Hi all,
I use the clamdmon utility for monitoring the health of my clamd daemon.
Since receiving the new main, daily, and bytecode this evening my
clamdmon is no longer working.
I found the source code for clamdmon which shows the issue. The code is
looking for a "Eicar-Test-Signature"
Hopefully this is just a bug as the eicar test file isn't really a "win" test;
it's just a text file. I imagine many people will have scripts and test
routines set up which expect the name "Eicar-Test-Signature" - I know I do!
Is there any way this can be changed back or does everyone have to
Hello,
i'm seeing the same issue on bunch of linux servers(centos5, ubuntu-10.04).
For example, it found PHP.Exploit.CVE_2011_4153-2 in freepbx tar.gz archive
http://mirror.freepbx.org/freepbx-2.8.0.tar.gz
but if i untar tar.gz and scan the content of archive it can not find anything.
Thank
The signature has been updated this morning to:
PHP.Exploit.CVE_2011_4153-2:0:*:3c3f{-512}646566696e6528{-20}7374725f72657065617428{-20}2461726776
Please update your signatures to Daily CVD 15471 or later.
Thanks,
- Alain
___
Help us build a
I'm getting the same alerts on multiple Linux servers. Mostly on tar.gz
files which have been created a long time ago and have not been changed
since (no tripwire alerts).
When I unpack the tarballs and scan the content I don't get any alter.
Al Varnell wrote:
Daily 15462 today contained the
Daily 15462 today contained the following:
Submission-ID: 53018933
Sender: Anonymous
Added: PHP.Exploit.CVE_2011_4153-2
A ClamXav user reported that a scan of his hard drive reported the following
file to be infected:
/usr/lib/php/install-pear-nozlib.phar
This file appears to be a shell
Link to 0.95.3 on http://www.clamav.net/download/sources/ actually
goes to 0.96rc1
Tom
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Hello Tom,
Link to 0.95.3 on http://www.clamav.net/download/sources/ actually goes
to 0.96rc1
indeed, I just updated it. Thanks for reporting the problem.
Best regards
--
Luca Gibelli (luca _at_ clamav.net) ClamAV, a GPL anti-virus toolkit
[Tel] +39 0187 1851862 [Fax] +39 0187
FYI
Just found this:
http://www.sanesecurity.com/
They have shutdown temporarily because of a DDoS problem.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Maybe it is of interest:
http://nepenthes.mwcollect.org/stats:scannertest
Didi
--
-
Didi Rieder
[EMAIL PROTECTED]
PGPKey ID: 3431D0B0
-
--
-
Didi Rieder
[EMAIL PROTECTED]
PGPKey ID: 3431D0B0
-
Hello Didi,
Friday, May 12, 2006, 3:44:19 PM, you wrote:
Maybe it is of interest:
http://nepenthes.mwcollect.org/stats:scannertest
Not really. You have to take the results with a grain of salt for several
reasons:
The test is 6 months old (even if heise.de still sells it as News)
Many
Hi,
On 5/12/06, Christoph Cordes [EMAIL PROTECTED] wrote:
Maybe it is of interest:
http://nepenthes.mwcollect.org/stats:scannertest
Not really. You have to take the results with a grain of salt for several
reasons:
The test is 6 months old (even if heise.de still sells it as News)
We
Hello Nepenthes,
Friday, May 12, 2006, 4:34:58 PM, you wrote:
We still *have* that good intention, and these stats were written as
some advertising for nepenthes, not as a 100% reliable source for
comparisions between different scanners.
You and I are aware of this - but as you can see @
I won't make a habit of posting these, but I wanted to brag on our
first month of running clamav live at the University of Texas Pan American.
These are all the viruses stopped at the edge of campus by a filter
in the SMTP stream in the month of September.
(A small number of the reported names
FYI, this is the time and number of new virus added to daily.cvd in
the last 11 days.
The numbers are pretty impressive. The details, including virus names,
is available on clamav-virusdb archive.
[EMAIL PROTECTED] fajar]$ for file in 461 462 463 464 465 466 467 468 469
470 471 472 473 474 475;do
on 8/18/04 2:36 PM, OpenMacNews at
[EMAIL PROTECTED] wrote:
hi,
for those interested, here are my unadorned, somewhat dusty, 'from scratch'
install notes for clamav.
for me, works great on OSX 10.3.5.
richard
(EDITOR)
hi,
for those interested, here are my unadorned, somewhat dusty, 'from scratch' install
notes for clamav.
for me, works great on OSX 10.3.5.
richard
gmp -- GNU Multiple Precision Arithmetic Library
#
FYI:
This problem has existed since somewhere between clamd-0.70-rc
and clamd-0.70 (stable). I'm working around it by running a
UNIX socket check via monit every 30 seconds or so. clamd hangs
between 5 and 8 times a day at this point. The number of hangs
seems to be proportional to load.
I seem
On Tue, 02 Mar 2004 12:58:57 +0700
Fajar A. Nugraha [EMAIL PROTECTED] wrote:
Sure enough, I found these files on source tarball:
./clamd/dazukoio.o
./clamd/dazukoio_compat12.o
Deleted these files, and clamav compiles OK.
Fixed, thanks.
--
oo. Tomasz Kojm [EMAIL
Hi,
building the latest snapshot on Solaris gives this error :
ld: fatal: file dazukoio_compat12.o: wrong ELF machine type: EM_386
ld: fatal: File processing errors. No output written to .libs/clamd
collect2: ld returned 1 exit status
make[2]: *** [clamd] Error 1
make[2]: Leaving directory
On Fri, 23 Jan 2004 16:12:10 -0800
Mark Edwards [EMAIL PROTECTED] wrote:
Well, despite my better judgement I decided to go ahead and install
clamav-devel-20040110 on my OSX 10.1.5 machine. Seems to work well,
as far as I can tell. Tests run fine.
The only issues I've had are freshclam's
Well, despite my better judgement I decided to go ahead and install
clamav-devel-20040110 on my OSX 10.1.5 machine. Seems to work well, as
far as I can tell. Tests run fine.
The only issues I've had are freshclam's -c flag seems broken:
[dina:/var/log/clamav] engineer% sudo freshclam -d -c 2
I got bizarre errors with my last two posts, so here goes again. Sorry
if this double-posts...
On Jan 23, 2004, at 10:28 AM, OpenMacNews wrote:
given the flurry of discussion re: clamav on OSX, i though i'd just
offer as an fyi, 0.65 builds/runs flawlessly for me
on OSX 10.2.x 10.3.x on a
given the flurry of discussion re: clamav on OSX, i though i'd just
offer as an fyi, 0.65 builds/runs flawlessly for me
on OSX 10.2.x 10.3.x on a variety of stock upgraded boxes.
I can confirm that it builds fine on 10.3.
As I understand it, Apple fully supported pthreads as of 10.2.
On Jan 23, 2004, at 10:28 AM, OpenMacNews wrote:
given the flurry of discussion re: clamav on OSX, i though i'd just
offer as an fyi, 0.65 builds/runs flawlessly for me
on OSX 10.2.x 10.3.x on a variety of stock upgraded boxes.
I can confirm that it builds find on 10.3.
i can't say i agree
hi,
given the flurry of discussion re: clamav on OSX, i though i'd just offer as an fyi,
0.65 builds/runs flawlessly for me
on OSX 10.2.x 10.3.x on a variety of stock upgraded boxes.
i can't say i agree with the suggestion that the developers spend their time
supporting OSX 10.1.x -- which is
4 days without a problem...Knock on wood!! No restarts no stale
sockets.
Things are looking good.
Amavisd-new running chroot as user amavisd in directory /var/amavisd
Installed clamav as follows
First: run configure with shown options
./configure --disable-clamav --enable-dependency-tracking
On Tue, 28 Oct 2003 13:38:08 -0600
Lynn Duerksen [EMAIL PROTECTED] wrote:
4 days without a problem...Knock on wood!! No restarts no stale
sockets.
Things are looking good.
Lynn,
thanks for the good news ! I may confirm that all major (and most minor)
problems with clamd have been finally
28 matches
Mail list logo