Ok Ged,
many thanks again for your reply.
As far as I can see, CLAMAV works well. Only this Maldet error seems to
me strange as it appeared recently.
Until now, I did not even see that link between clamav and maldet.
I'm going to look at Maldet installation and YARA integration more
precisely
Hello again,
On Mon, 11 Nov 2019, Philippe Lefèvre wrote:
thanks for your post Ged.
You're very welcome. :)
... it seems that neither Clamav nor Maldet installed on my Debian box
have the right rfxn.* files
I'm not familiar with these programs but I would like to understand if
clamav is
Hi all,
thanks for your post Ged.
I have a maldet 6.1.4 installed under /usr/local:
#maldet -version
===
Linux Malware Detect v1.6.4
(C) 2002-2019, R-fx Networks
(C) 2019, Ryan MacDonald
This program may be freely redistributed under the terms of the
Hi there,
On Mon, 11 Nov 2019, Philippe Lefèvre wrote:
# grep -n is__elf /var/lib/clamav/rfxn.yara
9112: is__elf and all of ($s*)
Maybe this will help:
https://www.rfxn.com/downloads/maldetect-current.tar.gz
8<--
I'm not entirely familiar with yara, but based on
https://yara.readthedocs.io/en/latest/modules/elf.html , there is no
such function as "is__elf".
Based on a whole search in the yara doc, there's only is_dll, is_32bit
and is_64bit.
Further googling shows this:
Hello,
thanks for your reply :-)
here is:
=
# grep -n is__elf /var/lib/clamav/rfxn.yara
9112: is__elf and all of ($s*)
=
Le 11/11/2019 à 01:02, G.W. Haywood via clamav-users a écrit :
grep -n is__elf
Hi there,
On Sun, 10 Nov 2019, Philippe Lefèvre wrote:
Since some time (less than a month I think) I now get this message when I
launch a directory scan.
LibClamAV Error: yyerror(): /var/lib/clamav/rfxn.yara line 8955 undefined
identifier
Hello,
Since some time (less than a month I think) I now get this message when
I launch a directory scan.
LibClamAV Error: yyerror(): /var/lib/clamav/rfxn.yara line 8955
undefined identifier "is__elf"
LibClamAV Warning: cli_loadyara: failed to