Sorry, sorry, sorry.
I had some troubles with subscription AND posting by a newsreader.
I don't think that it is a problem related to specific virus/message,
peraphs it is a fetchmail related issue.
I download messages from external POP3 accounts of my users using fetchmail
and then I relay them
Schmidt, Patrick wrote:
What's up? ./configure is done without errors, but make stop at the
beginning
(SuSE 8.2, kernel 2.4.20,gcc 3.3 20030226)
...
How about the recent CVS snapshot? Last one compiles and installs OK on
my Fedora Core 2 test 2.
Usually some problems are already fixed in CVS
the viruses no problem.
BUT... if I send the zip file which contains the virus to myself as a
mail attachment, clam doesn't recognise the virus at all and just
lets it through.
I have updated to:
clamdscan / ClamAV version devel-20040406
but that doesn't seem to have fixed it.
Any ideas?
Regan
On Tuesday 06 April 2004 11:57 am, Regan Yelcich wrote:
I'm having problems with the SomeFool virus and zip files... here's
what's happening...
If I upload the zip file to the server and run clamscan or clamdscan
on the file it recognises the virus no problem.
If I extract the virus and
Antony Stone wrote:
On Tuesday 06 April 2004 9:57 am, Vernon A. Fort wrote:
I have several emails which clamav detects as 'Worm.SomeFool.Gen-2', but
Sophos nor McAcfee will detect the virus. Would this be some new
varient that clamav fould. From the description, this sig was added to
detect
On Mon, 5 Apr 2004 23:38:08 -0500
Erick Perez - Vision Media [EMAIL PROTECTED] wrote:
Question:
If Worm.SomeFool is Netsky, then why is not labeled as netsky?
Also, is there a way to make an alias in the virus database so my users can
see netsky instead of Worm.Somefool?
It's time to place
sorry - should have mentioned that!
clam is being called through MIMEDefang 2.36
just re-installed clam to version 0.68-1 to see if that changed
anything - but it didnt.
Regan
---
This SF.Net email is sponsored by: IBM Linux Tutorials
So this problem is know in 0.70-rc
and should have been fixed?
On Mon, 5 Apr 2004, Tomasz Kojm wrote:
On Mon, 5 Apr 2004 16:25:57 +0200 (MET DST)
Mipam [EMAIL PROTECTED] wrote:
Hi,
Im facing this problem:
kernel: pid 567 (clamd), uid 1006: exited on signal 6
Probably some
On Tue, 2004-04-06 at 02:45, Rmi Goyard wrote:
Thanks guys
Now Clamav seems to work.
I'm trying now use it witth Amavisd-new
The easiest thing to do is to run amavis-new and clamd under the same
user. Since you will upgrade clamav more often than amavis, it's
probably easiest to run the
Thanks. I hadn't looked back nearly that far.
Something really odd is going on then. Is it possible all of these
folks really are suddenly infected? Something to research...
Tomasz Papszun wrote:
On Mon, 05 Apr 2004 at 8:54:02 -0500, Keith Murphy wrote:
I'm suddenly seeing a buttload of
Antony Stone wrote:
[...]
I think the best we'll ever achieve is a cross-reference database.
Yes please.
What needs to be done to get this online? Who needs access to what?
Public reference submissions, or core maintainers?
I think we desperately need this functionality.
--
Jesse
Quoting Erick Perez - Vision Media [EMAIL PROTECTED]:
Question:
If Worm.SomeFool is Netsky, then why is not labeled as netsky?
Answer:
If netsky is Worm.SomeFool, then why is it not labeled as Worm.SomeFool?
Basically that's because the users keep complaning about the virus names
that cannot be
Jesse Guardiani wrote:
Antony Stone wrote:
[...]
I think the best we'll ever achieve is a cross-reference database.
Yes please.
What needs to be done to get this online? Who needs access to what?
Public reference submissions, or core maintainers?
I think we desperately need this
Quoting Graham Murray [EMAIL PROTECTED]:
So maybe, as with celestial objects, there should be agreement that
the first AV 'vendor' to publish a detection for a virus should be
given the honour of naming it and the other vendors adopt the same
name rather than inventing their own (and potentially
On Tuesday 06 April 2004 3:58 pm, Eric Rostetter wrote:
Quoting Erick Perez - Vision Media [EMAIL PROTECTED]:
Question:
If Worm.SomeFool is Netsky, then why is not labeled as netsky?
Answer:
If netsky is Worm.SomeFool, then why is it not labeled as Worm.SomeFool?
Do you call people
I'm periodically seeing the following syslogd messages:
Apr 6 09:23:37 earth rvard.edu n_children = 1 Received: PORT 50143
Connecting to local port 50143 clamfi_abort pthread_cond_broadcast
n_children = 0 clamfi_close clamfi_connect: connection from
pc-68-118-183-26.will.ct.charter.com
If netsky is Worm.SomeFool, then why is it not labeled as Worm.SomeFool?
Rhetoric aside, this is obviously an itch that needs scratched. Clam does a
wonderful job and (as was the case with SomeFool) does it faster than most.
Perhaps we might be able to scratch up support for an alias
On Tuesday 06 Apr 2004 4:28 pm, Orion Poplawski wrote:
I'm periodically seeing the following syslogd messages:
Any help on stopping these would be greatly appreciated.
Rerun configure without '--enable-debug'.
- Orion
--
Nigel Horne. Arranger, Composer, Typesetter.
NJH Music, Barnsley, UK.
clamav/d (0.68) installed. When rebooting in FC1 I get FAILED report on read of
/var/run/clamav/clamd.ctl though the file appears to exist. Is there some way I can
modify or fix that file short of re-installing clamav entirely?
Original installation does not seem to be entirely broken as I
I have 3 viruses found on my harddrive which not detected by clamav
other scanner like fprot or mcaffee detect the virus as
1.ex# Found the MultiDropper-IY trojan !!!
2.ex# Found the W32/Spybot.worm.gen.d virus !!!
3.ex# Found the IRC/Flood.dj trojan !!!
I have scan the files
It's a good idea to disable archive/mail support when using on-access
scanner.
Sorry I didn't answer before, I wasn't available...
I disabled archive/mail support and the problem persists.
In all the cases the problem occurs exactly when the log rotates.
I find the last line of the previous
Keith G. Murphy wrote:
Thanks. I hadn't looked back nearly that far.
Something really odd is going on then. Is it possible all of these
folks really are suddenly infected? Something to research...
It makes more sense now. I'm running Debian stable, and had installed
Luca Gibelli's 0.65-1
On Tue, 6 Apr 2004, Eric Rostetter wrote:
If netsky is Worm.SomeFool, then why is it not labeled as Worm.SomeFool?
While I agree with this in principle, I think for instances where a
question like this pops up at least once a week just on this list, it
might be worth it to just bite the bullet
While I can and do understand what Eric was saying, I have to agree with
Erick.
http://www.bitdefender.com/index.php - Bitdefender
http://www.grisoft.com/us/us_index.php - AVG
http://www.pandasoftware.com/home/ - Panda
http://www.symantec.com/ - Norton
http://us.mcafee.com/default.asp - Mcafee
On my FreeBSD 5.2.1-RELEASE-p4 system, I upgraded to the latest clamd
port, when it was released a few days ago.
Now, freshclam doesn't check in to look for updates anymore, and only
does so if I stopr and restart it - at that point it downloads the
update, successfully notifys clamd, then
On Tue, 06 Apr 2004 at 12:17:05 -0400, Hanford, Seth wrote:
If we had as part of the submission process an additional field noting
what name the detecting AV called it
There is such a field! And if it's too short, you can add more
names/details/URLs in the description field (that big area
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of jef moskot
Sent: 6. april 2004 19:08
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] Virus Names
On Tue, 6 Apr 2004, Eric Rostetter wrote:
If netsky is Worm.SomeFool, then why is it
Has anyone gotten Clamd to run with daemontools? I have a clamd running supervised,
but the log file will not supervise correctly. I have /service/clamd/log with:
[EMAIL PROTECTED] spamd]# cd /service/clamd/log/
[EMAIL PROTECTED] log]# ls -l
total 4
-rwxr-xr-x 1 root qmail 101 Apr 6
Hi,
I am compiling clamav 0.68 on HP-UX 11.00. I am getting following error
during make.
I am using GCC 3.0.1.
++
gcc -g -O2 -o clamscan clamscan.o options.o getopt.o others.o manager.o treewalk.o
Diego d'Ambra wrote:
And that is what we'll (try to) do in the future (if a common name has
been established).
But that would break statistics. I don't mind if the name is different
as long as it can be cross-referenced. Someone was working on a web site
with just that but I haven't heard of
On Tue, 6 Apr 2004, Eric Rostetter wrote:
But changing the name after the fact would just confuse people more.
I completely disagree. Hardcore Clam users are more likely to understand
the reality of the situation and realize that the ClamAV team has to call
the viruses SOMETHING. Usually,
Quoting jef moskot [EMAIL PROTECTED]:
On Tue, 6 Apr 2004, Eric Rostetter wrote:
But changing the name after the fact would just confuse people more.
I completely disagree. Hardcore Clam users are more likely to understand
the reality of the situation and realize that the ClamAV team has to call
On Tue, 6 Apr 2004, Eric Rostetter wrote:
Great for netsky since almost everyone uses it.
Exactly.
Should clamav have migrated along from SCO to NOVARG to MYDOOM just
because the others came along later and in that order?
It could easily be taken on a case-by-case basis. But, as even you
hi,
i'm trying to get clamav 0.70-rc installed and have gmp installed in a
directory under my home dir (eg. /home/norm/bin/gmp)
when i run
./configure --prefix=/home/norm/bin/clamav --disable-clamav --enable-milter
one of the messages i see is:
checking for mpz_init in -lgmp... no
WARNING:
On Tuesday 06 April 2004 9:44 pm, jef moskot wrote:
The focus of the product is to stop viruses, not to name them with a
popular name.
Yes, but this is not best accomplished by calling users stupid (even
when they are).
That may be true, however it's no excuse for allowing stupid users to
On Tue, Apr 06, 2004 at 01:51:29PM -0700, Norman Yee said:
hi,
i'm trying to get clamav 0.70-rc installed and have gmp installed in a
directory under my home dir (eg. /home/norm/bin/gmp)
when i run
./configure --prefix=/home/norm/bin/clamav --disable-clamav --enable-milter
one of
On Tue, 6 Apr 2004, Antony Stone wrote:
There are many examples of the commercial A-V vendors having different
names for the same virus...
That's true, but when that's the case for an extremely prevalent virus,
it's usually noted in the media.
Using the well-known naming convention is a much
At 23:38 05-04-2004 -0500, you wrote:
Question:
If Worm.SomeFool is Netsky, then why is not labeled as netsky?
Also, is there a way to make an alias in the virus database so my users can
see netsky instead of Worm.Somefool?
Basically that's because the users keep complaning about the virus names
B. van Ouwerkerk wrote:
At 23:38 05-04-2004 -0500, you wrote:
Question:
If Worm.SomeFool is Netsky, then why is not labeled as netsky?
It would be good if all AV software would use the same names. Still,
most commercial AV vendors are using their own naming conventions and
so does Clamav.
Thanks guys
Now Clamav seems to work.
I'm trying now use it witth Amavisd-new and when i start amavisd in debug
mode, i try to send a test email using telnet on 10024 i've got an error
that tell me can't access the file in the /var/lib/amavis/tmp directory,
ownership of this directory is set to
Fisher [EMAIL PROTECTED] writes:
Actually, it is usually happen the Clamav recognises the virii before
the other AV vendors so no well-known name was available. See the
archive for the more detailed answers, this question already answered
here.
So maybe, as with celestial objects, there
On Tuesday 06 April 2004 9:48 am, Graham Murray wrote:
Fisher [EMAIL PROTECTED] writes:
Actually, it is usually happen the Clamav recognises the virii before
the other AV vendors so no well-known name was available. See the
archive for the more detailed answers, this question already
What's up? ./configure is done without errors, but make stop at the
beginning
(SuSE 8.2, kernel 2.4.20,gcc 3.3 20030226)
...
make all-recursive
make[1]: Entering directory `/src/clamav-0.70-rc'
Making all in libclamav
make[2]: Entering directory `/src/clamav-0.70-rc/libclamav'
source='matcher.c'
Graham Murray wrote:
So maybe, as with celestial objects, there should be
agreement that the first AV 'vendor' to publish a detection
for a virus should be given the honour of naming it and the
other vendors adopt the same name rather than inventing their
own (and potentially causing
I have several emails which clamav detects as 'Worm.SomeFool.Gen-2', but
Sophos nor McAcfee will detect the virus. Would this be some new
varient that clamav fould. From the description, this sig was added to
detect possible future varients of the NetSky viruses.
Should I submit this? or
On Tuesday 06 April 2004 9:57 am, Vernon A. Fort wrote:
I have several emails which clamav detects as 'Worm.SomeFool.Gen-2', but
Sophos nor McAcfee will detect the virus. Would this be some new
varient that clamav fould. From the description, this sig was added to
detect possible future
46 matches
Mail list logo