On 06/25/2012 05:26 PM, Tom Judge wrote:
On 25/06/2012 10:10, aCaB wrote:
FYI unrar license is incompatible with the GPL. That was the
rationale in the packaging.
Yes that is why they are separate binaries. As far as we can tell
there is nothing that states that you can't put them in
On 06/14/2012 08:29 PM, Matt Olney wrote:
Nathan,
There are no current plans to remove support for that signature format.
However, you should investigate the alternate formats in case that changes
in a future version of ClamAV. In particular look at the .hdb format that
matches both size
On 06/14/2012 08:29 PM, Matt Olney wrote:
Nathan,
There are no current plans to remove support for that signature format.
However, you should investigate the alternate formats in case that changes
in a future version of ClamAV. In particular look at the .hdb format that
matches both size
On 06/14/2012 08:29 PM, Matt Olney wrote:
Nathan,
There are no current plans to remove support for that signature format.
However, you should investigate the alternate formats in case that changes
in a future version of ClamAV. In particular look at the .hdb format that
matches both size
On 06/07/2012 11:23 PM, Alex wrote:
Hi,
M:displayhostname.com:www.myrealhostname.com
The M is the type flag for simple hostname comparisons. There are other
types for regular expressions if you need it.
Replace the hostnames appropriately and add a line like that to your local
whitelist
On 06/07/2012 09:57 PM, David Raynor wrote:
The safebrowsing feature of ClamAV uses a separate domain list and
whitelist from the other signatures. The blacklisted domains are stored in
.pdb files, and the whitelist is stored in .wdb files.
These process
domains from URLs instead of virus
On 2012-03-08 15:58, Steve G Harnett wrote:
Hi Edwin,
as discussed:
# more libclamunrar_iface.la
# libclamunrar_iface.la - a libtool library file
# Generated by ltmain.sh (GNU libtool) 2.2.6b Debian-2.2.6b-2
#
# Please DO NOT delete this file!
# It is necessary for linking the library.
On 2012-05-25 23:25, andrew fabbro wrote:
I'm running clamd on a CentOS 6 Linux VPS with 1.2GB of overall memory.
clamd is using 300MB of memory - a quarter of the box's memory. (309m
VIRT/272m RES). Recycling clamd results in very similar usage right after
startup (296m/271m)
I'm
On 2012-05-25 23:46, andrew fabbro wrote:
On Fri, May 25, 2012 at 1:30 PM, Török Edwin ed...@clamav.net wrote:
Which version, and do you use extra databases?
I have much lower mem usage:
2008 clamav20 0 211m 140m 6260 S0 1.8 6:27.44 clamd
ClamAV 0.97.4 - pretty much stock
On 05/15/2012 12:26 AM, Paul Smith wrote:
We could talk to clamd using TCP/IP, but since the clamd protocol doesn't
seem to be clearly documented, that would involve reverse engineering
clamdscan and rewriting it.
The protocol is described in: man 8 clamd
--Edwin
On 05/07/2012 09:44 PM, Al Varnell wrote:
On 5/7/12 10:49 AM, Pepijn Schmitz cla...@pepsoft.org wrote:
Hi Chuck,
On 07-05-12 19:17, Chuck Swiger wrote:
VirusTotal is a site at https://www.virustotal.com/ which lets one upload
files and scan them against all of the major malware engines.
On 04/26/2012 08:37 PM, Michael Orlitzky wrote:
On 04/26/2012 10:32 AM, Dennis Peterson wrote:
On 4/25/12 7:34 AM, Michael Orlitzky wrote:
On 04/25/12 07:55, Török Edwin wrote:
I don't know if this can help speeding up the process but I collected
some statistics on
clamscan of a small file
On 04/25/2012 02:33 PM, Pierre Dehaen wrote:
On 24 Apr 2012 at 18:11, Steve Basford wrote:
Has anyone else seen these kinds of delays? Is there any way to get
these databases to load faster or to allow ClamAV to continue scanning
when the database is being reloaded?
Sorry for the briefness
On 04/25/2012 03:13 PM, Steve Basford wrote:
I think I'm missing some context here: which DB files are slow to load?
The official ones? Just the sanesecurity ones? Any particular DB from the
sanesecurity ones?
Hi Edwin,
I'm emailed you off-list... but think I've found the issue and
On 04/25/2012 07:32 PM, Benny Pedersen wrote:
where do i find docs for making signatures for pdf ?
lets say i like to scan pdf content for m...@junc.org how should i then
create this signature that ONLY hits if its in a pdf ?
Look at logical signatures (.ldb), and for Container:
On 04/25/2012 09:01 PM, Benny Pedersen wrote:
Den 2012-04-25 18:43, Török Edwin skrev:
Look at logical signatures (.ldb), and for Container: CL_TYPE_PDF.
tryed google it, but ended in google adwords sites with logins :(
www.clamav.net/doc/latest/signatures.pdf
--Edwin
On 04/24/2012 05:43 PM, aCaB wrote:
On 04/24/12 01:31, Frank Chan wrote:
5974bc2d26dc0f1e9755ccc2806cfda2 chrome.dll
I got this file, but its not detected by ClamAV now (and the FP submission form
won't accept it).
9652e7d2d40f72c4f4acec0e2dea28a1 chrome.7z
The 7z is different for me
On 04/22/2012 01:57 AM, Alexandre Dias wrote:
Hello,
I would like to find out how much time it takes for ClamAV to scan a
given file (without counting with the initialization phase - just the
file scanning).
When a scan is ran, the time given by ClamAV includes the
initialization phase,
On 04/19/2012 02:59 PM, Ralf Hildebrandt wrote:
Is there an alternative way of submitting FP's?
Are you using this page?
http://www.clamav.net/lang/en/sendvirus/submit-fp/
Best regards,
--Edwin
___
Help us build a comprehensive ClamAV guide: visit
On 04/19/2012 04:10 PM, Ralf Hildebrandt wrote:
I just tested and it worked fine for me.
What's exactly the problem on your side?
I keep getting:
Under maintenance. Try again later.
How big is the file that you're trying to upload?
--Edwin
On 04/19/2012 04:21 PM, Ralf Hildebrandt wrote:
How big is the file that you're trying to upload?
I'm not getting a form, all I get is Under maintenance. Try again
later. - must be a cachin issue somewhere
Varnish (reverse proxy) is giving my this:
$ telnet proxy.charite.de 8080
Trying
On 04/18/2012 06:38 PM, Stephen Guglielmo wrote:
Hello,
I have a mail system with virus filtering via ClamAV. It has been
working well, I've tested it with the EICAR check successfully.
However, ClamAV has been detecting false positives in certain emails
with the detection
On 04/03/2012 08:20 PM, cosmin Tanase wrote:
Hi I look over the source-code and I can't find the registration to Windows
Security Center SecurityCenter2 / AntiVirusProduct system
ClamAV doesn't register there.
The source-code of clamAV is not complete ?
It is, but you probably need to
On 03/26/2012 12:06 PM, TR Shaw wrote:
Does ClamAV teat .jar files in a similar fashion as to .zip's?
They are zip files, just with some special filenames inside (META-INF/),
so yes ClamAV should unpack them just as
it does with zip files.
--Edwin
On 03/16/2012 01:36 AM, Sergio wrote:
Ok, sorry for the missing information, my server is RHEL 6, 64 bits with
WHM/CPanel 11.30.6.
I will force update again CLAMAV and see if I can get more info about the
missing libraries and I post it here.
Thanks for your help.
Might want to try to
On 03/16/2012 02:35 PM, Andreas Schulze wrote:
Hello,
1.
I just compiled the new version in my autobuild system for
multiple version of SuSE Linux Enterprise Servers.
I noticed this RPMLINT report which I like to forward to you for inforamation:
RPMLINT report:
===
On 03/08/2012 12:03 PM, Steve G Harnett wrote:
Hi Edwin,
FYI
Latest version of ClamAV Compiles and runs on AIX 7.1
Thanks, does it also detect all the clam* files in test/ when you scan it with
clamscan?
Best regards,
--Edwin
___
Help us build a
On 03/08/2012 01:25 PM, Steve G Harnett wrote:
Hi Edwin,
It looks like all but the rar files ( we cant run update due to a lack of
internet on the test system!)
# pwd
/swdist/ClamAV/clamav-0.97.3/test
# /usr/local/bin/clamscan .
LibClamAV Warning: Cannot dlopen libclamunrar_iface: file not
On 03/08/2012 02:33 PM, Steve G Harnett wrote:
Hi,
# ./clamscan --debug
LibClamAV debug: searching for unrar, user-searchpath: /usr/local/lib
LibClamAV debug: searching for unrar: libclamunrar_iface.so.6.1.12 not
found
LibClamAV debug: searching for unrar: libclamunrar_iface.so.6 not
On 03/08/2012 04:15 PM, Steve G Harnett wrote:
# ./libtool --config
# Which release of libtool.m4 was used?
macro_version=2.2.6b
macro_revision=1.3017
# Whether or not to build static libraries.
build_old_libs=yes
# Whether or not to build shared libraries.
build_libtool_libs=no
There's
On 03/07/2012 04:18 PM, Steve G Harnett wrote:
Hello all,
Can anyone tell me if ClamAV is capable of running on AIX 7.1
and if there
are any users using it please?
We got occasional compile error reports on AIX 5.x/6.x, and fixed those.
I don't remember any bugreports about AIX 7, so either
On 03/06/2012 12:46 PM, Ben Stuyts wrote:
On 5 mrt. 2012, at 15:42, Ben Stuyts wrote:
On 5 mrt. 2012, at 11:07, Török Edwin wrote:
On 03/05/2012 11:33 AM, Ben Stuyts wrote:
Hi,
Since two days, I'm getting lots of these messages while scanning one of
the servers here:
LibClamAV
On 03/06/2012 12:43 PM, Steve Kirkby wrote:
I can't get through the tech. complexity of upgrading my ClamAV, version
2.2.2.
You mean ClamXav, which is a graphical frontend to ClamAV.
Apparently ClamXav 2.2.2 comes with ClamAV engine version 0.97.2. The latest
version of the ClamAV engine is
On 03/06/2012 02:23 PM, shuttlebox wrote:
On Tue, Mar 6, 2012 at 11:43 AM, Steve Kirkby k...@today.plus.com wrote:
I can't get through the tech. complexity of upgrading my ClamAV, version
2.2.2. I am not a computer engineer, just a user. On getting the daily
message in Console that my ClamAV
On 03/06/2012 01:18 PM, Ben Stuyts wrote:
On 6 mrt. 2012, at 11:47, Török Edwin wrote:
There were no updates to bytecode recently. Maybe the file that caused the
problem is gone already?
I doubt it as I got many of those errors during a single run, so I assume
there where multiple
On 03/05/2012 11:33 AM, Ben Stuyts wrote:
Hi,
Since two days, I'm getting lots of these messages while scanning one of the
servers here:
LibClamAV Warning: [Bytecode JIT]: Bytecode run timed out, timeout flag set
LibClamAV Warning: Bytcode 3 failed to run: Unknown error code
This is
On 03/03/2012 04:44 PM, Jayson Brush wrote:
Hello
I currently have ClamSMTP and ClamAV 0.97.3 installed on CentOS with
postfix and dovecot. The setup works and ClamAV properly scans all emails
and detects viruses. However, I have enabled the DLP module in Clamd to
detect CC numbers and SSNs
On 02/13/2012 12:57 PM, Henri Salo wrote:
On Mon, Feb 13, 2012 at 05:04:34AM -0500, Michael Richards wrote:
Do the sigmakers just waste their time sifting through tons of
duplicate submissions?
I sure hope not. I am more than happy to help creating faster process for
this if ClamAV guys
On 02/13/2012 04:01 PM, Matus UHLAR - fantomas wrote:
On Mon, Feb 13, 2012 at 12:15:02PM +0100, Matus UHLAR - fantomas wrote:
What I need is to pass phishes sent to one particular address
(abuse@, since we should knnow when our customers send phishes)
On 13.02.12 13:45, Henri Salo wrote:
On 02/10/2012 03:45 PM, Matthias Egger wrote:
Hello List
Yesterday we received a lot of DHL Delivery Notification Messages with a
zip File as attachment.
The zip file contains an exe file which is obviously some kind of malware.
Since clamav let this email pass through i went to the
On 02/10/2012 05:08 PM, Matthias Egger wrote:
Hello Edwin
Thank you for your reply.
On 10.02.2012 15:06, Török Edwin wrote:
# clamscan -v DHL_Post_oder_Notification-INF6782654.zip
DHL_Post_oder_Notification-INF6782654.zip: Suspect.Bredozip-zippwd-2 FOUND
The detection is based
On 02/10/2012 10:53 PM, Chuck Swiger wrote:
On Feb 10, 2012, at 12:19 PM, Reynolds, David C. wrote:
I am (will be) running on a relatively large SGI Origin with a couple of
hundred processors available. Is there an easy configuration setting to
enable multiple clamd daemons to support
On 02/06/2012 09:39 PM, Reynolds, David C. wrote:
I've recently installed .97.3 on an SGI Origin 3000 running TRIX v6.5.28
using gcc 3.2.1.
Thats a weird version number. GCC 3.3, 3.4 was working I think, I don't think I
ever used gcc 3.2.1, it might be buggy or might not be.
(I did need to
On 01/25/2012 05:02 PM, [Cardiff] Tugdual de LASSAT wrote:
Hello the list..
I have a problem, i wish to submit to your review...
We run 4 years discontinuating, an Exim+Clamav mail server solution that ran
smoothly to our needs, until recent internal false positive has been
signaled...
On 01/24/2012 01:05 AM, Greg Cirino wrote:
Ok, I'm not sure what is happening, but I did a wget of the main.cvd and
ran the sigtool against it with the following command:
sigtool --info=main.cvd
and got this:
File: main.cvd
Build time: 11 Oct 2011 10:34 -0400
Version: 54
Signatures:
On 01/24/2012 12:46 AM, Greg Cirino wrote:
Why is libclamav looking for main.mdb on a linux system?
main.cvd consists of a number of signature files, one of which is a .mdb file.
A .mdb file is a plain text file that stores MD5 hash signatures in this format:
size:hash:VirusName
Best
On 01/23/2012 07:29 PM, Greg Cirino wrote:
Hello
Since upgrading from 0.97 to 0.97.3 it's been less then satisfying on a
fedora c3 server, I have a 7.3 server without issues
Every time (it seems) i run freshclam on the FC3 machine it wants to
redownload the main.cvd database over and
On 01/18/2012 07:26 PM, TR Shaw wrote:
$ clamdscan -V
ClamAV 0.97.3/14323/Wed Jan 18 09:09:29 2012
LibClamAV Warning: Bytecode runtime error at line 0, col 0
LibClamAV Warning: [Bytecode JIT]: recovered from error
LibClamAV Warning: [Bytecode JIT]: JITed code intercepted runtime error!
On 01/17/2012 11:00 AM, Anne Wilson wrote:
On 16/01/12 13:55, Török Edwin wrote:
On 01/16/2012 03:53 PM, Anne Wilson wrote:
I run clamav on my mail server, and my daughter runs clamwin on
Windows 7, on my recommendation. This morning's scan showed midi
files that have been on my server for 2
On 01/16/2012 03:53 PM, Anne Wilson wrote:
I run clamav on my mail server, and my daughter runs clamwin on Windows
7, on my recommendation. This morning's scan showed midi files that
have been on my server for 2 years or more as being infected, e.g.:
/Data1/Midi/AudigyCD/SYMPHONY.MID:
On 01/14/2012 03:29 PM, Stephen Butler wrote:
Both freshclam.conf and clamd.conf have the following entry :
#DatabaseDirectory /var/lib/clamav
# means the entry is commented, its just an example.
I'm a bit confused, I thought my signature database files were located here by
On 12/26/2011 10:11 AM, Sergey wrote:
Hello.
Does anybody use clamd with IPv6 ? I attempted to do it, but
it not works. All complicated by the fact that it is my first
experience with IPv6 also. I attemted to bind clamd to localhost.
clamd doesn't support IPv6. Only freshclam does.
Best
On 12/25/2011 07:48 AM, John-Charles D. Sokolow wrote:
I am experimenting with a python script which uses
http://xael.org/norman/python/pyclamd/ to scan blocks of data.
Here is my scenario, I read one block, ( 4096 bytes in my case ) from a
socket. I call pyclamd.scan_stream( block ), which
On 12/01/2011 09:55 PM, Alex wrote:
Hi,
I happen to have a similar issue and thought I could append to this
thread with my questions.
Is there a way to delete a signature that you are not interested in?
I'd like to create a local whitelist for patterns that create false
positives in my
On 11/22/2011 08:32 PM, Shobana Narayanaswamy wrote:
Is there a way to reduce the memory footprint of the scanner? It appears to
take about 220M in memory to load the virus db.
Are you using 0.97.3? There were some improvements in the 0.97 series regarding
memusage.
Also are you using only
On 11/20/2011 12:45 AM, Ben Stuyts wrote:
On 19 nov. 2011, at 17:19, Ben Stuyts wrote:
On 18 nov. 2011, at 21:20, René Bellora wrote:
hi!
i'm getting some warnings when scanning a directory:
LibClamAV Warning: Bytcode 4 failed to run: Error during bytecode execution
LibClamAV
On 11/17/2011 06:57 PM, David Alix wrote:
Is anyone else having problems with clamd after the daily.cld updated to
version 13960. I'm running clamd 0.97.1, on Solaris 9 SPARC. SInce 13960
was installed, clamd abends, with no error messages
anywhere. Sometimes clamd will run for up to 20
On 11/14/2011 03:20 PM, Michael Kolowicz wrote:
Hello,
ClamAV Win32 Devel clamav-team-wi...@lists.clamav.net
I have installed Clamav via apt-get install on my Ubuntu 10.04 64bit. Now I
want to redirect the databases. I have create the folder
/media/Proxy/ClamaAV.
Followed from
On 11/14/2011 05:05 PM, Michael Kolowicz wrote:
Thanks for your answer
I will start with the end:
Does this work (run as root):
su clamav -s /bin/touch /media/Proxy/ClamAV/test
Yes - that´s works. In the dir a new file is created
Is /media/Proxy removable media? If so is the
On 11/10/2011 09:02 PM, Jim Preston wrote:
On 11/09/2011 02:44 PM, Török Edwin wrote:
[snip]
Well of course there have to be limits somewhere, and I recall one issue is
malevalent attachments designed specifically to crash extractors.
A second issue I recall from the past is the sending
On 11/09/2011 10:42 PM, Simon Hobson wrote:
Per Jessen wrote:
The OP started by saying there are ways to limit the level of archive
that will be scanned as well as the size of the entities to be
scanned, which are performance optimizing options one can use if
desired. To which I commented
On 2011-10-24 14:55, Matthias Egger wrote:
Hello all
On 24.10.2011 12:13, Matthew Slowe wrote:
I'm seeing a problem on a bunch of Solaris 10 SPARC servers running 0.97.x
since about 00:55 BST this morning.
Just wanted to confirm what Matthew sees.
* Also on Solaris 10 SPARC Machines
On 2011-10-24 15:03, Török Edwin wrote:
On 2011-10-24 14:55, Matthias Egger wrote:
Hello all
On 24.10.2011 12:13, Matthew Slowe wrote:
I'm seeing a problem on a bunch of Solaris 10 SPARC servers running 0.97.x
since about 00:55 BST this morning.
Just wanted to confirm what Matthew sees
On 2011-10-24 15:40, Pierre Dehaen wrote:
On 24 Oct 2011 at 15:23, Török Edwin wrote:
On 2011-10-24 15:03, Török Edwin wrote:
On 2011-10-24 14:55, Matthias Egger wrote:
Hello all
On 24.10.2011 12:13, Matthew Slowe wrote:
I'm seeing a problem on a bunch of Solaris 10 SPARC servers running
On 2011-10-24 16:48, David Alix wrote:
Unfortunately, it may not be fixed on Solaris 9. My earlier problem went
away with the update to daily.cld 13840. This different problem began
yesterday with the update to daily.cld 13842.
This is the update I saw in freshclam.log:
Received signal:
On 10/23/2011 05:33 PM, Jim Popovitch wrote:
Is it my lack of clue, or are there a fair amount of mirror issues today?
I'm not seeing any issues with the mirror I use, what error messages do you see?
Best regards,
--Edwin
___
Help us build a
On 10/21/2011 04:29 PM, David Alix wrote:
when I start gdb with the command:
gdb /opt/ClamAV/sbin/clamd 6761
I get the message:
Copyright (C) 2008 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html
This is free software: you are
On 10/20/2011 01:59 PM, Ivan Ivanov wrote:
Hello,
I am newbie with ClamAV and I am trying to improve phising accurance on an
e-mail server installation.
Unfortunatley I as not able to understand how to do that in details. Should I
use daily.pdb or phising signatures are included already
On 10/20/2011 02:40 PM, Ivan Ivanov wrote:
Hello Torok,
Thank you for your fast responce.
Is it possible to have additional .pbd with cistomized values included in
ClamAV configuration and dastabases directory? Content exampel of such
local.pdb: H:somelocalbank.ctld
Yes, just place a
On 10/20/2011 03:05 PM, Ivan Ivanov wrote:
Hello Edwin,
Thank you for your e-mail.
I've added a local.pdb in /var/lib/clamav with contenct:
H:localbankaddress.ctld
But it appeasr that message passed as clean. Please see log entry returned by
amavis (Postfix+amavis-new+ClamAV):
On 10/20/2011 03:31 PM, Ivan Ivanov wrote:
Hello Edwin.
Here is:
clamscan -d /var/lib/clamav/local.pdb message.eml
message.eml: OK
--- SCAN SUMMARY ---
Known viruses: 1
Engine version: 0.97.2
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned:
On 2011-10-19 21:53, Alex wrote:
Hi,
kernel: [73788.355981] [Hardware Error]: Machine check events logged
kernel: [73914.635576] CPU4: Package temperature above threshold, cpu
clock throttled (total events = 5538406)
kernel: [73914.635581] CPU0: Package temperature above threshold, cpu
On 10/14/2011 11:49 AM, Simon Friedberger wrote:
Hello everybody,
I'm getting the following error trying to scan a file:
WARNING: myfilename: Can't access file
myfilename: Value too large for defined data type
This probably comes from the stat() system call.
It can happen if you use an
On 10/14/2011 04:13 PM, Simon Friedberger wrote:
Does it print an error?
Yes, it does.
stat failed: Value too large for defined data type
Now what does that mean? :)
I think I got it:
off_t st_size;/* total size, in bytes */
The st_size member of the stat buffer is a
On 2011-10-10 10:24, Alex wrote:
Hi,
I have a fedora15 x86_64 box with clamav-0.97.2, postfix-2.8.4, and
amavisd-new-2.6.6 with spamassassin-3.3.2 that has been running fine
for quite a while. Recently, clamd has died with an error similar to
this:
Oct 10 02:55:56 mail02 amavis[25696]:
On 2011-10-10 11:25, Alex wrote:
Hi,
I have a fedora15 x86_64 box with clamav-0.97.2, postfix-2.8.4, and
amavisd-new-2.6.6 with spamassassin-3.3.2 that has been running fine
for quite a while. Recently, clamd has died with an error similar to
Was it clamd that died or both clamd and
On 2011-10-10 19:15, Alex wrote:
Hi,
I have a fedora15 x86_64 box with clamav-0.97.2, postfix-2.8.4, and
amavisd-new-2.6.6 with spamassassin-3.3.2 that has been running fine
for quite a while. Recently, clamd has died with an error similar to
Was it clamd that died or both clamd and
On 2011-10-10 19:29, Alex wrote:
Hi,
Is there a way to have it automatically restarted when something like
this happens or be more tolerant of database problems, with
notifications of those problems, in the future?
If bug 2727 is any indication, don't bet on it.
I don't think it's that
On 09/30/2011 03:59 PM, Phil Schilling wrote:
On Sep 29, 2011, at 9:01 AM, Török Edwin wrote:
On 09/29/2011 04:32 PM, Phil Schilling wrote:
I just installed 0.97.2 on a NetBSD 5.1 x86 box. When running freshclam it
hangs after Downloading daily-13703.cdiff [100%]. It can sit
On 09/29/2011 04:32 PM, Phil Schilling wrote:
I just installed 0.97.2 on a NetBSD 5.1 x86 box. When running freshclam it
hangs after Downloading daily-13703.cdiff [100%]. It can sit there forever
and not give the console back. There are two
running freshclam processes while this happens.
On 2011-09-28 17:57, Bryan Blackwell wrote:
I don't see how that's possible on incoming attachments unless you get all
your senders to use a known key, or some cracking technology built into
ClamAV.
Am I missing something?
I assume he just wants to block any encrypted attachments, as
On 2011-09-27 13:13, Forlani M. wrote:
Hi all, i'm new here, please excuse my little english.
I have a centralized syslog server and i've configured clamd to send logs as
LogFacility local1.
It's working fine, but this is what i'm obtaining:
files/folders clamd can't access as
On 2011-09-27 15:56, Forlani M. wrote:
Thanks for the answer, yes i'm using rsyslogd, could you put me on docs on
how to match on msg?
man rsyslog.conf, look for Property based filters, and Property replacer.
They allow to filter on any property, like HOSTNAME, syslogtag and msg.
Best
On 09/25/2011 03:52 AM, Al Varnell wrote:
When I go to http://clamav-du.securesites.net/cgi-bin/clamgrok and enter
OSX I get a list of 34 hits for Mac OS signatures, but at least one is
missing.
When I open my daily.cld I can find the following:
On Sep 19, 2011, at 19:04, Bowie Bailey bowie_bai...@buc.com wrote:
On 9/19/2011 11:46 AM, Michael Orlitzky wrote:
A hostname cannot be all digits and except when the IP is used there
will be a TLD, so if you see a pattern such as
http:// 123456789/ cgi-bin/innocent_code.pl
(Ignore
On 09/12/2011 10:54 PM, Dan wrote:
Is there a way to make freshclam grab and verify database files from a local
directory?
Yes, but they don't work for fetching incremental updates from local dir
(DatabaseCustomURL, PrivateMirror).
What you could try is set DatabaseMirror to a local
On 2011-08-23 21:48, C. Bensend wrote:
Hey folks,
So, I can't seem to find an SRPM for RHEL that actually matches
its checksum, which makes me a bit .. uneasy, given the nature
of the software.
The RPMforge one fails its MD5 sum check. The second site listed
on clamav.net
On 2011-08-23 22:27, C. Bensend wrote:
On 2011-08-23 21:48, C. Bensend wrote:
Hey folks,
So, I can't seem to find an SRPM for RHEL that actually matches
its checksum, which makes me a bit .. uneasy, given the nature
of the software.
The RPMforge one fails its MD5 sum check. The
On 08/22/2011 12:12 AM, Frans de Boer wrote:
Hello, I see the next results listing every time when I do a make check:
git-clamav-devel/unit_tests'
PASS: check_clamav
PASS: check_freshclam.sh
PASS: check_sigtool.sh
SKIP: check_unit_vg.sh
PASS: check1_clamscan.sh
PASS: check2_clamd.sh
On 2011-08-19 20:33, Paul Enlund wrote:
Hi
Still having problems with some PDF's being flagged as
Heuristics.Encrypted.PDF
even with version 0.97.2. Version 0.97 does not have this problem.
Example PDF which is not encrypted available if required.
Please open a bug and attach it
On 08/18/2011 01:05 PM, Michael Wu wrote:
Hello,
In the /var/log/maillog, sometimes we will see the log message
milter=clmilter, tempfail. Is there anything that we should notice? The
Clamd service is still running and quarantines the suspicious mails
normally. We compile the clamav
On 2011-08-11 21:12, ulises gonzalez wrote:
Hello everybody:
I've been using Clamav since 2005 on Ubuntu and Debian sistems, since one
year I've been compiling it with the clamuko module (versions 0.96.2 to
0.97.2 excluding 0.97.1) joined to this I've been compiling to dazukofs.
On 2011-08-11 22:02, ulises gonzalez wrote:
On Thursday 11 August 2011 02:29:17 pm Török Edwin wrote:
How? Is it a SIGSEGV/SIGBUS/something else?
Excuse me, how I can do this...??
Following the instructions on the clamav website on how to attach gdb to clamd,
then wait for the selfcheck
On 2011-08-02 02:56, Al Varnell wrote:
On Jul 26, 2011, at 2:06 PM, Török Edwin ed...@clamav.net wrote:
On 07/26/2011 11:59 PM, Al Varnell wrote:
Is there something going on with subject infections? I see that it's listed
on the clamav home page as a Current Threat. We got several users
On 07/29/2011 06:36 PM, Nathan Gibbs wrote:
On 7/29/2011 11:03 AM, polloxx wrote:
When will the package be available in Debian Squeeze?
When the package maintainer gets around to putting it there
It just got packaged for unstable:
On 07/29/2011 07:30 PM, Nathan Gibbs wrote:
On 7/29/2011 11:41 AM, Török Edwin wrote:
On 07/29/2011 06:36 PM, Nathan Gibbs wrote:
Stable is still at 0.97
Isn't stable at 0.97.1? (via stable-updates):
http://packages.qa.debian.org/c/clamav/news/20110704T135601Z.html
Candidate: 0.97.1+dfsg-1
On 07/26/2011 11:59 PM, Al Varnell wrote:
Is there something going on with subject infections? I see that it's listed
on the clamav home page as a Current Threat. We got several users asking
about this in the ClamXav Forum (including a Linux user?) and I can't seem
to find it in the
On 07/23/2011 07:03 AM, Nathan Gibbs wrote:
Does clamd support tcpwrappers?
It looks like clamav-milter does, but not clamd itself.
H'mm, for now it looks like firewalls are the only defense when you bind
clamd to an IP address.
I think that a very simple way of limiting which machines
On 07/23/2011 05:40 AM, Steve Fatula wrote:
It would appear that sighup, in clamav 0.97.1, should re-open the log files
when it receives a sighup. In our case, it simply ends clamav-milter, no
message logged anywhere I can find.
Do I read this correctly, that is what SHOULD happen
On 07/19/2011 08:57 PM, Dan wrote:
At 5:20 PM +0200 7/19/2011, Luca Gibelli wrote:
Anyone else seeing this issue?
There is a cache in front of the website, which is causing the lag
between the website and the actual daily.cvd release. I lowered the
expire timeout to 1h.
I suggest that
1 - 100 of 881 matches
Mail list logo