Thanks Alain.
> On Dec 12, 2018, at 10:17 AM, Alain Zidouemba
> wrote:
>
> The Phistank URLs being dropped from daily.cvd have nothing to do with false
> positives. We are just rotating in and out the top phishing URLs based on
> number DNS lookups per hour.
>
> - Alain
>
> On Wed, Dec 12,
> So I would like to ask, does bytecode have access to its environment
> (like ActiveX unfortunately did) and, how well is bytecode sandboxed?
Well, first of all, only bytecode signatures published by Cisco/Talos
are considered "trusted" and will run by default. You would have to
manually specify
I am in.
-Original Message-
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of
clamav-users-requ...@lists.clamav.net
Sent: Monday, December 10, 2018 3:30 AM
To: clamav-users@lists.clamav.net
Subject: clamav-users Digest, Vol 169, Issue 8
Send clamav-users
The Phistank URLs being dropped from daily.cvd have nothing to do with
false positives. We are just rotating in and out the top phishing URLs
based on number DNS lookups per hour.
- Alain
On Wed, Dec 12, 2018 at 6:23 AM Joel Esler (jesler)
wrote:
> Not sure. Perhaps Alain can chime in. My
The daily.cvd is still less than half as big as main.cvd:
-rw-r--r-- 1 clamav clamav 117892267 Jun 7 2017 main.cvd
-rw-r--r-- 1 clamav clamav 53147013 Dec 11 14:03 daily.cvd
but indeed using the cdiffs could save bandwidth.
I never tried using cdiffs since the FAQ said "Let freshclam
I've always been leery of executable code that gets downloaded "behind
the scenes" and then executed for whatever purpose. In the "old days",
people were warned against downloading random software and then
executing it. How that's become at least half of what we do on a daily
basis -- in our
Hi,
I have installed ClamAV ClamAV 0.100.2/25200/Wed Dec 12 15:59:52 2018
on CentOS Linux release 7.6.1810 (Core). Does ClamAV protect against
viruses, rootkits, malware like watchbog and detection of unauthorized
activities? Please comment.
Thanks in Advance. I look forward to hearing from
Em 12/12/2018 15:06, Kaushal Shriyan escreveu:
Hi,
I have installed ClamAV ClamAV 0.100.2/25200/Wed Dec 12 15:59:52 2018
on CentOS Linux release 7.6.1810 (Core). Does ClamAV protect against
viruses, rootkits, malware like watchbog and detection of
unauthorized activities? Please comment.
I wonder if the file size changed when Joel regenerated the daily.cvd file (or
I had in unexplainable file size error). I still use all the technology but no
longer for big dot coms. The patched files are larger because they have a lot of
unneeded bits in them.
dp
On 12/12/18 7:43 AM, Paul
Greetings,
I've recently started using zINSTREAM with clamd in the new version 0.101.0
and every time I scan a file, a log is written to the std out like this:
LibClamAV Error: cli_get_filepath_from_filedesc: File path for fd [12] is:
/tmp/clamav-e9c124cf7c3129c87ebea09868d4838f.tmp
>From
On Wed, Dec 12, 2018 at 11:42 PM Leonardo Rodrigues <
leolis...@solutti.com.br> wrote:
> Em 12/12/2018 15:06, Kaushal Shriyan escreveu:
> > Hi,
> >
> > I have installed ClamAV ClamAV 0.100.2/25200/Wed Dec 12 15:59:52 2018
> > on CentOS Linux release 7.6.1810 (Core). Does ClamAV protect against
>
Thanks for the explanation, Alain. Makes a lot of sense to keep those
signatures dynamically current.
Sent from my iPad
-Al-
On Dec 12, 2018, at 07:17, Alain Zidouemba wrote:
> The Phistank URLs being dropped from daily.cvd have nothing to do with false
> positives. We are just rotating in
A larger issue in this case is that 0.100.0, as released is not suitable for
distribution use to to shared library header issues (mentioned on this list a
few days ago - I appreciate Cisco being forthcoming and warning people). I
don't know what EPEL/CentOS will do, but 0.100.0 won't be in
Issue is in CentOS repo (not sure if standard or EPEL additional repo)
that, still, do not ship the latest stable.
On this topic, AMZ Linux is still have 0.99 in standard repo
Luca
Il 13/12/2018 07:42, Al Varnell ha scritto:
Not sure what comment you are looking for. The warning is pretty
Hi,
I am running CentOS Linux release 7.6.1810 (Core) with ClamAV installed.
When i am running freshclam i am seeing a Warning message and the details
are described below:-
# freshclam
ClamAV update process started at Thu Dec 13 11:49:18 2018
WARNING: Your ClamAV installation is OUTDATED!
On Wed, December 12, 2018 8:59 am, Al Varnell wrote:
> You mentioned earlier that ClamAV has recently added signatures from
> PhishTank, but I've noticed over the last few days that most, if not all
> of them have been removed. Should I conclude that the PhishTank
> organization signatures are
You mentioned earlier that ClamAV has recently added signatures from PhishTank,
but I've noticed over the last few days that most, if not all of them have been
removed. Should I conclude that the PhishTank organization signatures are
resulting in a high False Positive count? Are they simply
Not sure. Perhaps Alain can chime in. My team also runs the Phishtank
project, so this is about making our different properties work together through
the official signature set in a supported way. If false positives are reported
on the phishtank sigs through ClamAV.net, they are
Hi Micah,
I checked the what you suggested.
I put that deceptive link as an hyperlink like href=link in html file and
scanned the file.
Still, ClamAV did not detect that file as 'Infected'. It gave OK to that
file.
Regards
Sunny
On Wed, Dec 12, 2018 at 5:53 PM Joel Esler (jesler)
wrote:
>
19 matches
Mail list logo