RE: [Clamav-users] Virus Name

2005-02-03 Thread Randal, Phil
Look at the thread on http://news.gmane.org/gmane.comp.security.virus.clamav.user entitled RAR Module Failure. ClamAV supports RAR 2 and not RAR 3 format archives. Cheers, Phil Phil Randal Network Engineer Herefordshire Council Hereford, UK -Original Message- From: [EMAIL

RE: [Clamav-users] Virus Name

2005-02-03 Thread Jason Frisvold
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Randal, Phil Subject: RE: [Clamav-users] Virus Name Look at the thread on http://news.gmane.org/gmane.comp.security.virus.clamav.user entitled RAR Module Failure. ClamAV supports RAR 2

Re: [Clamav-users] Virus Name

2005-02-03 Thread Brian Morrison
On Thu, 3 Feb 2005 09:01:42 -0500 in [EMAIL PROTECTED] Jason Frisvold [EMAIL PROTECTED] wrote: There is an article on zdnet regarding a new type of trojan that uses an ISP's mailserver to send spam. I'm not at all interested in getting into a discussion regarding this..

Re: [Clamav-users] Virus Name

2005-02-03 Thread Kelson
Brian Morrison wrote: Well two things come to mind. It isn't ClamAV's job to block spam, only viruses and immediately identifiable deceptions like phishing attacks. ...like a trojan spread by email that, after installing itself, serves as a spam proxy? Secondly, the only clue about the path

Re: [Clamav-users] Virus Name

2005-02-03 Thread Brian Morrison
On Thu, 03 Feb 2005 10:05:39 -0800 in [EMAIL PROTECTED] Kelson [EMAIL PROTECTED] wrote: Brian Morrison wrote: Well two things come to mind. It isn't ClamAV's job to block spam, only viruses and immediately identifiable deceptions like phishing attacks. ...like a trojan spread by email

RE: [Clamav-users] Virus Name

2005-02-03 Thread Jason Frisvold
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Morrison Subject: Re: [Clamav-users] Virus Name Seems like any other sort of trojan to me, I can't see why the signature would be different because the zombie is using the ISP's smarthost

Re: [Clamav-users] Virus Name

2005-02-03 Thread Brian Morrison
On Thu, 3 Feb 2005 13:44:50 -0500 in [EMAIL PROTECTED] Jason Frisvold [EMAIL PROTECTED] wrote: Seems like any other sort of trojan to me, I can't see why the signature would be different because the zombie is using the ISP's smarthost for outgoing mail. Of course ClamAV will be able

Re: [Clamav-users] Virus Name

2005-02-03 Thread Matt
Brian Morrison wrote: Seems like any other sort of trojan to me, I can't see why the signature would be different because the zombie is using the ISP's smarthost for outgoing mail. Of course ClamAV will be able to detect such a thing... Wow.. I guess I was *really*

Re: [Clamav-users] Virus Name

2005-02-03 Thread Brian Morrison
On Thu, 3 Feb 2005 19:25:39 + in [EMAIL PROTECTED] Matt [EMAIL PROTECTED] wrote: You could scan through the added signatures in the clamav-virusdb list and see what's there. I have not done so myself but there have been a fair few updates in the last few days. Not meaning to

RE: [Clamav-users] Virus Name

2005-02-03 Thread Julian Mehnle
Jason Frisvold [EMAIL PROTECTED] wrote: If this trojan were to be widespread, then RBL's could become virtually non-effective. Or, the RBL's could start putting legitimate hosts in the list. There is no such thing as a legitimate host. There are only hosts that send spam and viruses, and