Look at the thread on
http://news.gmane.org/gmane.comp.security.virus.clamav.user entitled
RAR Module Failure. ClamAV supports RAR 2 and not RAR 3 format
archives.
Cheers,
Phil
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK
-Original Message-
From: [EMAIL
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Randal, Phil
Subject: RE: [Clamav-users] Virus Name
Look at the thread on
http://news.gmane.org/gmane.comp.security.virus.clamav.user entitled
RAR Module Failure. ClamAV supports RAR 2
On Thu, 3 Feb 2005 09:01:42 -0500 in
[EMAIL PROTECTED] Jason
Frisvold [EMAIL PROTECTED] wrote:
There is an article on zdnet regarding a new type of trojan that
uses an ISP's mailserver to send spam. I'm not at all
interested in getting into a discussion regarding this..
Brian Morrison wrote:
Well two things come to mind. It isn't ClamAV's job to block spam, only
viruses and immediately identifiable deceptions like phishing attacks.
...like a trojan spread by email that, after installing itself, serves
as a spam proxy?
Secondly, the only clue about the path
On Thu, 03 Feb 2005 10:05:39 -0800 in [EMAIL PROTECTED] Kelson
[EMAIL PROTECTED] wrote:
Brian Morrison wrote:
Well two things come to mind. It isn't ClamAV's job to block spam,
only viruses and immediately identifiable deceptions like phishing
attacks.
...like a trojan spread by email
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Brian Morrison
Subject: Re: [Clamav-users] Virus Name
Seems like any other sort of trojan to me, I can't see why
the signature
would be different because the zombie is using the ISP's smarthost
On Thu, 3 Feb 2005 13:44:50 -0500 in
[EMAIL PROTECTED] Jason
Frisvold [EMAIL PROTECTED] wrote:
Seems like any other sort of trojan to me, I can't see why
the signature
would be different because the zombie is using the ISP's smarthost
for outgoing mail. Of course ClamAV will be able
Brian Morrison wrote:
Seems like any other sort of trojan to me, I can't see why
the signature
would be different because the zombie is using the ISP's smarthost
for outgoing mail. Of course ClamAV will be able to detect such a
thing...
Wow.. I guess I was *really*
On Thu, 3 Feb 2005 19:25:39 + in
[EMAIL PROTECTED] Matt
[EMAIL PROTECTED] wrote:
You could scan through the added signatures in the clamav-virusdb
list and see what's there. I have not done so myself but there have
been a fair few updates in the last few days.
Not meaning to
Jason Frisvold [EMAIL PROTECTED] wrote:
If this trojan were to be widespread, then RBL's could become virtually
non-effective. Or, the RBL's could start putting legitimate hosts in
the list.
There is no such thing as a legitimate host. There are only hosts that
send spam and viruses, and
10 matches
Mail list logo