[clamav-users] About ClamAV 0.101.3 builds on AIX6.1
Hi, all I am trying to build ClamAV 0.101.3 on AIX6.1. I did the following procedure, but it fails to make. What can I do? Excuse me in a long sentence below. 1. Download clamav-0.101.3.tar.gz package. 2. Extract package. 3. Execute configure AR="/usr/bin/ar -X64" LDFLAGS="-maix64 -Wl,-bbigtoc -lbsd -lclamav" ./configure CFLAGS="-maix64" CXXFLAGS="-maix64" LD FLAGS="-maix64 -Wl,-bbigtoc -lbsd" --prefix=/usr/lib/clamav --exec-prefix=/usr/lib/clamav --bindir=/usr/lib/clamav --sbindir=/us r/lib/clamav --sysconfdir=/etc/clamav --libdir=/usr/lib/clamav --datarootdir=/usr/lib/clamav --with-dbdir=/usr/lib/clamav --disa ble-clamav --enable-shared --disable-static --disable-zlib-vcheck --with-pcre --with-openssl=/opt/freeware --enable-strni checking for g++... g++ checking whether the C++ compiler works... yes checking for C++ compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C++ compiler... yes checking whether g++ accepts -g... yes checking build system type... powerpc-ibm-aix6.1.0.0 checking host system type... powerpc-ibm-aix6.1.0.0 checking target system type... powerpc-ibm-aix6.1.0.0 creating target.h - canonical system defines checking for a BSD-compatible install... config/install-sh -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... config/install-sh -c -d checking for gawk... no checking for mawk... no checking for nawk... nawk checking whether make sets $(MAKE)... yes checking for style of include used by make... GNU checking whether make supports nested variables... yes checking whether UID '0' is supported by ustar format... yes checking whether GID '0' is supported by ustar format... yes checking how to create a ustar tar archive... gnutar checking dependency style of g++... gcc3 checking whether make supports nested variables... (cached) yes checking for gcc... gcc checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking dependency style of gcc... gcc3 checking the archiver (/usr/bin/ar -X64) interface... ar checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... /usr/bin/grep checking for egrep... /usr/bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking minix/config.h usability... no checking minix/config.h presence... no checking for minix/config.h... no checking whether it is safe to define __EXTENSIONS__... yes checking how to print strings... print -r checking for a sed that does not truncate output... /usr/bin/sed checking for fgrep... /usr/bin/grep -F checking for ld used by gcc... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... no checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B checking the name lister (/usr/bin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 786432 checking how to convert powerpc-ibm-aix6.1.0.0 file names to powerpc-ibm-aix6.1.0.0 format... func_convert_file_noop checking how to convert powerpc-ibm-aix6.1.0.0 file names to toolchain format... func_convert_file_noop checking for /usr/bin/ld option to reload object files... -r checking for objdump... no checking how to recognize dependent libraries... pass_all checking for dlltool... no checking how to associate runtime and link libraries... print -r -- checking for archiver @FILE support... no checking for strip... strip checking for ranlib... ranlib checking command to parse /usr/bin/nm -B output from gcc object... failed checking for sysroot... no checking for a working dd... /usr/bin/dd checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1 checking for mt... mt checking if mt is a manifest tool... no checking for dlfcn.h... yes checking which variant of shared library versioning to provide... aix checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fPIC -DPIC checking if gcc PIC flag -fPIC -DPIC works... yes checking if gcc static flag -static works... no checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usr/bin/ld) supports shared libraries... yes checking dynamic linker characteristics... AIX lib.a(lib.so.V) checking how to hardcode library paths into programs... immediate checking for shl_load... no checking for shl_load in -ldld... no checking for dlopen... yes
Re: [clamav-users] Packaging ClamAV
Probably need to kick off freshclam as part of the install. Sent from my iPhone > On Aug 12, 2019, at 17:00, Scott Kitterman via clamav-users > wrote: > > On Monday, August 12, 2019 4:49:01 PM EDT Nick Howitt wrote: >> On 12/08/2019 19:16, J.R. via clamav-users wrote: I would suggest not packaging them at all, and they should be downloaded from the update servers the first time the update is ran. >>> >>> Ideally yes, I would agree. >>> >>> However then you run into the edge-case of what if the machine has no >>> (or very limited) internet access? I *think* it's a requirement for >>> any package that it has to be able to run (even if there is some part >>> that is out-of-date). >> >> Interestingly, it seems clamd will just start with bytecode.cvd present, >> so technically it appears to be possible just to package bytecode.cvd >> and fire off a freshclam as part if the post-install. How does that sound? > > Presenting the user with a running clamd that has a very limited ability to > scan for threats seems misleading. > > Scott K > > > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Packaging ClamAV
On Monday, August 12, 2019 4:49:01 PM EDT Nick Howitt wrote: > On 12/08/2019 19:16, J.R. via clamav-users wrote: > >> I would suggest not packaging them at all, and they > >> should be downloaded from the update servers the > >> first time the update is ran. > > > > Ideally yes, I would agree. > > > > However then you run into the edge-case of what if the machine has no > > (or very limited) internet access? I *think* it's a requirement for > > any package that it has to be able to run (even if there is some part > > that is out-of-date). > > Interestingly, it seems clamd will just start with bytecode.cvd present, > so technically it appears to be possible just to package bytecode.cvd > and fire off a freshclam as part if the post-install. How does that sound? Presenting the user with a running clamd that has a very limited ability to scan for threats seems misleading. Scott K ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Packaging ClamAV
On 12/08/2019 19:16, J.R. via clamav-users wrote: I would suggest not packaging them at all, and they should be downloaded from the update servers the first time the update is ran. Ideally yes, I would agree. However then you run into the edge-case of what if the machine has no (or very limited) internet access? I *think* it's a requirement for any package that it has to be able to run (even if there is some part that is out-of-date). Interestingly, it seems clamd will just start with bytecode.cvd present, so technically it appears to be possible just to package bytecode.cvd and fire off a freshclam as part if the post-install. How does that sound? ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Recommended ClamAV exclusions on Mac OS X
Does anyone else run ClamAV on Macs? I am still trying to gain insight for what exclusions to add to our ClamAV rollout to Macs. Thanks, Doug On Wed, Aug 7, 2019 at 10:21 AM Douglas Stinnette wrote: > Hi, > > What would your recommended ClamAV exclusions on Mac OS X be? > I have Googled for insight on this question and have not received very > good hits. > Thanks, > Doug > > > -- > > > Doug Stinnette > > VCU Technology Services > > Endpoint Security Specialist > > Virginia Commonwealth University > > 827-0933 > > > > Don't be a phishing victim - VCU and other reputable organizations will > never use email to request that you reply with your password, Social > Security number or confidential personal information. For more details > visit http://go.vcu.edu/phishing or http://phishing.vcu.edu. > -- Doug Stinnette VCU Technology Services Endpoint Security Specialist Virginia Commonwealth University 827-0933 Don't be a phishing victim - VCU and other reputable organizations will never use email to request that you reply with your password, Social Security number or confidential personal information. For more details visit http://go.vcu.edu/phishing or http://phishing.vcu.edu. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Freshclam slows down boot on MX Linux (Debian)
Thanks to everyone who responded. For some reason I cannot Reply to mails from this list. I have to Compose from scratch each time, which probably breaks threading here. Here is my original response, resending now: Thanks very much, Micah! I have ethernet here and it does connect quickly, but this still might be happening. I'm made the emendation and will let you know if it solves the problem or not. It will take a few days to be sure. I still think that a delay mechanism is very desirable, perhaps even as the default. BW, Paul On Mon, Aug 12, 2019 at 9:24 AM Micah Snyder (micasnyd) wrote: > > This may be related, another user had noted that freshclam was starting > before it had network access, and had us add a network-online dependency to > the service file. This change will be present in the 0.102 release, but you > can always add it manually to your clamav-freshclam.service file: > https://bugzilla.clamav.net/show_bug.cgi?id=12104 > > -Micah ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Freshclam slows down boot on MX Linux (Debian)
* J. R. via clamav-users: > You could add a simple bash sleep statement to the appropriate > init.d/cron file. On systems using dependency based init systems like "init" or "OpenRC", services are usually started sequentially. I expect adding a sleep statement would actually slow things down even further in these cases. > IIRC some systems will run cron jobs that were missed while the system > was turned off... There are indeed cron implementations that work in this fashion, like Anacron. -Ralph ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Packaging ClamAV
> I would suggest not packaging them at all, and they > should be downloaded from the update servers the > first time the update is ran. Ideally yes, I would agree. However then you run into the edge-case of what if the machine has no (or very limited) internet access? I *think* it's a requirement for any package that it has to be able to run (even if there is some part that is out-of-date). ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Freshclam slows down boot on MX Linux (Debian)
> What I'm looking for is a way to delay Freshclam's search for updates > upon booting, something like 2 minutes; or in general, to have more > control over its scheduling. I don't see a relevant parameter in > /etc/clamav/freshclam.conf, or anything in the crontab folders. My MX > Linux system uses init.d rather than system.d. You could add a simple bash sleep statement to the appropriate init.d/cron file. IIRC some systems will run cron jobs that were missed while the system was turned off... I have no experience with MX Linux so I don't know where / what is triggering freshclam on startup. # Sleep random amount of time before proceeding sleep $(expr $RANDOM % 900) ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Packaging ClamAV
On 12/08/2019, 16:21, "Nick Howitt" wrote: > > Then you can't start clamd on installation? Run a postinstall scriptlet that calls freshclam as part of the package installer, perhaps? Graeme ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Packaging ClamAV
Then you can't start clamd on installation? On 12/08/2019 15:06, Joel Esler (jesler) via clamav-users wrote: I would suggest not packaging them at all, and they should be downloaded from the update servers the first time the update is ran. On Aug 12, 2019, at 9:47 AM, Nick Howitt wrote: On 12/08/2019 13:25, J.R. via clamav-users wrote: main.cvd rarely changes (last update was Jan 2018), it is only when the daily gets so large they push a bunch of signatures over. Bytecode also does not get updated very often. Really the only things are daily & safebrowsing (if enabled) that change regularly. Since the are 'signed' files, there's really no way for a 3rd party to fudge them (afaik). I don't think it would be wise to include stub files, because if there is a network issue during install a person could falsely believe that their installation was successful and being protected, when they really aren't. Even if you are including files that are slightly outdated, that's giving them some level of protection out of the box. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml Thanks for replying. Are you suggesting just packaging main.cvd and not packaging daily.cvd or bytecode.cvd? ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Freshclam slows down boot on MX Linux (Debian)
* Paul B. via clamav-users: > I've been finding for some time now that I have a 10-15 second delay > before my machine settles down after a boot. Welcome to the club. Launching ClamAV has become so slow that I need to take steps to ensure that more important services like sshd are started before ClamAV, so as not to block the servers. We're talking 64 GB RAM and quad-core i7-7700 CPU here, by the way. -Ralph ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] clamsubmit error
Same error message with 0.102.0-beta and 0.101.2 Le 12/08/2019 à 16:36, Joel Esler (jesler) via clamav-users a écrit : How about now? On Aug 12, 2019, at 3:40 AM, Arnaud Jacques wrote: Hello Joel, clamsubmit compiled from source from clamav-0.102.0-beta and from clamav-0.100.3 get same error message : invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission. Where does this message come from ? Communication between client and server ? Datas submitted ? Server side error ? Le 09/08/2019 à 07:53, Joel Esler (jesler) via clamav-users a écrit : We’re looking into this Arnaud. Sent from my iPad On Aug 8, 2019, at 11:09, Arnaud Jacques wrote: Hello Micah, Still got the same error on each submitted file. Le 08/08/2019 à 17:18, Micah Snyder (micasnyd) via clamav-users a écrit : Clamsubmit currently uses web forms from the clamav.net submission pages. The error output is, admittedly, pretty terrible when something goes wrong. I've seen that type of error output before when there was an outage on the web server side for collecting these but in my own test just now I had no problems uploading either malware or false positive reports. Can you please try again? -Micah On 8/8/19, 8:38 AM, "clamav-users on behalf of Arnaud Jacques" wrote: Hello, Using clamsubmit for Debian 10.0 : clamsubmit -v ClamAV 0.101.2/25535/Thu Aug 8 10:18:42 2019 for I in ./*; do clamsubmit -N 'SecuriteInfo' -e webmas...@securiteinfo.com -n $I; done invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned... etc ... I am running command in root user. Files are read/write access. What's wrong ? Thank you. -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com Téléphone : +33-(0)3.44.39.76.46 E-mail : a...@securiteinfo.com Site web : https://www.securiteinfo.com Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 Twitter : @SecuriteInfoCom Securiteinfo.com La Sécurité Informatique - La Sécurité des Informations. 266, rue de Villers 60123 Bonneuil en Valois ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com Téléphone : +33-(0)3.44.39.76.46 E-mail : a...@securiteinfo.com Site web : https://www.securiteinfo.com Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 Twitter : @SecuriteInfoCom Securiteinfo.com La Sécurité Informatique - La Sécurité des Informations. 266, rue de Villers 60123 Bonneuil en Valois ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml -- Cordialement / Best regards,
Re: [clamav-users] clamsubmit error
How about now? > On Aug 12, 2019, at 3:40 AM, Arnaud Jacques > wrote: > > Hello Joel, > > clamsubmit compiled from source from clamav-0.102.0-beta and from > clamav-0.100.3 get same error message : > > invalid cfduid and/or session id values provided by clamav.net/presigned. > Unable to continue submission. > > Where does this message come from ? Communication between client and server ? > Datas submitted ? Server side error ? > > > > Le 09/08/2019 à 07:53, Joel Esler (jesler) via clamav-users a écrit : >> We’re looking into this Arnaud. >> Sent from my iPad >>> On Aug 8, 2019, at 11:09, Arnaud Jacques wrote: >>> >>> Hello Micah, >>> >>> Still got the same error on each submitted file. >>> >>> Le 08/08/2019 à 17:18, Micah Snyder (micasnyd) via clamav-users a écrit : Clamsubmit currently uses web forms from the clamav.net submission pages. The error output is, admittedly, pretty terrible when something goes wrong. I've seen that type of error output before when there was an outage on the web server side for collecting these but in my own test just now I had no problems uploading either malware or false positive reports. Can you please try again? -Micah On 8/8/19, 8:38 AM, "clamav-users on behalf of Arnaud Jacques" >>> webmas...@securiteinfo.com> wrote: Hello, Using clamsubmit for Debian 10.0 : clamsubmit -v ClamAV 0.101.2/25535/Thu Aug 8 10:18:42 2019 for I in ./*; do clamsubmit -N 'SecuriteInfo' -e webmas...@securiteinfo.com -n $I; done invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned... etc ... I am running command in root user. Files are read/write access. What's wrong ? Thank you. -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com Téléphone : +33-(0)3.44.39.76.46 E-mail : a...@securiteinfo.com Site web : https://www.securiteinfo.com Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 Twitter : @SecuriteInfoCom Securiteinfo.com La Sécurité Informatique - La Sécurité des Informations. 266, rue de Villers 60123 Bonneuil en Valois ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml >>> >>> -- >>> Cordialement / Best regards, >>> >>> Arnaud Jacques >>> Gérant de SecuriteInfo.com >>> >>> Téléphone : +33-(0)3.44.39.76.46 >>> E-mail : a...@securiteinfo.com >>> Site web : https://www.securiteinfo.com >>> Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 >>> Twitter : @SecuriteInfoCom >>> >>> Securiteinfo.com >>> La Sécurité Informatique - La Sécurité des Informations. >>> 266, rue de Villers >>> 60123 Bonneuil en Valois >>> >>> ___ >>> >>> clamav-users mailing list >>> clamav-users@lists.clamav.net >>> https://lists.clamav.net/mailman/listinfo/clamav-users >>> >>> >>> Help us build a comprehensive ClamAV guide: >>>
Re: [clamav-users] Packaging ClamAV
I would suggest not packaging them at all, and they should be downloaded from the update servers the first time the update is ran. > On Aug 12, 2019, at 9:47 AM, Nick Howitt wrote: > > On 12/08/2019 13:25, J.R. via clamav-users wrote: >> main.cvd rarely changes (last update was Jan 2018), it is only when >> the daily gets so large they push a bunch of signatures over. Bytecode >> also does not get updated very often. Really the only things are daily >> & safebrowsing (if enabled) that change regularly. >> >> Since the are 'signed' files, there's really no way for a 3rd party to >> fudge them (afaik). >> >> I don't think it would be wise to include stub files, because if there >> is a network issue during install a person could falsely believe that >> their installation was successful and being protected, when they >> really aren't. Even if you are including files that are slightly >> outdated, that's giving them some level of protection out of the box. >> >> ___ >> >> clamav-users mailing list >> clamav-users@lists.clamav.net >> https://lists.clamav.net/mailman/listinfo/clamav-users >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> >> http://www.clamav.net/contact.html#ml > Thanks for replying. > Are you suggesting just packaging main.cvd and not packaging daily.cvd or > bytecode.cvd? > > > ___ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml smime.p7s Description: S/MIME cryptographic signature ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Packaging ClamAV
On 12/08/2019 13:25, J.R. via clamav-users wrote: main.cvd rarely changes (last update was Jan 2018), it is only when the daily gets so large they push a bunch of signatures over. Bytecode also does not get updated very often. Really the only things are daily & safebrowsing (if enabled) that change regularly. Since the are 'signed' files, there's really no way for a 3rd party to fudge them (afaik). I don't think it would be wise to include stub files, because if there is a network issue during install a person could falsely believe that their installation was successful and being protected, when they really aren't. Even if you are including files that are slightly outdated, that's giving them some level of protection out of the box. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml Thanks for replying. Are you suggesting just packaging main.cvd and not packaging daily.cvd or bytecode.cvd? ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Freshclam slows down boot on MX Linux (Debian)
This may be related, another user had noted that freshclam was starting before it had network access, and had us add a network-online dependency to the service file. This change will be present in the 0.102 release, but you can always add it manually to your clamav-freshclam.service file: https://bugzilla.clamav.net/show_bug.cgi?id=12104 -Micah On 8/12/19, 9:17 AM, "clamav-users on behalf of Paul B. via clamav-users" wrote: I've been finding for some time now that I have a 10-15 second delay before my machine settles down after a boot. It doesn't always happen, but usually does. Perhaps it's a first boot of the day issue, I'm not sure. But on opening Task manager I see that it is Freshclam consistently causing the extended CPU activity. I tried using the ClamTK interface / Update assistant to select manual updates, but that makes no difference in Freshclam's operation. What I'm looking for is a way to delay Freshclam's search for updates upon booting, something like 2 minutes; or in general, to have more control over its scheduling. I don't see a relevant parameter in /etc/clamav/freshclam.conf, or anything in the crontab folders. My MX Linux system uses init.d rather than system.d. Thanks for any help! ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Freshclam slows down boot on MX Linux (Debian)
I've been finding for some time now that I have a 10-15 second delay before my machine settles down after a boot. It doesn't always happen, but usually does. Perhaps it's a first boot of the day issue, I'm not sure. But on opening Task manager I see that it is Freshclam consistently causing the extended CPU activity. I tried using the ClamTK interface / Update assistant to select manual updates, but that makes no difference in Freshclam's operation. What I'm looking for is a way to delay Freshclam's search for updates upon booting, something like 2 minutes; or in general, to have more control over its scheduling. I don't see a relevant parameter in /etc/clamav/freshclam.conf, or anything in the crontab folders. My MX Linux system uses init.d rather than system.d. Thanks for any help! ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Packaging ClamAV
main.cvd rarely changes (last update was Jan 2018), it is only when the daily gets so large they push a bunch of signatures over. Bytecode also does not get updated very often. Really the only things are daily & safebrowsing (if enabled) that change regularly. Since the are 'signed' files, there's really no way for a 3rd party to fudge them (afaik). I don't think it would be wise to include stub files, because if there is a network issue during install a person could falsely believe that their installation was successful and being protected, when they really aren't. Even if you are including files that are slightly outdated, that's giving them some level of protection out of the box. ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Packaging ClamAV
Hi, I am currently trying to help with packaging ClamAV for ClearOS, based on the EPEL and FC repos. One thing I have noticed is that they pre-package virus signatures which both makes the package large and the signatures are necessarily out of date as soon as they are packaged. As clamd won't start without any signatures, I was wondering if it were possible to provide stub files for main.cvd, daily.cvd and bytecode.cvd so clamd can successfully start while, at the same time, firing off a "freshclam" on installation to get new signatures. If this is not possible, what other strategies are available to package ClamAV without signatures but automatically start clamd on installation? Thanks, Nick ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] clamsubmit error
Hello Joel, clamsubmit compiled from source from clamav-0.102.0-beta and from clamav-0.100.3 get same error message : invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission. Where does this message come from ? Communication between client and server ? Datas submitted ? Server side error ? Le 09/08/2019 à 07:53, Joel Esler (jesler) via clamav-users a écrit : We’re looking into this Arnaud. Sent from my iPad On Aug 8, 2019, at 11:09, Arnaud Jacques wrote: Hello Micah, Still got the same error on each submitted file. Le 08/08/2019 à 17:18, Micah Snyder (micasnyd) via clamav-users a écrit : Clamsubmit currently uses web forms from the clamav.net submission pages. The error output is, admittedly, pretty terrible when something goes wrong. I've seen that type of error output before when there was an outage on the web server side for collecting these but in my own test just now I had no problems uploading either malware or false positive reports. Can you please try again? -Micah On 8/8/19, 8:38 AM, "clamav-users on behalf of Arnaud Jacques" wrote: Hello, Using clamsubmit for Debian 10.0 : clamsubmit -v ClamAV 0.101.2/25535/Thu Aug 8 10:18:42 2019 for I in ./*; do clamsubmit -N 'SecuriteInfo' -e webmas...@securiteinfo.com -n $I; done invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned. Unable to continue submission.invalid cfduid and/or session id values provided by clamav.net/presigned... etc ... I am running command in root user. Files are read/write access. What's wrong ? Thank you. -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com Téléphone : +33-(0)3.44.39.76.46 E-mail : a...@securiteinfo.com Site web : https://www.securiteinfo.com Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 Twitter : @SecuriteInfoCom Securiteinfo.com La Sécurité Informatique - La Sécurité des Informations. 266, rue de Villers 60123 Bonneuil en Valois ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com Téléphone : +33-(0)3.44.39.76.46 E-mail : a...@securiteinfo.com Site web : https://www.securiteinfo.com Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286 Twitter : @SecuriteInfoCom Securiteinfo.com La Sécurité Informatique - La Sécurité des Informations. 266, rue de Villers 60123 Bonneuil en Valois ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com Téléphone : +33-(0)3.44.39.76.46 E-mail : a...@securiteinfo.com Site web : https://www.securiteinfo.com Facebook :