Re: [clamav-users] Restriction of downloads

2021-03-12 Thread Simon Wilson via clamav-users 
- Message from "Joel Esler (jesler) via clamav-users"  
 -

Date: Sat, 13 Mar 2021 01:49:34 +
From: "Joel Esler (jesler) via clamav-users"  


Reply-To: ClamAV users ML 
 Subject: Re: [clamav-users] Restriction of downloads
  To: ClamAV users ML 
  Cc: "Joel Esler (jesler)" 



Would the community be willing to pay for updates?


The thing I can't get over is the sense of entitlement coming out of  
some of the emails to this list for a service provided at no cost that  
is now being reasonably restricted because of impact on the people  
providing it *at no charge*, which if not resolved could potentially  
remove the ability for *any* of us to use it.


Go figure... Even more bizarre is people trying to create and share  
workarounds. Ah well...


From my POV Clamav has provided me with a great (free) tool for many  
years at only the cost of my time to learn it, and with a great and  
supportive community. If it were to move to a model wherein there was  
reasonable contribution I'd sign up for it.


Purely selfishly :) perhaps a model appropriately structured for home  
users like me (with < 10 users) to get updates with more for corporate  
/ govt users. :-D




--
Simon Wilson
M: 0400 12 11 16


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Restriction of downloads

2021-03-12 Thread Joel Esler (jesler) via clamav-users 
Would the community be willing to pay for updates?

Sent from my  iPhone

On Mar 12, 2021, at 17:41, Rémy DODIN via clamav-users 
 wrote:


Hi,

I just found that my "antivirus essentiel" installed package provided by 
Synology is unable to update virus definition file since 03/06/2021 !
This package is build on ClamAV

There are lot of products no more working yet !
Qnap, Synology etc
Under ArcaOS etc


Before blocking updates, I think that user had to be informed about changes a 
few month before
This is a top severity unsecure issue.
(putting so many people out of new viruses protection ! - All do not have 
skills to correct Like, I do not have needed skills)

It would be nice providing a quick solution for those with any skills.
I'm fully out of protection yet (unable to implement cvdupdate ! no skills for 
this)

Best regards
Rémy


"Ce message et toutes ses pièces jointes sont établis à l'intention exclusive 
de son/ses destinataire(s) et sont confidentiels. Si vous recevez ce message 
par erreur, merci de le détruire et d'en avertir immédiatement l'expéditeur. 
Toute utilisation de ce message et/ou de son contenu par une personne autre 
qu'un destinataire, et toute diffusion ou publication ultérieure du contenu de 
ce message, en totalité ou en partie, est interdite sauf autorisation préalable 
et écrite de l'émetteur"

De: "Joel Esler (jesler) via clamav-users" 
À: "ClamAV users ML" 
Cc: "Joel Esler (jesler)" 
Envoyé: Vendredi 12 Mars 2021 00:17:21
Objet: Re: [clamav-users] Restriction of downloads

You’ll have to work with qnap. We can’t update qnap.

Sent from my  iPhone

On Mar 11, 2021, at 13:39, Harv Azad via clamav-users 
 wrote:


I’m a simple QNAP 509 (x2) user and having read the emails I’m a bit confused 
on how to resolve the issue of definitions not updating automatically.

Having worked out yesterday that I could update manually I downloaded the 
latest cvd file and updated both my servers but then when I look today, I cant 
see the file download links anymore.
I can see that there is some mention of Freshclam.  Happy to use this but could 
someone please clarify if this is something that sits on my qnap or on my pc?  
Can I then use this to manually download the definition files to update my 
qnaps manually.

Sorry if these are basic questions.

Kind Regards
Harv Azad

Sent from Mail for Windows 10


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Restriction of downloads

2021-03-12 Thread G.W. Haywood via clamav-users 

Hi there,

On Sat, 13 Mar 2021, Rémy DODIN via clamav-users wrote:


I just found that my "antivirus essentiel" installed package
provided by Synology is unable to update virus definition file since
03/06/2021 !


Then should you not be talking to Synology?


... quick solution for those with any skills.


The solution has been published for years.  It's called freshclam and
it's what you should have been using, but apparently you weren't, and
there's no point acting all surprised about it now.  Whether or not
you knew it, you were part of a big problem for the ClamAV team.  You
should be apologizing to them, not telling them what you think they
should have done to get you to stop abusing the valuable service which
they provide to the whole planet at no charge.


I'm fully out of protection yet ...


Please take this opportunity to calm down and think about what you're
doing.  You seem to think that before this happened your system *was*
somehow magically "protected" and that now the protection is gone.
Unfortunately, for reasons which at the moment don't matter but which
we can go into in due course, it really isn't like that.

For now, quit complaining and let us have technical details about your
system so that we can help you.  We aren't clairvoyant, so without the
details we can't help you very much at all.  Your computer, operating
system, the main applications for the computer, the exact versions of
whatever approximation to ClamAV that you have obtained from Synology,
how your computer connects to the Internet.  Read a few posts on this
mailing list to get other ideas about useful information to give us,
and think about anything else you can tell us that might be relevant.


"Ce message et toutes ses pièces jointes sont établis à l'intention
exclusive de son/ses destinataire(s) et sont confidentiels. Si vous
recevez ce message par erreur, merci de le détruire et d'en avertir
immédiatement l'expéditeur. Toute utilisation de ce message et/ou de
son contenu par une personne autre qu'un destinataire, et toute
diffusion ou publication ultérieure du contenu de ce message, en
totalité ou en partie, est interdite sauf autorisation préalable et
écrite de l'émetteur"


Can you turn this off?  This is, after all, a mailing list.

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] On-access scanning on CentOS 8

2021-03-12 Thread G.W. Haywood via clamav-users 

Hi there,

On Fri, 12 Mar 2021, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) via 
clamav-users wrote:


I've been experimenting with ClamAV on various Linux distributions
and have had trouble doing on-access scanning on CentOS 8 machines -
everything installs fine and I can do on-demand scanning with
clamscan but on-access scanning isn't preventing me from accessing a
test infected file.  I see this behavior right now with ClamAV
0.103.0 on:
AWS CentOS 8.2 (4.18.0-193.6.3.el8_2.x86_64)
GCP CentOS 8.3 (4.18.0-240.10.1.el8_3.x86_64)

I've got a repo with Ansible playbooks to do the installation and
test on-access on on-demand testing:
https://github.com/pfuntner/clamav-onacc.  I've gotten successes
consistently using the same playbooks with Debian 9 and 10.
Am I doing something wrong?


Sorry, I have no experience of Centos, but there are surely Centos
users lurking here.  Until one pops up, my wild guess - no, you aren't
doing anything wrong but you might need to do some more work.  And my
speculation - look into the kernel configurations.

A quick search found this:

https://marc.info/?l=clamav-users=160824995205483=2

(Doesn't Cisco own Sourcefire? :)

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Restriction of downloads

2021-03-12 Thread Rémy DODIN via clamav-users 

Hi, 


I just found that my "antivirus essentiel" installed package provided by 
Synology is unable to update virus definition file since 03/06/2021 ! 
This package is build on ClamAV 


There are lot of products no more working yet ! 
Qnap, Synology etc 

Under ArcaOS etc 





Before blocking updates, I think that user had to be informed about changes a 
few month before 
This is a top severity unsecure issue. 

(putting so many people out of new viruses protection ! - All do not have 
skills to correct Like, I do not have needed skills) 


It would be nice providing a quick solution for those with any skills. 
I'm fully out of protection yet (unable to implement cvdupdate ! no skills for 
this) 



Best regards 
Rémy 




"Ce message et toutes ses pièces jointes sont établis à l'intention exclusive 
de son/ses destinataire(s) et sont confidentiels. Si vous recevez ce message 
par erreur, merci de le détruire et d'en avertir immédiatement l'expéditeur. 
Toute utilisation de ce message et/ou de son contenu par une personne autre 
qu'un destinataire, et toute diffusion ou publication ultérieure du contenu de 
ce message, en totalité ou en partie, est interdite sauf autorisation préalable 
et écrite de l'émetteur" 
- Mail original -

De: "Joel Esler (jesler) via clamav-users"  
À: "ClamAV users ML"  
Cc: "Joel Esler (jesler)"  
Envoyé: Vendredi 12 Mars 2021 00:17:21 
Objet: Re: [clamav-users] Restriction of downloads 

You’ll have to work with qnap. We can’t update qnap. 


Sent from my  iPhone 



On Mar 11, 2021, at 13:39, Harv Azad via clamav-users 
 wrote: 








I’m a simple QNAP 509 (x2) user and having read the emails I’m a bit confused 
on how to resolve the issue of definitions not updating automatically. 

Having worked out yesterday that I could update manually I downloaded the 
latest cvd file and updated both my servers but then when I look today, I cant 
see the file download links anymore. 
I can see that there is some mention of Freshclam. Happy to use this but could 
someone please clarify if this is something that sits on my qnap or on my pc? 
Can I then use this to manually download the definition files to update my 
qnaps manually. 

Sorry if these are basic questions. 

Kind Regards 
Harv Azad 

Sent from Mail for Windows 10 

___ 

clamav-users mailing list 
clamav-users@lists.clamav.net 
https://lists.clamav.net/mailman/listinfo/clamav-users 


Help us build a comprehensive ClamAV guide: 
https://github.com/vrtadmin/clamav-faq 

http://www.clamav.net/contact.html#ml 




___ 

clamav-users mailing list 
clamav-users@lists.clamav.net 
https://lists.clamav.net/mailman/listinfo/clamav-users 


Help us build a comprehensive ClamAV guide: 
https://github.com/vrtadmin/clamav-faq 

http://www.clamav.net/contact.html#ml 


___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] On-access scanning on CentOS 8

2021-03-12 Thread John Pfuntner -X (jpfuntne - EASI LLC at Cisco) via clamav-users 
I've been experimenting with ClamAV on various Linux distributions and have had 
trouble doing on-access scanning on CentOS 8 machines - everything installs 
fine and I can do on-demand scanning with clamscan but on-access scanning isn't 
preventing me from accessing a test infected file.  I see this behavior right 
now with ClamAV 0.103.0 on:

AWS CentOS 8.2 (4.18.0-193.6.3.el8_2.x86_64)
GCP CentOS 8.3 (4.18.0-240.10.1.el8_3.x86_64)

I've got a repo with Ansible playbooks to do the installation and test 
on-access on on-demand testing: https://github.com/pfuntner/clamav-onacc.  I've 
gotten successes consistently using the same playbooks with Debian 9 and 10.

Am I doing something wrong?

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Private Mirror Via Artifactory

2021-03-12 Thread Paul Kosinski via clamav-users 
On Fri, 12 Mar 2021 15:47:02 + (GMT)
"G.W. Haywood via clamav-users"  wrote:

> Hi there,
> 
> On Fri, 12 Mar 2021, Arjen de Korte via clamav-users wrote:
> 
> > Citeren "G.W. Haywood via clamav-users" :
> >  
> >> I think the OP was saying that he's not allowed to do that. ...  
> >
> > I see no reason why. ...  
> 
> Nor do I.  But he said it was for the government, which says to me
> that rational argument will have precious little to do with it. :/


The same applies to many organizations that are big enough -- and have
been established long enough -- to have Policies.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Private Mirror Via Artifactory

2021-03-12 Thread G.W. Haywood via clamav-users 

Hi there,

On Fri, 12 Mar 2021, Arjen de Korte via clamav-users wrote:


Citeren "G.W. Haywood via clamav-users" :


I think the OP was saying that he's not allowed to do that. ...


I see no reason why. ...


Nor do I.  But he said it was for the government, which says to me
that rational argument will have precious little to do with it. :/

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Private Mirror Via Artifactory

2021-03-12 Thread Arjen de Korte via clamav-users 

Citeren "G.W. Haywood via clamav-users" :


One might still workaround this issue, by setting up a private
mirror *outside* of your network perimeter ...

I think the OP was saying that he's not allowed to do that.  The way
things are for him at the moment, the path of least resistance might
be a USB stick...


I see no reason why. If the internal freshclam clients are allowed to  
connect to the ClamAV servers on the outside through Artifactory, why  
wouldn't they be allowed to connect to a private mirror on the outside  
through Artifactory? As long as the connection is made through  
Artifactory, there is no real difference: neither the ClamAV servers,  
nor the private mirror is in the protected environment. The benefit of  
putting the private mirror in between, is that one has full control  
over the access restrictions. This private mirror could be hosted  
almost anywhere (as long as it has sufficient bandwidth available).





___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Private Mirror Via Artifactory

2021-03-12 Thread G.W. Haywood via clamav-users 

Hi there,

On Fri, 12 Mar 2021, Arjen de Korte via clamav-users wrote:


One might still workaround this issue, by setting up a private
mirror *outside* of your network perimeter ...


I think the OP was saying that he's not allowed to do that.  The way
things are for him at the moment, the path of least resistance might
be a USB stick...

--

73,
Ged.

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Private Mirror Via Artifactory

2021-03-12 Thread Arjen de Korte via clamav-users 

Citeren Paul Smith via clamav-users :

If your only option is to use artifactory, then you need to contact  
JFrog's technical support because they're the only people who can  
fix that. After all, that's what you're paying them for. I'm sure  
they'll be working on (or will already have) an update to work with  
the new restrictions.


One might still workaround this issue, by setting up a private mirror  
*outside* of your network perimeter and point your internal freshclam  
clients to use that mirror instead of the ClamAV servers. As long as  
the private mirror is well behaved when it contacts the ClamAV  
servers, you can have any or none restrictions for the files the  
private mirror serves (including allowing full downloads of the .cvd  
files as often as you like). Other than changing the freshclam  
configuration files to point to your private mirror, it would require  
no changes to artifactory at all.



___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Restriction of downloads

2021-03-12 Thread Matus UHLAR - fantomas 

On 11.03.21 19:38, Harv Azad via clamav-users wrote:

I’m a simple QNAP 509 (x2) user and having read the emails I’m a bit confused 
on how to resolve the issue of definitions not updating automatically.


Hello,

unfortunately TS-509 Pro is EOL by QNAP, so they won't release even security
updates:

https://www.qnap.com/en/product/eol.php

Also, unfortunately, QNAP seems only put new ClamAV versions for versions in
"OS and Application Updates and Maintenance", 509 ran out of that in 2017-12.

Also, TS-509 Pro has 1GB of RAM, which is not enough for clamav
(on my system it takes over 1.5GB of RAM).

I'm not sure whether 509 has upgradable RAM (doesn't seem so), but without
it clamav is quite useless there.


Having worked out yesterday that I could update manually I downloaded the
latest cvd file and updated both my servers but then when I look today, I
cant see the file download links anymore.  I can see that there is some
mention of Freshclam.  Happy to use this but could someone please clarify
if this is something that sits on my qnap or on my pc?  Can I then use this
to manually download the definition files to update my qnaps manually.


freshclam is clamav update, bundled with clamav distribution. QNAP contains
it too. Note that in your case (and mine) it's too old (0.99) and
unsupported, and doesn't support cdiffs.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"Where do you want to go to die?" [Microsoft]

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Private Mirror Via Artifactory

2021-03-12 Thread Matus UHLAR - fantomas 

On 11.03.21 23:28, adam.cop...@arola.co.uk via clamav-users wrote:

  Thank you for replying however we are using freshclam the approved method.
  The problem is that our setup is not allowed to go out via a proxy, the
  only method is to have artifactory mirror the public repo, but as that is
  now being blocked this is very problematic.


I believe you should contact artifactory to fix their mirror.

Using any mirror should lower the load on clamav servers, apparently they
messed it up.


  The reason for the setup is because I work for a government organisation
  so security is extremely tight. They only have limited ways of allowing
  public access and unfortunately this is the way currently.


--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux IS user friendly, it's just selective who its friends are...

___

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml