Re: [clamav-users] safebrowsing.cvd causing clamd to stop functioning

2018-05-01 Thread Rafael Ferreira
gt; wrote: > > > > Am 01.05.2018 um 04:40 schrieb Rafael Ferreira: >> It seems that the latest safebrowsing.cvd update is causing clamd daemons >> with version 0.99 to get into a broken state (100% cpu and rampant memory >> growth) > > no - but hey, who knows what

[clamav-users] safebrowsing.cvd causing clamd to stop functioning

2018-04-30 Thread Rafael Ferreira
It seems that the latest safebrowsing.cvd update is causing clamd daemons with version 0.99 to get into a broken state (100% cpu and rampant memory growth). - Rafael ___ clamav-users mailing list clamav-users@lists.clamav.net

Re: [clamav-users] How the bad signature happened - conjecture (was Re: URGENT: Clamd is wedged on multiple installations)

2018-01-26 Thread Rafael Ferreira
Nope, latest is still File: daily.cvd Build time: 26 Jan 2018 04:24 -0500 Version: 24257 Signatures: 1835982 Functionality level: 63 Builder: neo MD5: 3b3092994fdf9aa39aae480c38fb31ab Digital signature:

[clamav-users] Fwd: [clamav-virusdb] Signatures Published daily - 23583

2017-07-21 Thread Rafael Ferreira
looks like the signatures are stuck again, the appear to be empty since yesterday. > Begin forwarded message: > > From: nore...@sourcefire.com > Subject: [clamav-virusdb] Signatures Published daily - 23583 > Date: July 21, 2017 at 1:17:47 AM PDT > To: clamav-viru...@lists.clamav.net > > >

[clamav-users] 18+ hours since last signature

2017-05-15 Thread Rafael Ferreira
Hey folks, just a heads up that it looks like signatures are “stuck” again, the last daily (23389) came out at 2AM PST: http://lists.clamav.net/pipermail/clamav-virusdb/2017-May/004726.html Anyone knows what is going on?

Re: [clamav-users] Different results: Clamscan vs ClamWin

2017-05-02 Thread Rafael Ferreira
Can you tell us which virus you encountered? Also can you validate that the file has the same checksum in both windows and Linux? > On May 2, 2017, at 2:22 PM, Peter B. wrote: > > Dear Clamav users, > > I was scanning a ZIP file with both: clamscan (on Xubuntu), and

Re: [clamav-users] Sporadic signature frequency

2017-04-17 Thread Rafael Ferreira
e a new main.cvd and push it out (easiest fix) > 2. Optimize how we do deletes > > But the beginning of this email is the reason. > > -- > Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> > > > > > > > On Apr 15, 2017,

Re: [clamav-users] Sporadic signature frequency

2017-04-15 Thread Rafael Ferreira
pr 13, 2017 at 07:09 PM, Alain Zidouemba wrote: >> >> They come out every 6h. >> >> -Alain >> >>> On Apr 13, 2017, at 9:57 PM, Rafael Ferreira <r...@uvasoftware.com> wrote: >>> >>> Hey folks, I've noticed that new sig databases are comin

Re: [clamav-users] Sporadic signature frequency

2017-04-13 Thread Rafael Ferreira
Thanks! I believe it used to be 4 hours in the past. > On Apr 13, 2017, at 7:09 PM, Alain Zidouemba <azidoue...@sourcefire.com> > wrote: > > They come out every 6h. > > -Alain > >> On Apr 13, 2017, at 9:57 PM, Rafael Ferreira <r...@uvasoftware.com>

[clamav-users] Sporadic signature frequency

2017-04-13 Thread Rafael Ferreira
Hey folks, I've noticed that new sig databases are coming out at a fairly inconsistent frequency lately, is this accidental or for a particular reason? Rafael ___ clamav-users mailing list clamav-users@lists.clamav.net

Re: [clamav-users] Reporting malware/false negatives

2017-03-21 Thread Rafael Ferreira
That is a fundamentally different type of "free". I think that, all in all, the clamav folks do an amazing job with signature distribution, specially for submitted samples. > On Mar 21, 2017, at 6:41 PM, Al Varnell wrote: > > Actually, the still give their macOS/OS X

[clamav-users] Fwd: [clamav-virusdb] Signatures Published daily - 22968

2017-01-29 Thread Rafael Ferreira
Hey folks, it seems like database creation is stuck again, versions 22965 through 22968 all have 0 new and dropped sigs. - Rafael > Begin forwarded message: > > From: nore...@sourcefire.com > Subject: [clamav-virusdb] Signatures Published daily - 22968 > Date: January 29, 2017 at 5:29:30 PM

Re: [clamav-users] CRDF databases and clamav

2016-11-20 Thread Rafael Ferreira
That’s excellent news, thanks everyone. > On Nov 20, 2016, at 2:58 PM, Steve basford > wrote: > > Passed directly to CRDF at the same time something is reported to the ClamAV > team. > > For infoIf someone reports an FP with a Sanesecurity or Sanesecurity

[clamav-users] CRDF databases and clamav

2016-11-20 Thread Rafael Ferreira
Howdy folks, am I correct to say that based on this announcement (http://blog.clamav.net/2016/07/crdf-joins-clamav-signature-partner.html ) that CRDF databases are now being rolled into the main/daily.cvd ones? Thanks!

Re: [clamav-users] freshclam error

2016-09-29 Thread Rafael Ferreira
That appears to be a memory issue with your host, the malloc (memory allocator) is failing. > On Sep 29, 2016, at 8:01 AM, Tsutomu Oyamada wrote: > > Hi, > > Following error is showed when the CVD is updated on freshclam; > > Sep 27 04:00:05 W1K freshclam[26882]:

Re: [clamav-users] ClamAV updates

2016-09-19 Thread Rafael Ferreira
It’s not a mirror issue, there seems to be something up with the signature dbs and it seems to have started after a fairly large jump in the versions: 22199 is the latest version available from http://db.us.clamav.net/daily.cvd - so either it was moved or

Re: [clamav-users] clamav-virusdb Update Problems?

2016-09-17 Thread Rafael Ferreira
Following up that 22216-22217 are showing the same issue as well. > On Sep 16, 2016, at 8:06 PM, Rafael Ferreira <r...@uvasoftware.com> wrote: > > Yup we noticed the same problem here. Updates have become quite inconsistent. > >> On Sep 16, 2016, at 7:35 PM, Al Va

Re: [clamav-users] clamav-virusdb Update Problems?

2016-09-16 Thread Rafael Ferreira
Yup we noticed the same problem here. Updates have become quite inconsistent. > On Sep 16, 2016, at 7:35 PM, Al Varnell wrote: > > Just to try to get ahead of any problems now that the weekend has started, I > noticed that daily 22210 through 22213 were quite small & most

Re: [clamav-users] ClamAV updates

2016-09-10 Thread Rafael Ferreira
Software is hard, but the issue was identified and fairly promptly resolved. Thanks to all the clamav folks that sorted this out on a Friday night. - Rafael > On Sep 10, 2016, at 3:17 AM, Steve basford > wrote: > > > > > On 10 September 2016 10:05:47 Alan

Re: [clamav-users] ClamAV updates

2016-09-09 Thread Rafael Ferreira
e (version: 283, sigs: 53, f-level: 63, builder: neo) > > -- Friday 09 September 2016 at 21:06:01 > -- > > > > > > On Fri, 9 Sep 2016 17:58:52 -0700 > Rafael Ferreira <r...@uvasoftware.com> wro

Re: [clamav-users] ClamAV updates

2016-09-09 Thread Rafael Ferreira
It’s not a mirror issue, there seems to be something up with the signature dbs and it seems to have started after a fairly large jump in the versions between v22199 and v44399 (http://lists.clamav.net/pipermail/clamav-virusdb/2016-September/thread.html

Re: [clamav-users] Issue with ClamAV on Red Hat Enterprise Linux

2016-05-29 Thread Rafael Ferreira
That error usually means that main.cvd is corrupted but since freshclam doesn’t even run I would start there, it might be just a matter of sorting out your /etc/freshclam.conf file > On May 29, 2016, at 6:55 PM, Nathan Parker > wrote: > > Hi there! > > > Sorry

Re: [clamav-users] Issue with ClamAV on Red Hat Enterprise Linux

2016-05-22 Thread Rafael Ferreira
Can you post the error here? That image is impossible to read. > On May 21, 2016, at 8:35 PM, Nathan Parker > wrote: > > I recently installed Red Hat Enterprise Linux (7.2 I believe) on a VM on my > Mac. I have been trying to install ClamAV on it and get clamscan

Re: [clamav-users] [Community-sigs] ClamAV® blog: ClamAV Signature Interface maintenance is now complete! New Main.cvd!

2016-03-19 Thread Rafael Ferreira
to avoid any surprises. Cheers, - Rafael Rafael Ferreira Uva Software, LLC | scanii.com <http://scanii.com/> ☎ 623.252.0441 > On Mar 16, 2016, at 8:24 PM, Joel Esler (jesler) <jes...@cisco.com> wrote: > > > http://blog.clamav.net/2016/03/clamav-signature-interf

Re: [clamav-users] Problems with daily db?

2015-10-18 Thread Rafael Ferreira
> Downloading daily-20948.cdiff [100%] > ERROR: cdiff_cmd_close: Can't apply DEL at line 1493879 of daily.mdb > ERROR: cdiff_apply: Can't execute command CLOSE > ERROR: cdiff_apply: Error executing command at line 19 > ERROR: getpatch: Can't apply patch > Downloading daily.cvd [100%]

[clamav-users] Problems with daily db?

2015-10-15 Thread Rafael Ferreira
Howdy folks, we started noticing problems with daily.cvd: Retrieving http://scanii-assets.s3.amazonaws.com/daily.cvd Trying to download http://scanii-assets.s3.amazonaws.com/daily.cvd (IP: 54.231.34.41) Downloading daily.cvd [100%] Loading signatures from daily.cvd WARNING: [LibClamAV]

Re: [clamav-users] Problems with daily db?

2015-10-15 Thread Rafael Ferreira
that is working for me with ClamAV 0.98.7. It even worked using > http://scanii-assets.s3.amazonaws.com/daily.cvd. What OS and hardware are > you using? > > On Thu, Oct 15, 2015 at 1:30 PM, Rafael Ferreira <r...@uvasoftware.com> > wrote: > >> 0.98.7 >> &g

Re: [clamav-users] Problems with daily db?

2015-10-15 Thread Rafael Ferreira
0.98.7 > On Oct 15, 2015, at 8:46 AM, Steven Morgan <smor...@sourcefire.com> wrote: > > Rafael, > > I don't see this. Which version of ClamAV are you using? > > Steve > > > On Thu, Oct 15, 2015 at 11:24 AM, Rafael Ferreira <r...@uvasoftware.com&

Re: [clamav-users] Streaming support in ClamD

2015-07-07 Thread Rafael Ferreira
Well, the progress you see is likely to be transfer, not processing, time since that’s where most time is going to be spent for a sizable file anyways (under normal circumstances) so I doubt clamd is your main latency source here. Can you elaborate on your setup a bit? Is the ICAP proxy