added a
non-unique name; not a great issue as both signatures are working.
Anyway it will be fixed in one of the next updates.
Thanks for poining out.
Regards,
acab
---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk
On 10/19/04 17:26, Pete D wrote:
Hello all.
I just upgraded to the new ClamAV 0.80. I use the
clamscan command along with the --leave-temps flag to
generate the main.db and daily.db files. I am using a
SMTP proxy spam program called ASSP that uses these db
files for preliminary virus detection.
On 11/23/04 09:20, David Wu wrote:
I am not able to have clamd (and clamav-milter) built on BSD/OS 4.2 from
0.8 source, although everything else built and run without problem (after
fiddling with integer type define).
Found in clamd/Makefile the following with the obvious meaning that clamd
not be
On 11/26/04 10:54, David Wu wrote:
Did all that but the end result is the same. I did try to change
config.status and then ran that. clamd did compile but I saw a few lines
of compiler output (probably from the compiling of freshclam) with
-DCL_NOTHREADS in them, so I do not dare use the
Some info here:
http://wiki.clamav.net/index.php/Submit%20a%20Bug
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
On 01/15/05 23:54, Phil Endecott wrote:
Dear Clam Experts,
I am contemplating adding clam scanning to a web application. Files
that users upload via a web form will be scanned before being stored in
a database. The application is written in C and called by CGI from Apache.
On first looking at
R. Steven Rainwater wrote:
reported through a more official channel than this list? Is there a
bugzilla somewhere?
http://bugs.clamav.net
___
http://lurker.clamav.net/list/clamav-users.html
Steve Holdoway wrote:
Or even
474946383761??0(0|1)??0044
Nope! Bytes only, no nibbles.
___
http://lurker.clamav.net/list/clamav-users.html
Tomasz Kojm wrote:
with 0.9x
Indeed! :)
___
http://lurker.clamav.net/list/clamav-users.html
Clamav wrote:
Hello!
I only want to report some warning messages during compilation on
Hi Clamav,
we are aware and we'll evenually clean them up.
Thanks for the report,
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Odhiambo Washington wrote:
config.status: error: cannot find input file: libclamav/Makefile.in
Weird! The file's definitely there and wasn't touched in 8 days now...
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
that, but the easiest is probably to just
use an http proxy.
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Brian Morrison wrote:
Happening again this evening, f=10 for daily.cvd
Hi Brian,
Sorry about that. Please ignore the warning for now.
We are working to fix the problem.
Thanks,
-aCaB
___
http://lurker.clamav.net/list/clamav-users.html
Christopher X. Candreva wrote:
Look like it's been clasified as a security bug, so I'll let the devel
people say what if anything they want to on the list.
That was due to the malicious sample attached.
The bug report itself should now be viewable.
-aCaB
Dennis Peterson wrote:
Dennis Peterson wrote:
Now that 0.90 is released how long will 88.7 supported? I have a lot
of backend stuff to rewrite and still have some DST patches to fight
with :)
The 0.8x serie is no longer supported, but we have provided package
maintainers with a set of
Cfengine rework
before going to 0.90. Thanks again.
You won't have a problem since you'll be able to fresh the db the old
way. the new freshclam does that as well if the new update scheme fails.
HTH
-aCaB
___
Help us build a comprehensive ClamAV guide
didn't change beside the addition of the
phishing related files.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
, ClamAv version 0.90 and we are
using ScriptedUpdates.
Hi Paul,
This happened to me a couple of times when I killed (TERM) freshclam
while a download was in progress...
Unfortunately I'm unable to reproduce the problem.
Could you please provide some hints?
-aCaB
Emin Islam Tatli wrote:
Hi,
I try to integrate clamav in my exim configuration.
as av_scanner I could not manage using clamd and always got the error
clamd: unable to read from socket (No such file or directory), even
though the files and directories existed (pid and ctl files).
Make
Robert Isaac wrote:
Ooops. Strange how we always look for the complicated and forget the basic
simple things.
... like not to top post :)
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
?
If the former, then please provide us with the slow-scanning file. If
the latter then you may want to tweak your scan options.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
better approach could be to play around with the archive
related settings in your command line or in clamd.conf.
Please check the manpages and try to decrease ArchiveMaxFileSize and
similar.
If nothing works than you'll have to disable olescanning completely or
to upgrade your hardware :P
Cheers,
-aCaB
sure you check the
private option.
Thanks,
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
happened and you mis-typed your reply.
Hi James,
please reread Tomasz's first post again, expecially where he says: Both
the ClamAV engine and the signature database will remain under GPL.
Cheers,
aCaB
___
Help us build a comprehensive ClamAV guide: visit
David F. Skoll wrote:
How will you be sure you have removed all contributed code whose copyright
is not owned by Sourcefire?
Hi David,
we have records for all the patches which ever made it into the code base.
SVN (plus a lot of manual work) tells us which of those are still current.
HtH,
aCaB
gypsy wrote:
I have posted to the Wiki in vain. Where is the correct place to post a
request for a feature?
https://wwws.clamav.net/bugzilla/
Please mark your bug report as enhancement.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit
Stephen Gran wrote:
You are not authorized to access bug #736.
Hi Stephen,
please try again.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
to it for
redistribution rules.
Cheers,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
about that, the hw support is currently available as a patch and
can be found under contrib/hwaccel/hwaccel.patch
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
sure you mark it as False Positive.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
René Berber wrote:
Bad advice, how do you know it's a false positive?
In the same we we know that a file is actually infected: we check it.
We don't blindly add all submitted virus as such, nor we blindly remove
signatures based on FP reports.
-aCaB
Brandon Perry wrote:
Hi, I am just wondering if anyone knows where I can get a description
for Trojan.Jesta? It has been found in a customer's computer in C:
\Program Files\Sony\Welcome to VAIO life\ and I am wondering if this is
known or if this is just a coincidence that the Trojans are
Brandon Perry wrote:
I don't know if it is truly clean or not. That is why I wanted to see
the description before I uploaded them.
Then just ask for a second opinion. Use your own scanner or check
http://virusscan.jotti.org/ or http://www.virustotal.com/
-aCaB
?
Thanks,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
- Are you aware of what the ArchiveBlockMax option does and if so, have
you set it to on? And why?
Thanks a lot for your attention and your time.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net
specify the FPU endianess.
This is currently in SVN and will be included in the next stable release.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
aCaB wrote:
Hi list.
I'm in the process of redesigning the logic of limits in ClamAV.
The rewrite (scheduled for the upcoming 0.93) is aimed at solving, once
for all, the annoyances related to config options like
(clamd.conf-style): ArchiveMaxFileSize, ArchiveMaxRecursion,
ArchiveMaxFiles
the past.
However, despite being extensive, our tests cannot simulate YOUR
peculiar environment... which is why we are asking for YOUR results and
opinions.
Thanks everyone for the feedbacks.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http
that wordpress, which advertise
itself as an OSS project is actually shipping lamed/obfuscated code.
Oh well...
Apologies again,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav
Henrik K wrote:
On Wed, Apr 09, 2008 at 03:53:16PM +0200, aCaB wrote:
Henrik K wrote:
But I have another one, also without PUA ;-)
http://www.beta.wetter.com/lib/js/1d7c7a52.js --
Trojan.Downloader.JS.Agent-2
This is also a ajax - jquery - lib from a popular, german - website.
I can
Henrik K wrote:
On Wed, Apr 09, 2008 at 04:49:17PM +0200, aCaB wrote:
Henrik K wrote:
On Wed, Apr 09, 2008 at 03:53:16PM +0200, aCaB wrote:
Henrik K wrote:
But I have another one, also without PUA ;-)
http://www.beta.wetter.com/lib/js/1d7c7a52.js --
Trojan.Downloader.JS.Agent-2
3819.
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
?
Hi ANANT,
The bug is fixed in SVN, please give it a try.
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
contain any malicious content.
Hi Steve,
Thanks for the report, however the bad signature was removed ~30 hours ago.
You'd better run freshclam more often.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http
There's a patch attached to solve this compilation issue.
Sorry for the trouble,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
with daily update 7388.
Apologies.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
Marcus Neukert wrote:
Forwarding to clamav-users-list, hoping for an answer ...
Please take a look at
http://lurker.clamav.net/message/20080129.163022.5183157e.en.html
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
with the
database, use svn. It's exactly the same stuff.
Your choice.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
can try passing -fdpass to clamdscan.
- Is the solution to launch clamd under my user safe ?
This would work too, however you need to make sure that clamd can access
the database and the log files (if any).
aCaB
___
Help us build a comprehensive ClamAV
doesn't provide any special functionality to the code, it's
just a library to help developing unit_tests.
Cheers,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
to create a custom zmd signature.
See http://www.clamav.net/doc/latest/signatures.pdf - paragraph 2.4
Just set the filename field to something like .*\.zip$, encrypted
to 0, whatever you like for the virusname and * for the remaining
fields.
Take care,
-aCaB
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
-gcc compilers.
Cheers,
-aCaB
P.S.: AIX is another platform we are currently unable to test, again
shell access is welcome.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
(or autoreconf) just don't use the
--force option.
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1194
If you have any suggestions just add them there, thanks.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
recommend to contact Sensory Networks directly for better support.
Anyway...
The old patch for nodalcore support has been kept in the source code
under /contrib/hwaccel.
It probably doesn't cleanly apply anymore at this point but it should be
a nice start.
Take care,
-aCaB
is a bit naive. It works well with
either one or a high number of clamds but it's definitely not smart
when only a limited number of scanners (2-3) is available.
Please take a look and send back bug reports, comments, suggestions,
requests, patches, flames, whatever.
Thanks,
-aCaB
/
Take care,
acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
details.
Cheers,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Should return something like:
current.cvd.clamav.net descriptive text 0.94.2:49:8967:1234189743:1:38
aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Steve Ladewig wrote:
The nameservers seem to be out of sync.
Confirmed,
we're working on it.
Thanks!
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
aCaB wrote:
Confirmed,
we're working on it.
DNS issues should be gone by now.
Cheers,
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
communication is still broken. This other issue has been located and
it's about to be fixed as well.
Keep an eye at the svn ChangeLog.
Cheers,
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net
aCaB wrote:
This other issue has been located and
it's about to be fixed as well.
Fixed in svn
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Steve wrote:
send test message to myself, and the mail log shows
Hi Steve,
please try r4793, it should be fixed.
If not please open a proper bug report on the bugzilla.
Cheers,
acab
___
Help us build a comprehensive ClamAV guide: visit http
Steve wrote:
Yaaay! That's fixed it. Many thanks.
Hi Steve,
Thanks to you for testing the software and reporting problems.
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Bill Landry wrote:
I checked after clamd was stopped, and neither the Pid nor Socket files
existed, which is probably why they could not be unlinked. Should I
open a bug about this or is this a known issue?
Yes, please.
-aCaB
___
Help us build
?
Cheers,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
(LocalSocket + TcpAddr + TcpSocket) wording from clamd.conf.
With that in mind, unifying clamd to the (very recent) milter syntax
(potentially breaking existing setups) seemed to me not a good idea.
-aCaB
___
Help us build a comprehensive ClamAV guide
Vincent Aniello wrote:
Since upgrading to clamav 0.95 I am getting the log message fd[10]: OK
appearing in my clamav log file. Clamav is configured to log to syslog.
Also, I am logging clean messages.
Hi Vincent,
Turn off LogClean in clamd.conf.
--acab
to do is to tune clamd.conf so that it suits your needs.
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
christian wrote:
but: how?
The easier option is probably to build clamav-milter from 0.94.2 and use
it together with clamd from 0.95.
http://downloads.sourceforge.net/clamav/clamav-0.94.2.tar.gz
--aCaB
___
Help us build a comprehensive ClamAV guide
.
This is mandated by the safebrowsing ToS:
Your application is not permitted to show warnings to end users unless
it has requested an update in the last 30 minutes without receiving an
error response.
http://code.google.com/apis/safebrowsing/developers_guide.html#Audience
-aCaB
-conf.pl
What is the correct syntax for running this script?
https://wiki.clamav.net/Main/UpgradeNotes095
Just invoke the script with the same parameters you were passing to the
old milter and then review all the preset options to make sure
everything is sane.
-acab
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
queue
- probably more...
As you see nothing that can't be done with about 10 lines in a
(shell|perl|python|...) script.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
different config options for these (notably
phish detection enabled) then you need two instances.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
.
For Stable users, the issue will be fixed in the upcoming 0.95.1 version
which is to be released soon. In the meantime it is recommended to set
LogInfected to Off (the default) or Basic in clamav-milter.conf.
For full details see:
https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1522
Thanks,
-aCaB
better job.
Moreover many scripts were flawed, not very tunable and none of them got
upgraded to the new milter...
At some point people started complaining (search this very ML archives)
and so they got removed.
Incidentally the /contrib dir is never included in the tarball release.
--aCaB
. Grab it here:
https://wwws.clamav.net/bugzilla/attachment.cgi?id=991
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
and postprocess the message based on the X-Virus- headers.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
not to disrupt running
services. We also take limited cpu and ram only when actively compiling
or running tests.
Thanks,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
/clamav-milter.log
Hi Lyubomir,
If you want X-Virus-XXX headers set AddHeader Yes.
If you want some more info logged from the milter, use LogVerbose yes.
HtH,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http
bug on the bugzilla.
Problem will be fixed in 0.95.1.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
lyubom...@cablebg.net wrote:
I am executing the following command:
[lyubo...@evaluate ~]$ cat test1.txt | mail -s Test root
Where test1.txt is an Eicar test file
See: https://wwws.clamav.net/bugzilla/show_bug.cgi?id=1531
Can you please test the SVN version?
Thanks,
-aCaB
Charles Gregory wrote:
Oh, and FTR, I could not find a change log or version notes on the
main clamav website, or I could have answered this question myself
A link in the left-side menu would be nice. :)
It's not that hard...
http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog
-aCaB
John Goubeaux wrote:
Has anyone done a successful build of clamAV-0.95 0n Solaris 10 x86 ?
Builds fine for me with gcc:
http://farm.0xacab.net/build/show/2335
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http
managers.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
or tomorrow, unless some of the tests fail.
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
.
Regards
Hi Ebrahim,
What's the problem?
It works fine here:
1337ness:/home/acab# grep clamav-milter /var/log/mail.log
Apr 6 15:28:13 1337ness clamav-milter[3546]: Local socket
unix:/tmp/clamd.socket added to the pool (slot 1)
Apr 6 15:28:13 1337ness clamav-milter[3546]: Remote socket
tcp
is reporting that clamd is not
responding or failed.
Fixed in r5030.
Thanks,
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
. I'd like to preserve the
original filename, so that I know what has been infected. How do I go about
doing this?
Hi Aditya,
Please clarify how you are running clamav to scan your files.
This sounds like a 3rd party tool.
--acab
___
Help us build
Full
2) get more detailed log entries in /var/log/clamav/clamd.log
If more detailed means i want the message id's then forget about
that. Clamd does not know what a message id is.
Again, the place for id's is clamav-milter's log.
HtH,
--acab
___
Help
box. With the above setup Clamav milter additionally tells you which of
those mails were infected.
What am I missing?
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
none because of whitelisting) of the Milters we have running on the
system.
Clamav-milter already gives you enough logging options to achieve that.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net
Robert S wrote:
Is there a missing option in my configs or
You are probably looking for the AddHeader option.
--acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
-milter.conf?
For 0.95.1:
http://svn.clamav.net/svn/clamav-devel/tags/clamav-0.95.1/etc/clamav-milter.conf
-acab
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
.
Maybe check if a newer version of milter watch is available.
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
for milter at 0.95.1 to
do this? Thank.
http://lurker.clamav.net/message/20090326.132413.b9e348ec.hu.html
-aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
in confMILTER_LOG_LEVEL.
--aCaB
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
1 - 100 of 189 matches
Mail list logo