Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

Isn’t that literally the opposite of what needs to happen? On Dec 22, 2020, at 1:27 AM, Brent Clark via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: Hiya Can you please submit to Sanesecurity too. https://sanesecurity.com/contact-us/ Regards Brent On 2020/12/21 18:44, eric-l..

Re: [clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Yes Sent from my  iPhone > On Dec 22, 2020, at 02:30, Luca Sironi via clamav-users > wrote: > >  > Hello, > are those signatures coming from FireEye github already included on the > regular update ? > > regards > Luca > > ___ > > clamav-users m

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

On Dec 21, 2020, at 4:02 PM, eric-l...@truenet.com wrote: Joel, I pretty much disagree with this. 90% or greater of what is sent into http://clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover ju

Re: [clamav-users] Looks like we've gotten a new variant of Emotet getting through...

I pretty much disagree with this. 90% or greater of what is sent into clamav.net is covered in less than 24 hours, and to a much greater degree. We don’t aim to cover just the sample you sent in, we cover all the variants of that sample at the time, if possible. On Dec 21,

Re: [clamav-users] ClamAV Fireeye Rules?

Again, same as I wrote on the Snort list, we rewrote all of this detection and it is in the official ClamAV database, so If you are using fresh clam to update from clamav, you already have it. On Dec 17, 2020, at 3:44 PM, bobby via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: I

Re: [clamav-users] How can we consume .ldb files in ClamAV Ubuntu?

Also, we have shipped detection which detects the same things Fireeye was detecting and much more, also rewritten to be more efficient in the official ruleset. Sent from my  iPhone > On Dec 14, 2020, at 18:54, G.W. Haywood via clamav-users > wrote: > > Hi there, > >> On Mon, 14 Dec 2020,

Re: [clamav-users] local server takes time to update clamav db

Both of those things are done as well. Sent from my  iPhone > On Dec 13, 2020, at 19:24, Dave Warren via clamav-users > wrote: > > On 2020-12-11 08:51, Paul Kosinski via clamav-users wrote: >> "The whole CVD filename is not versioned (always "daily.cvd") which is >> why the CloudFlare cach

Re: [clamav-users] local server takes time to update clamav db

sleep for awhile and then try again. If the >>> second attempt still fails then give the error to the user. >> >> I want to be clear -- the message that was originally reported is not an >> error message. It's a verbose (a.k.a debug-level) message. If you're >

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 12:21 PM, G.W. Haywood via clamav-users > wrote: > > But the real fix must be in the hands of Cloudflare, or perhaps those > of Cloudflare's customers (making more fuss about something which, at > first sight, could very easily be remedied). While I agree, I am sure twea

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 11:58 AM, Paul Kosinski via clamav-users > wrote: > > I would imagine that Cloudflare has a means of fetching a specific file > from any of their own mirror servers (via its unique, non-anycast, IP > address) to check its operation. If ClamAV DB files could be requested >

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 9:07 AM, Andrew C Aitchison > wrote: > > On Thu, 10 Dec 2020, Joel Esler (jesler) via clamav-users wrote: > >>> >>> >> >> By “unable to resolve” Micah means: “There’s nothing more we can do >> to solve th

Re: [clamav-users] local server takes time to update clamav db

> On Dec 10, 2020, at 6:06 AM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Wed, 9 Dec 2020, Micah Snyder (micasnyd) via clamav-users wrote: > >> This message: >> “*The daily.cvd database downloaded from https://database.clamav.net >> is one version older than advertised in th

Re: [clamav-users] ClamAV perform monitoring of traffic

ClamAV scans files. Mail is one of those files it can scan. Attachments to those emails as well. ClamAV doesn’t scan traffic. As in Network Traffic. For that, see Snort. (snort.org ) -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talo

Re: [clamav-users] Errir parsing PNG files and 451_mail_server_temporarily_rejected_message

> On Oct 21, 2020, at 9:50 AM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Tue, 20 Oct 2020, Micah Snyder (micasnyd) via clamav-users wrote: > >> It seems as though the new PNG graphics format/CVE checker added in >> 0.103 is causing trouble for you and for some others. ... >

Re: [clamav-users] Google safebrowsing types and usage questions

Added. > On Oct 17, 2020, at 11:41 AM, G.W. Haywood wrote: > > Hi Joel, > > On Sat, 17 Oct 2020, Joel Esler (jesler) via clamav-users wrote: > >> That documentation lives here: >> https://github.com/Cisco-Talos/clamav-faq/blob/master/faq/faq-safebrowsing.md &g

Re: [clamav-users] Google safebrowsing types and usage questions

That documentation lives here: https://github.com/Cisco-Talos/clamav-faq/blob/master/faq/faq-safebrowsing.md A pull request will allow me to review and approve. Sent from my  iPhone > On Oct 17, 2020, at 07:56, Iulian Stan via clamav-users > wrote: > >  > Hi Ged, > > Yes, the definition

Re: [clamav-users] ClamAV - Emotet - Malware not detected

Can you provide the SHA256 hash of a couple of the files? -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Sep 16, 2020, at 4:43 AM, clamav-users@lists.clamav.net wrote: > > Hello, > > Today, we transmitted

[clamav-users] ClamAV® blog: ClamAV 0.103.0 released!

> > https://blog.clamav.net/2020/09/clamav-01030-released.html > > > ClamAV 0.103.0 released! > > Please visit the ClamAV Downloads page to > get your copy now! > > ClamAV 0.103.0 highlights > >

Re: [clamav-users] Listserve

Enjoy Stephen! Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users or by sending an email to clamav-users-le...@lists.clamav.net Thanks! -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Gro

Re: [clamav-users] freshclam frequency ?

Several of the problems that we’ve observed are things like a dockerized container or a VM that is reset constantly, so instead of being able to download the cdiffs, those machines have to download the whole daily/main. Those could benefit from a local mirror. Abusers are present but infreque

Re: [clamav-users] Transferring licence to new MacBook

Are you writing about ClamXav? As that is a product that is not produced by us. Our engine is taken and repackaged for that. > On Aug 30, 2020, at 9:43 AM, G. Hoffman via clamav-users > wrote: > > Hi users, > > I have just purchased a new MacBook and am trying to move my registration to >

Re: [clamav-users] ClamAV for commercial use

Rajat, As long as your use of it is compliance with the GPLv2, then yes. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Aug 27, 2020, at 5:22 AM, Rajat Gupta via clamav-users > wrote: > > Hello ClamAV,

[clamav-users] ClamAV® blog: ClamAV 0.103.0 release candidate

> > https://blog.clamav.net/2020/08/clamav-01030-release-candidate.html > > > ClamAV 0.103.0 release candidate > > Today we are pleased to announce the ClamAV 0.103.0 release candidate > !

Re: [clamav-users] [ext] Re: ClamAV® blog: Freshclam, cdiffs and bandwidth are your friends

As I said, checking the DNS TXT entry is fine. Checking that every hour is fine, (just in case we push something immediate). Downloading the cdiffs is fine. Downloading the entire CVD files constantly is not fine. Sent from my  iPad > On Jul 29, 2020, at 04:37, Ralf Hildebrandt via clamav-u

Re: [clamav-users] ClamAV HTML RealURL DisplayURL failed

Are you writing your rule to detect the correct file type? Sent from my  iPad > On Jul 29, 2020, at 06:02, shishab...@vollbio.de wrote: > > hi @ all, > > i use postfix, amavisd and clamav with urlhaus ndb (for ClamAV) sig from > urlhaus.abuse.ch. if i send or receive a mail with a hyperlink

Re: [clamav-users] ClamAV® blog: Freshclam, cdiffs and bandwidth are your friends

een? In > other words, is it always useless to check the TXT record more often? > > > >> On Mon, 27 Jul 2020 22:09:31 + >> "Joel Esler \(jesler\) via clamav-users" >> wrote: >> >> https://blog.clamav.net/2020/07/freshclam-cdiffs-eff

Re: [clamav-users] Clam AV Central Management Serve

half of > Sudhir Kumar Maharjan > Sent: Tuesday, July 28, 2020 2:59:11 PM > To: Joel Esler (jesler) > Cc: ClamAV users ML > Subject: Re: [clamav-users] Clam AV Central Management Serve > > Thanks, I'll check it out. > > On Tue, Jul 28, 2020, 7:39 PM Joel Esler

Re: [clamav-users] Clam AV Central Management Serve

c> | Facebook > <https://www.facebook.com/Deerwalk> | YouTube > <https://www.youtube.com/channel/UCawrNx5J26lzWs4viyaakRA> > > On Tue, Jul 28, 2020 at 6:06 PM Joel Esler (jesler) via clamav-users > mailto:clamav-users@lists.clamav.net>> wrote: > There is n

Re: [clamav-users] Clam AV Central Management Serve

There is not a central management system for ClamAV. We have a commercial product for that. It also contains ClamAV. Sent from my  iPad > On Jul 27, 2020, at 22:57, Sudhir Kumar Maharjan > wrote: > >  > Hello, > > We are using ClamAV for More than 500 Servers(Centos 7.8). And Till now we

[clamav-users] ClamAV® blog: Freshclam, cdiffs and bandwidth are your friends

https://blog.clamav.net/2020/07/freshclam-cdiffs-effect-on-bandwidth.html Freshclam, cdiffs and bandwidth are your friends During a recent review of file downloads from our ClamAV CDN network, we've noticed hundreds o

Re: [clamav-users] ClamAV Database update issue

Did sustain a DDoS last night, Cloudflare kicked in it’s anti-DDoS work that it does, but we’ve served about 6TB of update traffic in the past 30 minutes, so we should be good now. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | http

Re: [clamav-users] ClamAV Database update issue

Sudhir, At what time exactly? We sustained a small DoS last night against the update server. -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com | https://www.snort.org > On Jul 24, 2020, at 9:09 AM, Sudhir Kumar Maharjan > wrote: > >

[clamav-users] ClamAV® blog: ClamAV 0.102.4 security patch released

> https://blog.clamav.net/2020/07/clamav-01024-security-patch-released.html > ClamAV 0.102.4 is out now. Users can head over to clamav.net/downloads to download the release materials.

Re: [clamav-users] How to determine virus database version from behind proxy?

hu, Jul 9, 2020 at 11:55 PM Joel Esler (jesler) wrote: >> You’re just giving your lookup to someone else. > > That includes typical lookups to DNS servers. One could ask who has access > to each query, what they do with it, how long do they keep it, who else do > they give i

Re: [clamav-users] How to determine virus database version from behind proxy?

You’re just giving your lookup to someone else. Sent from my  iPhone > On Jul 9, 2020, at 14:11, Richard Graham via clamav-users > wrote: > >  > Or for more advertised privacy: > > curl -H 'accept: application/dns-json' > 'https://mozilla.cloudflare-dns.com/dns-query?name=current.cvd.cla

[clamav-users] ClamAV® blog: ClamAV 0.102.3 security patch released

> https://blog.clamav.net/2020/05/clamav-01023-security-patch-released.html > > > ClamAV 0.102.3 security patch released > > Today, we're publishing 0.102.3. Navigate to ClamAV's downloads page >

Re: [clamav-users] freshclam reports 403

Please give me your IP or the RayID that you receive in the error so I can lookup why you are blocked. Sent from my  iPhone > On May 2, 2020, at 07:09, Andreas Piesk via clamav-users > wrote: > > Hi list, > > for some time i get 403 when updating definitions with freshclam. > > The reque

Re: [clamav-users] clamsubmit error 500

Interesting. Please let me know if this occurs again. Thank you for your submissions! From: Arnaud Jacques Sent: Friday, May 1, 2020 12:45 PM To: ClamAV users ML Cc: Joel Esler (jesler) Subject: Re: [clamav-users] clamsubmit error 500 It works now. Thank you

Re: [clamav-users] clamsubmit error 500

Interesting, please try again? I'm not able to replicate the issue. On 5/1/20, 12:42 PM, "clamav-users on behalf of Arnaud Jacques" wrote: Hello Joel, Every time. Le 01/05/2020 à 17:46, Joel Esler (jesler) via clamav-users a écrit : > Does it happen e

Re: [clamav-users] clamsubmit error 500

Does it happen every time, or just once? On 5/1/20, 10:42 AM, "clamav-users on behalf of Arnaud Jacques" wrote: Hello, Using clamsubmit, I got : Unexpected POST submit response code: 500 -- Cordialement / Best regards, Arnaud Jacques Gérant de SecuriteInfo.com

Re: [clamav-users] IP Blacklisted by Mirror

Team — I control Cloudflare. Who is blocked and who is not is literally up to me. If you are being blocked, feel free to write me 1:1, share your IP with me, and I’ll tell you why you’re blocked. A ticket can also be filed on bugzilla.clamav.net under “mirrors”

Re: [clamav-users] ClamAV users

Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users or by sending an email to clamav-users-le...@lists.clamav.net Thanks! Sent from my  iPhone > On Apr 10, 2020, at 15:58, Stephen Baron via clamav-users > wro

Re: [clamav-users] Squid + ClamAV

> On Apr 7, 2020, at 10:24 AM, Henrik K wrote: > > On Tue, Apr 07, 2020 at 11:27:50AM +0100, G.W. Haywood via clamav-users wrote: >> >> I certainly don't subscribe to the view expressed in this thread (if >> that's the view that was expressed, and I'm not simply misrepresenting >> it) that thi

Re: [clamav-users] Status of SafeBrowsing CVD

Erik, Thank you for asking. We have discontinued the distribution of safebrowsing.cvd, as Google is now charging for access to this API. We plan to open source the tool we made to create this CVD file so anyone can get their own API key from Google and do it themselves. We just haven’t been

Re: [clamav-users] Mirror at microsoft has obsolete cvd files

Yes. You should ask Microsoft to stop distributing mirror updates, and people should get the official mirror updates from Clamav itself. Sent from my  iPhone > On Mar 27, 2020, at 07:34, Henrik Hoeg Thomsen1 via clamav-users > wrote: > > Mirrror at Microsoft is obsolete? > > https://pac

Re: [clamav-users] Gentoo Linux installation package for Fangfrisch is now available

This is cool. Thanks Ralph. Sent from my  iPad > On Mar 7, 2020, at 19:50, Ralph Seichter via clamav-users > wrote: > > It took a while for my submission to be processed, but the Gentoo Linux > installation package is finally available: > > https://packages.gentoo.org/packages/app-antiviru

Re: [clamav-users] CLAMAV 0.99.2 question about last valid definition

Agreed. You need to upgrade the engine. Sent from my  iPad > On Feb 26, 2020, at 10:12, Arjen de Korte via clamav-users > wrote: > > Citeren 99r c via clamav-users : > >> I am in a situation (just started working here last month) where I have an >> install of a few RHEL 5.5 machines that

Re: [clamav-users] Clamav 0.99.2 and new virus definitions

I'm going to go with "No". Or they would have been written that way to begin with. We try to maximize compatibility with lowest known tested version as much as possible. Possibly what we should do is adjust the fLevel on those signatures. On Feb 20, 2020, at 12:11 PM, 99r c via clamav-users m

[clamav-users] ClamAV® blog: ClamAV Bugzilla Upgrade

https://blog.clamav.net/2020/02/clamav-bugzilla-upgrade.html Attn: ClamAV users, we will be upgrading our version of bugzilla on Wednesday, February 19th, at 8:00 EST. The impact should be minimal, and should take no longer than a couple hours. We will notify you when it is back up. Thank you

Re: [clamav-users] user list

Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users or by sending an email to clamav-users-le...@lists.clamav.net Thanks! From: clamav-users on behalf of fritz blum via clamav-users Reply-To: ClamAV user

Re: [clamav-users] unsubscribe

Thank you for writing in. Go to this URL to change user options or unsubscribe: https://lists.clamav.net/mailman/listinfo/clamav-users or by sending an email to clamav-users-le...@lists.clamav.net Thanks! On 2/11/20, 12:18 PM, "clamav-users on behalf of Christiansen, Edward - 0992 - MITLL"

Re: [clamav-users] update 25717 clamdmon showing NO OK

Any additional logs you can provide? -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com On 2/7/20, 7:59 AM, "clamav-users on behalf of Mark Moshe Kaye" wrote: Hi All, As of daily.cld update 25717 my clamdmon process no l

Re: [clamav-users] gui themes, stilllllllllll asking please

What GUI themes? Sent from my  iPhone On Feb 6, 2020, at 06:45, Jack via clamav-users wrote:  How are the gui themes coming pleasse?? Thanks! Jack in Idaho ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.

[clamav-users] ClamAV® blog: ClamAV 0.102.2 security patch released

https://blog.clamav.net/2020/02/clamav-01022-security-patch-released.html Today, we're publishing 0.102.2. Navigate to ClamAV's downloads page to download the release materials. 0.102.2 ClamAV 0.102.2 is a security patch release to address the following issues.

Re: [clamav-users] messages in freshclam.log

--- >> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On >> Behalf Of Sohin Vyacheslav via clamav-users >> Sent: Monday, December 23, 2019 10:16 AM >> To: Joel Esler (jesler); ClamAV users ML >> Cc: Sohin Vyacheslav >> Subject: Re: [clamav-use

Re: [clamav-users] messages in freshclam.log

These don’t exist. All of these addresses simply point at database.clamav.net. So, it makes no sense to point them to anything else. Sent from my  iPad > On Dec 23, 2019, at 04:19, Sohin Vyacheslav via clamav-users > wrote: > > DatabaseMirror db.nl.ipv6.clamav.net > DatabaseMirror db.fr.ip

Re: [clamav-users] Why virus definition DB download url is not https?

The definitions are cached by our CDN now. Https just makes the transport layer encrypted. The definitions are already signed, as you all know. Sent from my  iPhone > On Dec 13, 2019, at 04:43, Matus UHLAR - fantomas wrote: > > On 12.12.19 22:15, Joel Esler (jesler) via cla

Re: [clamav-users] Why virus definition DB download url is not https?

They are served over https. But only 102.x supports https. So as soon as everyone moves to https, I’ll gladly decommission http. Sent from my  iPhone > On Dec 12, 2019, at 15:01, Nick Howitt wrote: > > But If you are behind another virus scanner, it can't so easily be > intercepted and t

Re: [clamav-users] Sigtool problem

What happens if you issue the full part in the sigtool command? Sent from my  iPhone > On Nov 27, 2019, at 13:08, Paul via clamav-users > wrote: > > Hi > > Am I missing something here or is sigtool broken in 101.5 > > > root@larch:/tmp/paul# ls /var/lib/clamav/*.cld -lh > -rw-r--r-- 1 cla

Re: [clamav-users] ClamAV® blog: ClamAV is planning on publishing a new main.cvd

On Nov 22, 2019, at 1:45 PM, Matus UHLAR - fantomas mailto:uh...@fantomas.sk>> wrote: On 22.11.19 15:39, Joel Esler (jesler) via clamav-users wrote: https://blog.clamav.net/2019/11/clamav-is-planning-on-publishing-new.html ClamAV is planning on publishing a new main.cvd This serves as

[clamav-users] ClamAV® blog: ClamAV is planning on publishing a new main.cvd

https://blog.clamav.net/2019/11/clamav-is-planning-on-publishing-new.html ClamAV is planning on publishing a new main.cvd This serves as notice that we are planning on publishing a new main.cvd and a cdiff Monday, November 25, 2019. In the past we notified our mirror maintainers to let them kn

[clamav-users] ClamAV® blog: ClamAV 0.102.1 and 0.101.5 patches have been released!

https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html ClamAV 0.102.1 and 0.101.5 patches have been released! Today we are publishing two patch versions, 0.102.1 and 0.101.5. Both of these can be found on ClamAV's downloads page, with 0.102.1

Re: [clamav-users] ClamAV not listed at VirusTotal anymore

I just uploaded a file, and I see it > On Nov 6, 2019, at 9:04 AM, MAYER Hans via clamav-users > wrote: > > > Dear All, > > I uploaded a file for testing at VirusTotal just now. > I am wondering that ClamAV is not listed anymore. Some hours earlier it was. > Does anyone know about that

Re: [clamav-users] Continuous increase of startup time (is daily.cld broken?)

Gotta keep detection around for “old” stuff. First of all, who defines old? Second of all, when ClamAV is tested in third party analysis, we aren’t tested against “just new stuff” Sent from my  iPad > On Oct 7, 2019, at 16:11, G.W. Haywood via clamav-users > wrote: > > Hi there, > >> On M

Re: [clamav-users] Continuous increase of startup time (is daily.cld broken?)

On Oct 7, 2019, at 6:39 AM, Vladislav Kurz via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: On 07/10/2019 08:57, Sergey wrote: On Friday 13 September 2019, Markus Kolb via clamav-users wrote: I've opened an enhacement bug for this: https://bugzilla.clamav.net/show_bug.cgi?id=1238

Re: [clamav-users] [Clamav-devel] ClamAV(R) blog: ClamAV 0.102.0 Release Candidate is now available

This is super critical to the future of where ClamAV is headed. So, while I understand it’s a pain in the butt, we need to work out, as a community, maybe with an faq page contributed by all of us, how to get past this hurdle. Sent from my  iPhone > On Oct 5, 2019, at 09:41, Dennis Peterson

Re: [clamav-users] Question

You mean on clamav.net/downloads? -- Joel Esler Manager, Communities Division Cisco Talos Intelligence Group http://www.talosintelligence.com From: clamav-users on behalf of alex mc via clamav-users Reply-To: ClamAV users ML Date: Thursday, October 3, 2019 at 12:31 PM To: "clamav-us

Re: [clamav-users] [Clamav-devel] ClamAV(R) blog: ClamAV 0.102.0 Release Candidate is now available

> > > Rick > > From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf > Of Joel Esler (jesler) via clamav-users > Sent: Tuesday, October 01, 2019 11:00 AM > To: ClamAV users ML > Cc: Joel Esler (jesler); J.R. > Subject: Re: [clamav-users]

[clamav-users] ClamAV® blog: ClamAV 0.102.0 has been released!

https://blog.clamav.net/2019/10/clamav-01020-has-been-released.html ClamAV 0.102.0 has been released! Today we are excited to release ClamAV 0.102.0! Users that have tested the 0.102.0 release candidate may note that the 0.102.0 release includes a handful of minor bug fixes and improvements ov

Re: [clamav-users] [Clamav-devel] ClamAV(R) blog: ClamAV 0.102.0 Release Candidate is now available

On Oct 1, 2019, at 10:29 AM, J.R. via clamav-users mailto:clamav-users@lists.clamav.net>> wrote: ClamAV isn't responsible for maintaining spec files, those are DISTRO-SPECIFIC... Imagine if they were supposed to maintain packages for every distro out there... That would basically bring developm

Re: [clamav-users] Programmatic determination of latest stable version

Either navigating to clamav’s download site, or using something like fresh Lan’s code to check the DNS entry for latest stable version. Sent from my  iPhone > On Sep 16, 2019, at 16:09, Callahan, Michael (M.) via clamav-users > wrote: > >  > Is there an endpoint or preferred method of pro

Re: [clamav-users] Programmatic determination of latest stable version

Freshclam* Sent from my  iPhone > On Sep 16, 2019, at 16:11, jes...@cisco.com wrote: > > Either navigating to clamav’s download site, or using something like fresh > Lan’s code to check the DNS entry for latest stable version. > > Sent from my  iPhone > >>> On Sep 16, 2019, at 16:09, Cal

[clamav-users] ClamAV® blog: ClamAV 0.102.0 Release Candidate is now available

https://blog.clamav.net/2019/09/clamav-01020-release-candidate-is-now.html ClamAV 0.102.0 Release Candidate is now available Today we are publishing the release candidate for ClamAV 0.102.0 (clamav-0.102.0-rc). There have been some bug fixes and minor improvements since the 0.102.0 beta. We

Re: [clamav-users] Broken link

This has been fixed. > On Sep 10, 2019, at 11:52 AM, Joel Esler (jesler) via clamav-users > wrote: > > Thank you Jerry. > >> On Sep 10, 2019, at 10:09 AM, Jerry via clamav-users >> wrote: >> >> I am not sure who to report his to,so I figured I woul

Re: [clamav-users] Broken link

Thank you Jerry. > On Sep 10, 2019, at 10:09 AM, Jerry via clamav-users > wrote: > > I am not sure who to report his to,so I figured I would start here. > > The following link: > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-virusdb > > on https://www.clamav.net/reports/fp > > resu

Re: [clamav-users] Fwd: Fwd: Fwd: freshclam incremental update

r buffer > %s:%s *Loading signatures from %s > [...] ^pipe() failed: %s > ^dup2() failed: %s > ^fork() failed: %s > LibClamAV Warning: *%s ^waitpid() failed: %s > gmtime: %s > %a, %d %b %Y %X GMT TCP webcache %cinet_ntop() failed > Trying host %s (%s)... > !C

Re: [clamav-users] Fwd: Fwd: freshclam incremental update

This looks promising to troubleshoot. Sent from my  iPhone > On Sep 4, 2019, at 03:01, Birger Birger via clamav-users > wrote: > > Sep 4 08:40:01 zentyal kernel: [345190.998397] audit: type=1400 > audit(1567579201.044:83): apparmor="DENIED" operation="connect" > profile="/usr/bin/freshclam

Re: [clamav-users] Automated submissions to third party databases?

On 9/3/19, 4:15 AM, "clamav-users on behalf of G.W. Haywood via clamav-users" wrote: Hi Joel, On Mon, 2 Sep 2019, Joel Esler (jesler) wrote: > >> On Sep 2, 2019, at 05:11, G.W. Haywood via clamav-users ... wrote: >> >> ... I

Re: [clamav-users] Automated submissions to third party databases?

Have you automated their upload to ClamAV.net using clamsubmit? Sent from my  iPhone > On Sep 2, 2019, at 05:11, G.W. Haywood via clamav-users > wrote: > > Hi there, > > If you've been paying even scant attention to the list mail you'll > know that I've been doing some testing, particularly

Re: [clamav-users] freshclam incremental update

Db.se.clamav.net just points to database.clamav.net. In fact, all of the country domain names point to database now. Sent from my  iPhone > On Sep 1, 2019, at 09:58, Birger Birger via clamav-users > wrote: > >  > Deleted the mirrors.dat file and tried a new freshclam with result: > getp

Re: [clamav-users] freshclam incremental update

Good question. Sent from my  iPhone > On Sep 1, 2019, at 13:04, Matus UHLAR - fantomas wrote: > >  >> >>> On Sun, 1 Sep 2019, Birger Birger via clamav-users wrote: >>> Deleted the mirrors.dat file and tried a new freshclam with result: >>> getpatch: can't download daily-25559.cdiff from db

Re: [clamav-users] How to boost clamav? Reloading database results in a talking timeout?

Alright. I think we’ve beat the proverbial dead horse here. The devs know this is a request and they will get it into their dev queue for examination. Sent from my  iPhone > On Sep 1, 2019, at 13:21, G.W. Haywood via clamav-users > wrote: > > Hi there, > >> On Sun, 1 Sep 2019, Thomas Ba

Re: [clamav-users] Disable official database

I mean, it's possible not to download the official definitions and just point at a custom file right? > On Aug 24, 2019, at 10:29 AM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > On Sat, 24 Aug 2019, azu...@pobox.sk wrote: > >> is it possible to disable official virus database? I

Re: [clamav-users] Pure Perl milter for clamd.

What I have found is: If a project has usefulness for you, and you are willing to open it up to others, it probably has usefulness to someone else. > On Aug 22, 2019, at 12:48 PM, G.W. Haywood via clamav-users > wrote: > > Hi there, > > Anyone interested in a pure Perl ClamAV milter? > > O

[clamav-users] ClamAV® blog: ClamAV 0.101.4 security patch release has been published

> > https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html > > > ClamAV 0.101.4 security patch release has been published > > Today we have published the ClamAV 0.101.4 security patch release.

Re: [clamav-users] How do you add specific files to white list ?

> On Aug 20, 2019, at 1:22 PM, Noel Jones wrote: > > On 8/20/2019 11:51 AM, Asok Kumar via clamav-users wrote: >> i am using ClamAV version 0.101.3 and using the parameters below and >> Heuristics.Limits.Exceeded FOUND because i have enabled it in scanning. how >> do i add specific files to t

Re: [clamav-users] Packaging ClamAV

> On Aug 13, 2019, at 7:46 AM, Tuomo Soini wrote: > > On Mon, 12 Aug 2019 15:37:47 + > Graeme Fowler via clamav-users > wrote: > >> On 12/08/2019, 16:21, "Nick Howitt" > > wrote: >>> >>> Then you can't start clamd on instal

Re: [clamav-users] Update Frequency (15 min or 10 mins)

And to further answer your question, at present, we are only updating the daily.cvd daily. > On Aug 13, 2019, at 8:23 AM, Reio Remma via clamav-users > wrote: > > On 13/08/2019 15:17, Manna, Mohammed via clamav-users wrote: >> Hello, >> >> From the docs – it says that the most frequent u

Re: [clamav-users] clamsubmit error

102.0-beta seems to be working correctly, haven't established why exactly. Jerry, can you replicate? > On Aug 13, 2019, at 9:06 AM, Arnaud Jacques > wrote: > > Hello Jerry, > > It works now for me (clamsubmit compiled from 0.102.0-beta sources). > It seems older version does not work anymore

Re: [clamav-users] Packaging ClamAV

Probably need to kick off freshclam as part of the install. Sent from my  iPhone > On Aug 12, 2019, at 17:00, Scott Kitterman via clamav-users > wrote: > > On Monday, August 12, 2019 4:49:01 PM EDT Nick Howitt wrote: >> On 12/08/2019 19:16, J.R. via clamav-users wrote: I would suggest

Re: [clamav-users] clamsubmit error

net/presigned. > Unable to continue submission. > > Where does this message come from ? Communication between client and server ? > Datas submitted ? Server side error ? > > > > Le 09/08/2019 à 07:53, Joel Esler (jesler) via clamav-users a écrit : >> We’re looking in

Re: [clamav-users] Packaging ClamAV

I would suggest not packaging them at all, and they should be downloaded from the update servers the first time the update is ran. > On Aug 12, 2019, at 9:47 AM, Nick Howitt wrote: > > On 12/08/2019 13:25, J.R. via clamav-users wrote: >> main.cvd rarely changes (last update was Jan 2018), it is

Re: [clamav-users] Fwd: [clamav-virusdb] Signatures Published daily - 25538

I’m working on it. Been at Blackhat/defcon Sent from my  iPhone > On Aug 11, 2019, at 07:32, Al Varnell via clamav-users > wrote: > >  > Any idea what happened here? I see details do show up in the file downloaded > from the hyperlink. > > -Al- >> Begin forwarded message: >> >> From: no

Re: [clamav-users] clamsubmit error

We’re looking into this Arnaud. Sent from my  iPad > On Aug 8, 2019, at 11:09, Arnaud Jacques wrote: > > Hello Micah, > > Still got the same error on each submitted file. > > >> Le 08/08/2019 à 17:18, Micah Snyder (micasnyd) via clamav-users a écrit : >> Clamsubmit currently uses web fo

Re: [clamav-users] [Clamav-devel] ClamAV® blog: ClamAV 0.101.3 security patch release and 0.102.0-beta have been published

Yeah, we have to update that bit. Sent from my  iPad > On Aug 5, 2019, at 23:44, Gary R. Schmidt wrote: > > On 06/08/2019 05:32, Joel Esler (jesler) wrote: >>> >>> https://blog.clamav.net/2019/08/clamav-01013-security-patch-release-and.html >>> >>

[clamav-users] ClamAV® blog: ClamAV 0.101.3 security patch release and 0.102.0-beta have been published

> > https://blog.clamav.net/2019/08/clamav-01013-security-patch-release-and.html > > > ClamAV 0.101.3 security patch release and 0.102.0-beta have been published > > We are pleased to introduce the ClamAV 0.101.3 se

Re: [clamav-users] Freshclam seems locked and can not be unlocked.

That’s a pretty broad statement. As a security minded person, I’d think you’d want software that was the most patched against any possible vulnerabilities. Sent from my  iPhone > On Aug 4, 2019, at 10:15, Matus UHLAR - fantomas wrote: > > There is no point of havine newest version of any s

Re: [clamav-users] Creating basic signature files info missing?

I believe it still works, but yes, you shouldn't use it. > On Aug 2, 2019, at 3:51 PM, J.R. via clamav-users > wrote: > > When browsing the page on creating signatures for clamav, I couldn't > find info on the *.db format > > https://www.clamav.net/documents/creating-signatures-for-clamav > >

Re: [clamav-users] ClamAV: Local Private Mirror

Inline below: > On Aug 1, 2019, at 11:33 PM, J.R. via clamav-users > wrote: > >> I think that's the intended purpose of the local private mirror in this case. >> > > I realize that, but I believe in that person's case back the he was > doing a basic web server to re-distributed the full .cvd

Re: [clamav-users] ClamAV: Local Private Mirror

> On Jul 31, 2019, at 11:04 AM, Henrik K wrote: > > On Wed, Jul 31, 2019 at 02:49:33PM +0000, Joel Esler (jesler) via > clamav-users wrote: >> >> The only problem with the local mirrors, from our point of view are a couple >> things: >> >> 1. I do

<    1   2   3   4   5   6   7   8   9   10   >