Apostolos Papayanakis:
There seems to be
a problem with the initial From line in the viral mbox-style mailbox
(removing it hides the virus from clamdscan).
I can confirm this. If I remove the From line from my sample files,
clamscan says they are OK. With the From line, they show as
infected
[EMAIL PROTECTED] said:
On Tue, 17 May 2005, Dennis Peterson wrote:
We've seen a huge number of increased failed ssh logins, however, I
can't
exactly corrolate it with anything specific. They appear to be
zombies
scanning for known default passwords.
The kickoff date here was May 4.
Hello,
I just noticed that clamav freshclam 0.85.1 seems to report wrong
informations about the virus database
$clamscan -V
ClamAV 0.85.1/507/Mon Sep 27 12:53:21 2004
#freshclam -V
ClamAV 0.85.1/507/Mon Sep 27 12:53:21 2004
but my database is up2date :
#freshclam
ClamAV update process
clamd 0.85 and 0.85.1 same result, system OpenBSD 3.5
on first server work fine on second clamdscan report OK
any sugestion ?
i'll be greatfull
Wojtek
--
Startuj z INTERIA.PL! http://link.interia.pl/f186c
On Wed, 2005-05-18 at 10:20 +0200, rybka52 wrote:
clamd 0.85 and 0.85.1 same result, system OpenBSD 3.5
on first server work fine on second clamdscan report OK
any sugestion ?
How many signatures is each reporting to have?
-trog
signature.asc
Description: This is a digitally signed message
OK - this seems to be a 'known issue'.
A patch is here if other are having this problem:
http://blog.gmane.org/gmane.comp.security.virus.clamav.devel
Does anyone know if/when this will be fixed in a
stable release?
Thanks, Chris
--- Chris Masters [EMAIL PROTECTED] wrote:
Hi All,
WinZip 9
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Jones
Sent: dinsdag 17 mei 2005 15:57
To: ClamAV users ML
Subject: Re: [Clamav-users] Clam AV allows e-mail from
www.webmail.us/testvirus through?
On my system, only #24 and #25 make it through
Hello,
I have a problem with an extension .FM6.
Really, this file is an encrypted zip and the clamd says
ASBHCI83.FM6: Input/Output error ERROR
How I can exclude this extension from the clamd?
Thank you.
David.
___
On Wed, 2005-05-18 at 12:44 +0200, David wrote:
Hello,
I have a problem with an extension .FM6.
Really, this file is an encrypted zip and the clamd says
ASBHCI83.FM6: Input/Output error ERROR
How I can exclude this extension from the clamd?
Upgrade to 0.85.1
-trog
On Wed, 18 May 2005 12:44:21 +0200
David [EMAIL PROTECTED] wrote:
Hello,
I have a problem with an extension .FM6.
Really, this file is an encrypted zip and the clamd says
ASBHCI83.FM6: Input/Output error ERROR
Upgrade to 0.85.1.
--
oo. Tomasz Kojm [EMAIL
But, if i need to exclude an extension. How i do it?
Thanx,
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] En nombre de Tomasz Kojm
Enviado el: dimecres, 18 / maig / 2005 12:47
Para: ClamAV users ML
Asunto: Re: [Clamav-users] Exclude extension from scanning
On Wed, 2005-05-18 at 13:28 +0200, David wrote:
But, if i need to exclude an extension. How i do it?
Use --exclude, easy when you read the manual.
-trog
signature.asc
Description: This is a digitally signed message part
___
On Wed, May 18, 2005 at 01:28:43PM +0200, David wrote:
But, if i need to exclude an extension. How i do it?
Thanx,
Pardon my butting in, but is this not more of a job for MailScanner or
such? Once MailScanner (or similar) has decided which mails it is not
going to reject, it
On Tue, 17 May 2005, Eric J. Wisti wrote:
How are others with Solaris handling the socket?
I put my socket in /var/clamav instead of /var/run
[Libby]:/var$ ls -ld clamav/
drwxrwsr-x2 clamav clamav512 May 17 11:06 clamav/
Both the clamd and clamav-milter sockets are there, along
clamd 0.85 and 0.85.1 same result, system OpenBSD 3.5
on first server work fine on second clamdscan report OK
any sugestion ?
How many signatures is each reporting to have?
work bad : 34417
work fine : 34517
Thanks for advice !
Wojtek
On Tuesday 17 May 2005 8:58 pm, Dennis Peterson wrote:
Anyone noticing any increase in failed login attempts via ssh? I have and
the timing associates well with the recent outbreak.
Last night we saw the first password ssh scans against our machine.
Looks like scanning for default accounts with
Yip, seen it increase since this German SPAM started to hit my server
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Jones
Sent: 18 May 2005 04:42 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] Sober.P sidebar topic
On Tuesday 17 May 2005 8:58
Thomas Wheeler said:
Yip, seen it increase since this German SPAM started to hit my server
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Jones
Sent: 18 May 2005 04:42 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] Sober.P sidebar topic
Gack! I came in this morning to find this in my clamd.log...
Tue May 17 15:35:10 2005 - Reading databases from /usr/local/share/clamav
Tue May 17 15:35:10 2005 - Database correctly reloaded (34417 viruses)
LibClamAV Warning: Not reloading database until idle - waiting for 2 children
LibClamAV
i have recently run into a clmilter problem causing sendmail to crash out
with an out of memory exception (cannot allocate memory). a quick look
around on google comes up with a few hits but no clear solutions
This has occurred after an upgrade to the most recent gentoo ebuild for
clamav,
On Wed, 18 May 2005 [EMAIL PROTECTED] wrote:
Tue May 17 15:35:10 2005 - Reading databases from /usr/local/share/clamav
Tue May 17 15:35:10 2005 - Database correctly reloaded (34417 viruses)
LibClamAV Warning: Not reloading database until idle - waiting for 2 children
LibClamAV Warning: Waiting for
Damian Menscher wrote:
On Wed, 18 May 2005 [EMAIL PROTECTED] wrote:
LibClamAV Warning: Not reloading database until idle - waiting for 2
children
Could you tell us how you're running clamav-milter? Specifically, I'd
like to know if you're using --external and your --max-children
setting.
Hello,
I upgraded my clamv
ClamAV 0.85.1/886/Wed May 18 12:32:36 2005
But the problem is not resolved
qmail/simscan/1116416733.717518.2973/AKQLCI35.zip: Input/Output error ERROR
qmail/simscan/1116416781.176909.3110/AKQLCI35.FM6: Input/Output error ERROR
Any ideas?
-Mensaje
Excuse, but i read the manual and the --exclude option is not present in the
clamd.
Thanx
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] En nombre de Trog
Enviado el: dimecres, 18 / maig / 2005 13:32
Para: ClamAV users ML
Asunto: RE: [Clamav-users] Exclude
On my system, only #24 and #25 make it through ... both of
which don't have a test virus in them :)
--
Matthew.van.Eerde wrote:
Damian Menscher wrote:
On Wed, 18 May 2005 [EMAIL PROTECTED] wrote:
LibClamAV Warning: Not reloading database until idle - waiting for 2
children
Could you tell us how you're running clamav-milter? Specifically,
I'd like to know if you're using --external
On Wednesday, May 18, 2005, at 04:25 pm, Dennis Peterson wrote:
We had one IP attempting to get in for quite a while (194.55.159.7) last
night. Probably not worth blocking in the packet filter. If a pattern
shows up I'll consider blocking IP ranges.
Look for sshmonitor recently posted to
On Wed, 18 May 2005 18:56:23 +0200
David [EMAIL PROTECTED] wrote:
Hello,
I upgraded my clamv
ClamAV 0.85.1/886/Wed May 18 12:32:36 2005
But the problem is not resolved
qmail/simscan/1116416733.717518.2973/AKQLCI35.zip: Input/Output error
ERROR
28 matches
Mail list logo
