cvd and main.cvd from?

> On Jan 17, 2022, at 10:17, Maarten Broekman via clamav-users > wrote: > > And, after 7 days, you'll see warning messages about outdated definitions > when clam starts up. And Freshclam and cvdupdate will still download the right files. ___

Re: [clamav-users] Where can I download daily.cvd, bytecode.cvd and main.cvd from?

No. It would not. Wget and curl create disasters for the ClamAV team on the server side, which is why it was stopped. There are still people abusing that system, and when I was at cisco I would block people for doing it. If people would use the tools they are supposed to, that are designed to

Re: [clamav-users] Where can I download daily.cvd, bytecode.cvd and main.cvd from?

This is what cvdupdate was designed for. Please use that. — Sent from my  iPhone > On Jan 17, 2022, at 09:12, Nick Howitt via clamav-users > wrote: > > Please tell that to EPEL as well. We want to be able to distribute a package > which, in emergency, can be transferred to a standalone

Re: [clamav-users] main.cvd update schedule

Correct. It’s about once a quarter. However, if you are using FreshClam or cvdupdate, (as you should be), those tools will download the correct files when the correct files need to be downloaded. > On Dec 21, 2021, at 3:21 PM, Kris Deugau wrote: > > Vu, Hong-Duc V. via clamav-users wrote:

[clamav-users] ClamAV Community, it's been an honor!

ClamAV Community, It has a been a great honor to be your community manager for the past 11 years or so, through several website transitions, engine upgrades and tens of thousands of people joining our community, I’ve decided to move on to a new position outside of Cisco. Together we’ve grown

Re: [clamav-users] using older clients to download from internal clam proxy

Good luck! > On Dec 2, 2021, at 13:31, novpenguincne via clamav-users > wrote: > > OK. It might be difficult to get the new client to run on the old o/s but > I'll see what I can do. > > Thanks for the input! > > James > > Sent with ProtonMail Secure Email. > > ‐‐‐ Original Message