Package: dansguardian Version: 2.9.9.7-2 Severity: important Hi,
we are running an installation of dansguardian (unstable) / clamav (unstable)/ squid3 (testing) on a testing (Lenny) Server-System, and everything works fine... ...instead of: when im trying to download a virus infected file (.pdf) with dansguardian using wget, i get the file downloaded with no probs... >proxyserver2:/tmp# wget http://chtest.gooanal.net/getfile.php?f=pdf -O >virus.pdf >--2008-11-24 14:47:48-- http://chtest.gooanal.net/getfile.php?f=pdf >Aufloesen des Hostnamen »localhost«.... 127.0.0.1, ::1 >Verbindungsaufbau zu localhost|127.0.0.1|:8080... verbunden. >Proxy Anforderung gesendet, warte auf Antwort... 200 OK >Länge: 3295 (3,2K) [application/pdf] >In »virus.pdf« speichern. > >100%[====================================================================================================================>] >3.295 --.-K/s in 0s >2008-11-24 14:47:48 (37,2 MB/s) - »virus.pdf« gespeichert [3295/3295] Dansguardian Logs: >2008.11.24 14:47:30 0.0.0.0 http://chtest.gooanal.net/getfile.php?f=pdf >*SCANNED* GET 3295 0 1 200 application/pdf - When i test this file with commandlinescanner clamscan it shows: >proxyserver2:/tmp# clamscan -v ./virus.pdf >Scanning ./virus.pdf >./virus.pdf: Exploit.PDF.Pidief-1 FOUND >----------- SCAN SUMMARY ----------- >Known viruses: 463900 >Engine version: 0.94.1 >Scanned directories: 0 >Scanned files: 1 >Infected files: 1 >Data scanned: 0.00 MB >Time: 3.401 sec (0 m 3 s) The Eicar-Test-File is also correctly found as infected: 2008.11.24 14:52:21 0.0.0.0 http://www.eicar.org/download/eicar.com.txt *INFECTED* *DENIED* Virus oder geblockter Dateityp entdeckt. Eicar-Test-Signature GET 68 0 Content scanning 1 403 text/plain - ...what am i doing wrong? Thanks in advance! -- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages dansguardian depends on: ii adduser 3.110 add and remove users and groups ii clamav 0.94.dfsg.1-1 anti-virus utility for Unix - comm ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co ii libc6 2.7-16 GNU C Library: Shared libraries ii libclamav5 0.94.dfsg.1-1 anti-virus utility for Unix - libr ii libgcc1 1:4.3.2-1 GCC support library ii libgmp3c2 2:4.2.2+dfsg-3 Multiprecision arithmetic library ii libpcre3 7.8-2 Perl 5 Compatible Regular Expressi ii libstdc++6 4.3.2-1 The GNU Standard C++ Library v3 ii perl 5.10.0-17 Larry Wall's Practical Extraction ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime dansguardian recommends no packages. Versions of packages dansguardian suggests: ii clamav-freshclam 0.94.dfsg.1-1 anti-virus utility for Unix - viru pn squid <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
