On Wed, 22 Sep 2004 22:33:04 -0400 in
[EMAIL PROTECTED] Stephen Gran <[EMAIL PROTECTED]>
wrote:
> > Add this to your freshclam.conf and it should just work I think.
> >
> > # Use DNS to verify virus database version.
> > DNSDatabaseInfo current.cvd.clamav.net
> >
> > It's working for me an
Remi wrote:
> > No, it won't. Security by obscurity is a nonsense.
> It's true only for cryptography I think.
>
Anyone with a disassembler can find your secret sauce as soon as they
download your product. A lot of effort yes... but if what you think you have
found has any value it will be done. C
Remi Thomas said:
> Tomasz Kojm wrote:
>
>> No, it won't. Security by obscurity is a nonsense.
> It's true only for cryptography I think.
>
>> It would be really nice if you could share your code with us to make
>> ClamAV a better software.
>
> Ok, you can download the clam database handling and fi
Tomasz Kojm wrote:
> No, it won't. Security by obscurity is a nonsense.
It's true only for cryptography I think.
> It would be really nice if you could share your code with us to make
> ClamAV a better software.
Ok, you can download the clam database handling and file scanner at
http://uscanit.f
On Wed, Sep 22, 2004 at 10:43:09PM +0100, Brian Morrison said:
> On Wed, 22 Sep 2004 11:07:37 -0700 in
> [EMAIL PROTECTED] "Tim
> Howell" <[EMAIL PROTECTED]> wrote:
>
> > Can someone explain how to use the DNSDatabaseInfo directive in
> > freshclam.conf? I would like to use DNS checks, but I don'
I concur with Bart, from following this thread, it appears that theft
is not the issue but interpretation of the license.
While the virii database is proprietary, it is licensed under the GPL
and from what I can tell, unless of course it carries it's own
independent license, giving credit where
Graham Toal said:
>> > The database is not a script. It is a binary compilation.
>>
>> It's not a script, true, but it also is not a binary compilation. If
>> you look inside any of the database files unpacked by sigtool (sigtool
>> --unpack) you'll note that they are actually a plain text files,
> > The database is not a script. It is a binary compilation.
>
> It's not a script, true, but it also is not a binary compilation. If
> you look inside any of the database files unpacked by sigtool (sigtool
> --unpack) you'll note that they are actually a plain text files, one
> line per entry.
On Wed, 22 Sep 2004 11:07:37 -0700 in
[EMAIL PROTECTED] "Tim
Howell" <[EMAIL PROTECTED]> wrote:
> Can someone explain how to use the DNSDatabaseInfo directive in
> freshclam.conf? I would like to use DNS checks, but I don't see any
> reference to this option in the man pages, etc.
Add this to yo
On Wed, 22 Sep 2004 19:18:53 +0200 in
[EMAIL PROTECTED] Tomasz Kojm <[EMAIL PROTECTED]>
wrote:
> No, it won't. Security by obscurity is a nonsense.
Well actually it helps where the underlying system is already carefully
secured because the attacker has no idea where to start probing.
Not a guar
Just thought this might be helpful for newcomers...
If you're compiling ClamAV from scratch, then you've probably noticed
it's a little tricky. I put up some notes on the steps you'll need to
take at: http://www.itg.uiuc.edu/~menscher/
The notes are written with a RedHat slant, but if you're r
Kevin Spicer said:
> On Wed, 2004-09-22 at 14:25, [EMAIL PROTECTED] wrote:
>
>> The database is not a script. It is a binary compilation.
>
> It's not a script, true, but it also is not a binary compilation. If
> you look inside any of the database files unpacked by sigtool (sigtool
> --unpack) y
On Sep 22, 2004, at 12:01 PM, Brian Bruns wrote:
Security through obsecurity... How comforting.
Misguided yet implemented by so many...
Either use the DB as the authors tell you you can use it, or don't use
it at all. It is very simple to understand. How would you like it if
you were the ones wr
> -Original Message-
> From: Tomasz Kojm [mailto:[EMAIL PROTECTED]
>
>
> Currently on-access scanning in clamd is very buggy and should not be
> used but it's in my TODO to fix it before 0.80.
Can someone explain the on-access scanning bit to me? I'm not sure I understand what
dazuko
On Wed, 22 Sep 2004 15:26:26 +0200
Knut Hildebrandt <[EMAIL PROTECTED]> wrote:
> As I wrote before clamuko can't register with dazuko on my SuSE 9.1.
Currently on-access scanning in clamd is very buggy and should not be
used but it's in my TODO to fix it before 0.80.
--
oo. T
> On Wed, 2004-09-22 at 08:28, Erik Slooff wrote:
> > I'm still seeing the following compile errors with 0.80rc2:
> >
> > mbox.c: In function `getURL':
> > mbox.c:2735: `CURLOPT_DNS_USE_GLOBAL_CACHE' undeclared
> (first use in this
> > functi
> > on)
>
>
> > I've also tried the --disable-dns sw
Grant Supp wrote:
I'm using qmail, qmail-scanner 1.23 and ClamAV 0.75.1 on CentOS 3.1
(recompile of RHEL3.) Ocassionally, I get the "Unable to open file or
directory ERROR" message in my clamd.log. Now I know this sounds like a
permissions problem, but bear with me. This only happens sometimes,
Can someone explain how to use the DNSDatabaseInfo directive in
freshclam.conf? I would like to use DNS checks, but I don't see any
reference to this option in the man pages, etc.
Thanks! =)
--TWH
---
This SF.Net email is sponsored by: YOU B
On Wed, 22 Sep 2004, Matt wrote:
The easiest way to distinguish this is if you are scanning the mail AFTER
you have accepted delivery of the email, then discard, do not bounce.
However, if you are filtering before accepting the email, then reject.
Agreed. If you're filtering your mail after it was
On Wed, 22 Sep 2004, Kelson wrote:
Simple solution to the question of whether to send a notice:
You know what virus was detected. You know whether it's a mass-mailer or
something else. (starts with Worm., ends with @mm, a few specific others)
Based on that, you can decide whether to reject it or
As a riposte: I'm not alone in this, far from it, actually. A similar
request was recently issued by virusalert.nl, a dutch organisation
on virus prevention.
See http://www.virusalert.nl/?show=nieuws&id=559
I attempted to use the Fish to translate, and looked at their little
picture of the situat
On Wed, 22 Sep 2004 10:40:59 +0200
"Remi Thomas" <[EMAIL PROTECTED]> wrote:
> The reason why I don't want UScanIT being GPL is because I use clam
> database and also some heuristic test to decide is a suspect file is a
> virus or not. This would help virus writter if they know how to be
> "transpa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Trog wanted us to know:
>> mbox.c: In function `getURL':
>> mbox.c:2735: `CURLOPT_DNS_USE_GLOBAL_CACHE' undeclared (first use in
>> this function)
>Disable libcurl support:
>./configure --without-libcurl
Shouldn't the configure script detect if libc
On Wed, 22 Sep 2004 09:55:39 +0700
"Fajar A. Nugraha" <[EMAIL PROTECTED]> wrote:
> What IS the default behaviour of clamav when a particular default
> option does not exists?
> Is running clamd (and freshclam) with empty clamd.conf and
clamd requires and strictly depends on clamd.conf.
> Does a
On Tue, 21 Sep 2004, Jeremy Kitchen wrote:
> On Tuesday 21 September 2004 04:09 pm, [EMAIL PROTECTED] wrote:
> > On Tue, 21 Sep 2004, Jeremy Kitchen wrote:
> > > On Tuesday 21 September 2004 12:39 am, [EMAIL PROTECTED] wrote:
> > > > /usr/bin/ld: cannot find -lssl
> > >
> > > make sure you have th
I'm using qmail, qmail-scanner 1.23 and ClamAV 0.75.1 on CentOS 3.1
(recompile of RHEL3.) Ocassionally, I get the "Unable to open file or
directory ERROR" message in my clamd.log. Now I know this sounds like a
permissions problem, but bear with me. This only happens sometimes,
there are hundred
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Knut Hildebrandt escribió:
| As I wrote before clamuko can't register with dazuko on my SuSE 9.1.
Although
| Dale tried to fix my conf file this didn't help.
|
| But maybe thats the clue? In the conf it says before enabling clamuko
dazuko
| has to be co
I've browsed the archives for an answer to this, but don't find anything that's a match.
My clamd is running as it has been since the computer started, as is exim, and freshclam; so I'm pretty sure that's not the problem.
I've also tried to open up the permissions a little to make sure clamav u
Damian Menscher wrote:
> Maybe I'm missing something, but they're not talking about not
> rejecting. They're talking about not bouncing (sending out non-delivery
> notifications in response to EVERY virus). There's a huge difference. I
> think you'd be hard-pressed to find a legitimate company s
Simple solution to the question of whether to send a notice:
You know what virus was detected. You know whether it's a mass-mailer
or something else. (starts with Worm., ends with @mm, a few specific others)
Based on that, you can decide whether to reject it or discard it.
--
Kelson Vibber
Speed
> > Hi
> >
> > I've built clamav-0.80rc2 on FC1 FC2 and FC3, but
> > when I tried it on a RH 7.2 machine the make fails as follows:
> >
> > gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I./zziplib -I./mspack -g -O2 -MT
> > mbox.lo -MD -MP -MF .deps/mbox.Tpo -c mbox.c -fPIC -DPIC -o .libs/mbox.lo
> > m
On Wednesday 22 Sep 2004 14:17, ahellary wrote:
> hi there
>
> im keen to start a web based stats page on virus es caught etc ... i seem to
> remember a thread where one of you guys were developing such a thing can you
> please advise
Like http://cgi.bandsman.co.uk/cgi-bin/virus/display.pl ? Yo
On Wednesday, September 22, 2004 4:40 AM [EDT], Remi Thomas wrote:
>
>
>
> I don't want to still your job and I will add link to clam project
> home page in my About window and web site.
>
> The reason why I don't want UScanIT being GPL is because I use clam
> database and also some heuristic tes
On Wed, Sep 22, 2004 at 08:34:41AM -0500, [EMAIL PROTECTED] said:
> Stefke said:
> > Advise to Remi.
> >
> > Create your own database structure, write a GPL'ed program that converts
> > Clamav's DB to your own, use your own DB in your "Free but closed source"
> > program
> >
>
> I think that t
hi there
im keen to start a web based stats page on virus es caught etc ... i
seem to remember a thread where one of you guys were developing such
a thing can you please advise
Hi,
http://mail.limelyte.net/admin/virus/ ??
It uses qsla as the backend to write to a mysql database, but any
backend
im using clamav with blackhole and qmail
- Original Message -
From: "Kevin Spicer" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 22, 2004 3:40 PM
Subject: Re: [Clamav-users] stats
On Wed, 2004-09-22 at 15:17, Nikhil Parva wrote:
hi,
try using mailscanner-mrtg. It
[EMAIL PROTECTED] wrote:
Message: 2
From: "Steffen Heil" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: AW: AW: [Clamav-users] Re: Re: Re: Windows port ?
Date: Wed, 22 Sep 2004 15:42:00 +0200
Reply-To: [EMAIL PROTECTED]
Hi
Why should anyone else pay attention if the complainant violates his
On Wed, 2004-09-22 at 14:25, [EMAIL PROTECTED] wrote:
> The database is not a script. It is a binary compilation.
It's not a script, true, but it also is not a binary compilation. If
you look inside any of the database files unpacked by sigtool (sigtool
--unpack) you'll note that they are actua
On Wed, 2004-09-22 at 15:17, Nikhil Parva wrote:
> hi,
>
> try using mailscanner-mrtg. It is available in the form of RPM and the
> webpage can be displayed using apache.
So long as you're using MailScanner of course! If you are using
MailScanner you might also like to look at vispan (the two pr
Or write an open source program which does the scanning without dependancy
on cygwin. GPL it, give away the source. Keep your heuristics separate, and
if you like your interface, etc. This is the same effect as the windows
wrapper that exists without the underlying overhead of the gygwin underneath
Yes, thanks very much to the developers for all your hard work on
ClamAV! It is greatly appreciated.
---
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
hi,
try using mailscanner-mrtg. It is available in the form of RPM and the
webpage can be displayed using apache.
Rgds,
Nikhil
- Original Message -
From: "ahellary" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, September 22, 2004 6:47 PM
Subject: [Clamav-users] stats
>
On Wed, 2004-09-22 at 08:28, Erik Slooff wrote:
> I'm still seeing the following compile errors with 0.80rc2:
>
> mbox.c: In function `getURL':
> mbox.c:2735: `CURLOPT_DNS_USE_GLOBAL_CACHE' undeclared (first use in this
> functi
> on)
> I've also tried the --disable-dns switch for configure, wit
ahellary wrote:
hi there
im keen to start a web based stats page on virus es caught etc ... i
seem to remember a thread where one of you guys were developing such a
thing can you please advise
Hi,
http://mail.limelyte.net/admin/virus/ ??
It uses qsla as the backend to write to a mysql database,
On Wed, 22 Sep 2004, Jan Pieter Cornet wrote:
On Tue, Sep 21, 2004 at 06:39:25PM -0500, Damian Menscher wrote:
As a riposte: I'm not alone in this, far from it, actually. A similar
request was recently issued by virusalert.nl, a dutch organisation
on virus prevention.
See http://www.virusalert.nl/?
Hi
> Why should anyone else pay attention if the complainant violates his own
contract in the same manner.
First, because the owner can have a special license for himself. You can
distribute the same product under several licenses.
Second, if the owner of a some right violates that, it's absolute
As I wrote before clamuko can't register with dazuko on my SuSE 9.1. Although
Dale tried to fix my conf file this didn't help.
But maybe thats the clue? In the conf it says before enabling clamuko dazuko
has to be configured and must be running. What does that mean?
/dev/dazuko exists on my sy
Stefke said:
> Advise to Remi.
>
> Create your own database structure, write a GPL'ed program that converts
> Clamav's DB to your own, use your own DB in your "Free but closed source"
> program
>
I think that this violates the viral nature of the GPL. You are still
requiring the use of a GPL
hi there
im keen to start a web based stats page on virus es caught etc ... i seem to
remember a thread where one of you guys were developing such a thing can you
please advise
Thanks
Tony
- Original Message -
From: "Jan Pieter Cornet" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: W
Steffen Heil said:
> Hi
>
>> As stated by the GPL, you should provide source code for a GPL
>> executable
> or library.
>> Could you provide me source code for the database please ?
>
> Hey, come on, this is getting a sensless discussion.
> If you do not agree with the licence holders position, don
Odhiambo Washington said:
> * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [20040922 11:02]: wrote:
> [..]
>
>> The Barracuda spam filter appears to at least use the clam database.
>> Does
>> Barracuda also distribute source as required by the GPL?
>
> Spam fil
Ralph Angenendt wrote:
Fajar A. Nugraha wrote:
Isn't LGPL more suitable for libraries?
Why should it be? *IF* the authors chose to license it to you in a way,
which *only* allows you to incorporate it into Programs with GPL
compatible licenses, it should be respected.
Forget my comment
On Sep 22, 2004, at 5:33 AM, Ralph Angenendt wrote:
He has to link the database *somehow* into his program. Look up what
the GPL has to say about that.
And: Hey, if you do not like the license of a program - do not use it.
It is simple as that. If you want to use it - fulfill the license.
I think h
On Wednesday 22 September 2004 12:28, Brian Morrison shaped the electrons to
say:
> On Wed, 22 Sep 2004 10:37:31 +0200 in
> [EMAIL PROTECTED] Scott Ryan
>
> <[EMAIL PROTECTED]> wrote:
> > I am investigating the possibility of using a Unix socket as opposed
> > to my current setup of tcp socket bou
Advise to Remi.
Create your own database structure, write a GPL'ed program that converts
Clamav's DB to your own, use your own DB in your "Free but closed source"
program
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ralph
Angenendt
Sent: woensdag
On Tue, Sep 21, 2004 at 06:39:25PM -0500, Damian Menscher wrote:
> On Wed, 22 Sep 2004, Jan Pieter Cornet wrote:
> >On Mon, Sep 20, 2004 at 04:26:40PM -0700, [EMAIL PROTECTED]
> >wrote:
> >>It is perfectly acceptable to place an explanatory message in an SMTP
> >>REJECT message.
> >
> >Acceptable,
Trog wrote:
Disable libcurl support:
./configure --without-libcurl
Thanks. That did it.
--
_/_/_/_/ _/ _/
_/_/ _/ _/ _/
_/_/_/_/ _/
_/_/ _/ _/ _/
_/_/_/_/ _/ _/ _/
Bill Maidment
Maidment Enterprises Pty Ltd
Unless you are named "Alfred E. Newman", yo
On Wed, 22 Sep 2004 10:37:31 +0200 in
[EMAIL PROTECTED] Scott Ryan
<[EMAIL PROTECTED]> wrote:
> I am investigating the possibility of using a Unix socket as opposed
> to my current setup of tcp socket bound to 127.0.0.1.
> I was just wondering what the clamav users' experience of this setup
> is.
On Wed, 2004-09-22 at 10:58, Marc ROMERO wrote:
> Dear clamav-users
>
> I've a Linux Debian (2.4.20) whose running clamav-0.75.1. I'm trying to compile
> clamav-0.80rc2 and I didn't manage to compile a new version because I'm
> getting the following error message (The error message is given at the
On Wed, 2004-09-22 at 10:53, Bill Maidment wrote:
> Hi
>
> I've built clamav-0.80rc2 on FC1 FC2 and FC3, but
> when I tried it on a RH 7.2 machine the make fails as follows:
>
> gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I./zziplib -I./mspack -g -O2 -MT
> mbox.lo -MD -MP -MF .deps/mbox.Tpo -c mbox.c
* Scott Ryan <[EMAIL PROTECTED]> [20040922 12:53]: wrote:
> I am investigating the possibility of using a Unix socket as opposed to my
> current setup of tcp socket bound to 127.0.0.1.
> I was just wondering what the clamav users' experience of this setup is.
Hi Scott,
I
Hi
I've built clamav-0.80rc2 on FC1 FC2 and FC3, but
when I tried it on a RH 7.2 machine the make fails as follows:
gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I./zziplib -I./mspack -g -O2 -MT
mbox.lo -MD -MP -MF .deps/mbox.Tpo -c mbox.c -fPIC -DPIC -o .libs/mbox.lo
mbox.c: In function `getURL':
mbox.
Dear clamav-users
I've a Linux Debian (2.4.20) whose running clamav-0.75.1. I'm trying to compile
clamav-0.80rc2 and I didn't manage to compile a new version because I'm
getting the following error message (The error message is given at the
end of the message). Can you help me ?
Thank
Marc
marc
On Wednesday 22 September 2004 04:10 am, Randal, Phil wrote:
> > > Why? Since all you achieve with rejects is indirectly
> > > causing a lot of
> > > "virus bounces" to appear at innocent bystanders.
> >
> > NO.
> > Virii are usually send directly from the virus and the virus
> > will not send boun
Fajar A. Nugraha wrote:
> How is that so?
> From daily.cvd's COPYING :
>
> -GNU GENERAL PUBLIC LICENSE Version 2
>Isn't LGPL more suitable for libraries?
Why should it be? *IF* the authors chose to license it to you in a way,
which *only* allows you to incorporate it into Programs with GP
Hi
> As stated by the GPL, you should provide source code for a GPL executable
or library.
> Could you provide me source code for the database please ?
Hey, come on, this is getting a sensless discussion.
If you do not agree with the licence holders position, don't use it. It is
theirs.
Using oth
On Tue, 21 Sep 2004 15:21:22 -0400 in [EMAIL PROTECTED] Ryan
Moore <[EMAIL PROTECTED]> wrote:
> Brian Morrison wrote:
> > You need to do something appropriate to sendmail.cf or the milter
> > configuration (which I know nothing about I'm afraid) to do this.
> >
> > This is not something that can
Steffen wrote:
> Hi
>
>> Why? Since all you achieve with rejects is indirectly
> causing a lot of
> "virus bounces" to appear at innocent bystanders.
>
> NO.
> Virii are usually send directly from the virus and the virus
> will not send bounces... :D However, if a virus can send
> through an SMTP
I am investigating the possibility of using a Unix socket as opposed to my
current setup of tcp socket bound to 127.0.0.1.
I was just wondering what the clamav users' experience of this setup is.
Is there any benefits to Unix over TCP socket in both security and
performance?
--
Kind regards,
+
Tomasz Kojm wrote:
> The database is treated as a library and not an executable. Loading it
> into your program requires it to be GPL compliant.
Hi,
As stated by the GPL, you should provide source code for a GPL executable or
library.
Could you provide me source code for the database please ?
H
* [EMAIL PROTECTED] <[EMAIL PROTECTED]> [20040922 11:02]: wrote:
[..]
> The Barracuda spam filter appears to at least use the clam database. Does
> Barracuda also distribute source as required by the GPL?
Spam filter?
cheers
On Tuesday 21 Sep 2004 21:41, LOYET Jérôme wrote:
> Hello,
>
> In order to make the port for OpenBSD. I'd like to know when the final
> release of clamav 0.80 will go out.
That depends upon the number of bug reports against 0.80. Remember that it
is only a release candidate, (i. e. beta).
> The
On Tuesday 21 Sep 2004 20:15, Scott Call wrote:
> I just installed 0.80rc and got the following error:
>
> /var/spool/exim/scan/1C9pqn-0003rF-0l/1C9pqn-0003rF-0l.eml: Bad format or
> broken data ERROR
> I'll omit the From and To, but the rest of the headers are:
> Subject: Read: Keeper
> Date: T
I use clamav on a windows XP box. I call clamscan.exe from an MTA
(Mailenable).
Since about 18 hours ago I have noticed that when it is called clamscan
hangs, using 100% CPU.
This started whilst I was in the middle of programming some extras into my
MTA event, so naturally I assumed I broke it :-(
Hi
> Why? Since all you achieve with rejects is indirectly causing a lot of
"virus bounces" to appear at innocent bystanders.
NO.
Virii are usually send directly from the virus and the virus will not send
bounces... :D
However, if a virus can send through an SMTP server, that server needs to be
b
Fajar A. Nugraha said:
> Tomasz Kojm wrote:
>
>>>I didn't use any source code from orginal project.
>>>This full object oriented C++ rewriting.
>>>I can send source code to project manager I you want to check about
>>>this. I don't modify the DB, I only download it and use it. I display
>>>DB copyr
I'm still seeing the following compile errors with 0.80rc2:
mbox.c: In function `getURL':
mbox.c:2735: `CURLOPT_DNS_USE_GLOBAL_CACHE' undeclared (first use in this
functi
on)
mbox.c:2735: (Each undeclared identifier is reported only once
mbox.c:2735: for each function it appears in.)
make[2]: ***
On Tuesday 21 September 2004 06:39 pm, Damian Menscher wrote:
> > Why? Since all you achieve with rejects is indirectly causing a lot of
> > "virus bounces" to appear at innocent bystanders.
>
> No, you also guard against false positives.
exactly. If the remote sender is sending a legitimate file
78 matches
Mail list logo