Jon Wagoner - Red Cheetah wrote:
Is there any way I can disable the check for Email.FreeGame?
Is there any reason to suspect this file will ever contain a viable virus? If
not
then don't bother scanning it. Sorry I don't have an answer for your question.
dp
I'm not sure what the proper procedure is here. Clamav is detecting
Email.FreeGame in two of the database files from my MySQL database (one
.MYD and one .ibd). If I dump the contents as text and scan no virus is
found, so apparently it's just something in the binary format of the DB
triggering
Jon Wagoner - Red Cheetah wrote:
Yes, I'm periodically doing scans of the full drive. I could just
skip
the mysql directory, but that seems pretty bad security practice.
Why does it seem that way to you ?
It appears clamav just does a substring match on the exclude, so it
would be easy to
On Fri, 28 Sep 2007, Jon Wagoner - Red Cheetah wrote:
Yes, I'm periodically doing scans of the full drive. I could just skip
the mysql directory, but that seems pretty bad security practice.
Why does it seem that way to you ?
I don't think scanning raw mysql database files is going to give
Yes, I'm periodically doing scans of the full drive. I could just
skip
the mysql directory, but that seems pretty bad security practice.
Why does it seem that way to you ?
It appears clamav just does a substring match on the exclude, so it
would be easy to hide viruses. E.g. If I
On Fri, September 28, 2007 12:41 pm, Dennis Peterson said:
Jon Wagoner - Red Cheetah wrote:
Is there any way I can disable the check for Email.FreeGame?
Is there any reason to suspect this file will ever contain a viable
virus? If not then don't bother scanning it. Sorry I don't have an
On Fri, September 28, 2007 12:41 pm, Dennis Peterson said:
Jon Wagoner - Red Cheetah wrote:
Is there any way I can disable the check for Email.FreeGame?
Is there any reason to suspect this file will ever contain a viable
virus? If not then don't bother scanning it. Sorry I don't
On Fri, 28 Sep 2007, Jon Wagoner - Red Cheetah wrote:
It appears clamav just does a substring match on the exclude, so it
would be easy to hide viruses. E.g. If I excluded .MYD, then you could
just have your virus named somevirus.MYD and it would not be caught. If
I would not exclude *.MYD
Once upon a time, Jeff Thurston [EMAIL PROTECTED] said:
Im running clamav 91.2 (90.3 did the same thing).
After about an hour or so the clamd process gets stuck at 100%.
I've checked various logs for the cause and haven't found anything.
What OS and platform?
I have had load problems with
Im running clamav 91.2 (90.3 did the same thing).
After about an hour or so the clamd process gets stuck at 100%.
I've checked various logs for the cause and haven't found anything.
Clamav is being run by amavis-new 2.3 if that info is of any interest.
This is a recent problem, I ran 88.4 just
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Chris Adams
Sent: Friday, September 28, 2007 11:48 AM
To: 'ClamAV users ML'
Subject: Re: [Clamav-users] clamd stuck at 100% cpu usage
Once upon a time, Jeff Thurston [EMAIL PROTECTED]
Jeff Thurston wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Chris Adams
Sent: Friday, September 28, 2007 11:48 AM
To: 'ClamAV users ML'
Subject: Re: [Clamav-users] clamd stuck at 100% cpu usage
Once upon a time, Jeff Thurston
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Dennis Peterson
Sent: Friday, September 28, 2007 12:07 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] clamd stuck at 100% cpu usage
Jeff Thurston wrote:
-Original Message-
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Dennis Peterson
Sent: Friday, September 28, 2007 12:11 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] clamd stuck at 100% cpu usage
Dennis Peterson wrote:
Jeff Thurston wrote:
Jeff Thurston wrote:
Please forgive my ignorance, I don't use strace very much...
I assume it is as simple as waiting for the process to get stuck at 100%
again, then 'strace -p clamd.pid` and look for... what should I look for?
Yes, pretty much it. You should probably also use the -f
Dennis Peterson wrote:
Jeff Thurston wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Chris Adams
Sent: Friday, September 28, 2007 11:48 AM
To: 'ClamAV users ML'
Subject: Re: [Clamav-users] clamd stuck at 100% cpu usage
Once
Dennis Peterson wrote:
Yes, pretty much it. You should probably also use the -f (follow)
switch to see what the kids are doing, too.
Does strace work well with POSIX threads on Linux? My impression was not,
but maybe my information is out of date.
Regards,
David.
David F. Skoll wrote:
Dennis Peterson wrote:
Yes, pretty much it. You should probably also use the -f (follow)
switch to see what the kids are doing, too.
Does strace work well with POSIX threads on Linux? My impression was not,
but maybe my information is out of date.
I'm a Solaris guy
On 9/28/07, Jeff Thurston [EMAIL PROTECTED] wrote:
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Chris Adams
Sent: Friday, September 28, 2007 11:48 AM
To: 'ClamAV users ML'
Subject: Re: [Clamav-users] clamd stuck at 100% cpu
On Fri, 28 Sep 2007, Jon Wagoner - Red Cheetah wrote:
It appears clamav just does a substring match on the exclude, so it
would be easy to hide viruses. E.g. If I excluded .MYD, then you
could
just have your virus named somevirus.MYD and it would not be caught.
If
I would not
On Fri, 28 Sep 2007, Jon Wagoner - Red Cheetah wrote:
hidden
in /home/someuser/var/lib/mysql/my-virus-here.
Users should not be able to write to that directory at all, it should
be
Take a closer look, that's not the real mysql directory, just a
subdirectory under the users home
-Original Message-
From: [EMAIL PROTECTED] [mailto:clamav-users-
[EMAIL PROTECTED] On Behalf Of Dennis Peterson
Sent: Friday, September 28, 2007 12:35 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] strace and threads (was Re: clamd stuck at
100% cpu usage)
David F. Skoll
22 matches
Mail list logo