Hello Tom,
I used the lowercase...I think it was Outlook that capitalized the first letter
of each command. It still isn't working for me. Perhaps it is because I'm
using a WORKSTATION version of RHEL 6? FYI This is not a standard RHEL Server
version...do you think that may have something to do with it?
With no network connection here is what yum tells me. Note the path to the
workstation repository:
[root@ISFAV-Linux Desktop]# yum install -y epel-release
Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security,
: subscription-manager
Setting up Install Process
https://cdn.redhat.com/content/dist/rhel/workstation/6/6Workstation/x86_64/os/repodata/repomd.xml:
[Errno 14] PYCURL ERROR 6 - "Couldn't resolve host 'cdn.redhat.com'"
Trying other mirror.
No package epel-release available.
Error: Nothing to do
Here is yum output with network connection:
[root@ISFAV-Linux Desktop]# yum install -y epel-release
Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security,
: subscription-manager
Setting up Install Process
rhel-6-workstation-rpms | 3.5 kB 00:00
rhel-6-workstation-rpms/primary_db | 61 MB 00:55
No package epel-release available.
Error: Nothing to do
[root@ISFAV-Linux Desktop]# yum install -y clamav
Loaded plugins: product-id, refresh-packagekit, search-disabled-repos,
security, subscription-manager
Setting up Install Process
No package clamav available.
Error: Nothing to do
Regards
Jason
-----Original Message-----
From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of
clamav-users-requ...@lists.clamav.net
Sent: Wednesday, November 15, 2017 12:00 PM
To: clamav-users@lists.clamav.net
Subject: clamav-users Digest, Vol 156, Issue 14
Send clamav-users mailing list submissions to
clamav-users@lists.clamav.net
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
or, via email, send a message with subject or body 'help' to
clamav-users-requ...@lists.clamav.net
You can reach the person managing the list at
clamav-users-ow...@lists.clamav.net
When replying, please edit your Subject line so it is more specific than "Re:
Contents of clamav-users digest..."
Today's Topics:
1. RHEL 6 Clam AV Installation (Walker, Jason T)
2. Re: RHEL 6 Clam AV Installation (Thomas McCourt (tmccourt))
3. Re: RHEL 6 Clam AV Installation (Reindl Harald)
4. Re: password protected encrypted .docx files (Al Varnell)
5. Re: password protected encrypted .docx files (Mark Foley)
----------------------------------------------------------------------
Message: 1
Date: Tue, 14 Nov 2017 19:07:33 +0000
From: "Walker, Jason T" <jason.wal...@gd-ms.com>
To: "clamav-users@lists.clamav.net" <clamav-users@lists.clamav.net>
Subject: [clamav-users] RHEL 6 Clam AV Installation
Message-ID: <64613dda3217475392343571a261a...@vadc-mmb03.gd-ms.us>
Content-Type: text/plain; charset="us-ascii"
Hello,
I'm trying to install your product on a RHEL 6.9 PC. Your documentation
refers to the yum repository as a source of the RPM file, however yum replies
that the RPMs do not exist for the following packages:
1) Epel-release
2) Clamav
Any assistance on this installation is appreciated.
Regards
Jason
------------------------------
Message: 2
Date: Tue, 14 Nov 2017 19:35:17 +0000
From: "Thomas McCourt (tmccourt)" <tmcco...@cisco.com>
To: ClamAV users ML <clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] RHEL 6 Clam AV Installation
Message-ID: <7de5892f-0f35-48a3-a5fe-2a7ecdbb0...@cisco.com>
Content-Type: text/plain; charset="utf-8"
Hello Jason,
Using Yum, I can do the following command and download both Epel-release and
clamav. This of course, downloads 99.2 (not the beta version).
yum install -y epel-release
yum install -y clamav
Duck]# yum install -y epel-release
Loaded plugins: fastestmirror, refresh-packagekit, security Setting up Install
Process Loading mirror speeds from cached hostfile
* base: distro.ibiblio.org
* extras: mirror.umd.edu
* updates: mirror.cs.vt.edu
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:6-8 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
epel-release noarch 6-8 extras 14 k
Transaction Summary
================================================================================
Install 1 Package(s)
Total download size: 14 k
Installed size: 22 k
Downloading Packages:
epel-release-6-8.noarch.rpm | 14 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : epel-release-6-8.noarch 1/1
Verifying : epel-release-6-8.noarch 1/1
Installed:
epel-release.noarch 0:6-8
I am wondering if it is because you capitalized the ?E? in epel-release. Try it
by lowercasing it, to see if it works.
Double checking- capitalizing the ?e? in epel-release finds no results.
Thank you,
Tom McCourt
On 11/14/17, 2:07 PM, "clamav-users on behalf of Walker, Jason T"
<clamav-users-boun...@lists.clamav.net on behalf of jason.wal...@gd-ms.com>
wrote:
>Hello,
>
>I'm trying to install your product on a RHEL 6.9 PC. Your documentation
>refers to the yum repository as a source of the RPM file, however yum replies
>that the RPMs do not exist for the following packages:
>
>
>1) Epel-release
>
>2) Clamav
>
>Any assistance on this installation is appreciated.
>
>Regards
>Jason
>
>_______________________________________________
>clamav-users mailing list
>clamav-users@lists.clamav.net
>http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
>Help us build a comprehensive ClamAV guide:
>https://github.com/vrtadmin/clamav-faq
>
>http://www.clamav.net/contact.html#ml
------------------------------
Message: 3
Date: Tue, 14 Nov 2017 20:37:02 +0100
From: Reindl Harald <h.rei...@thelounge.net>
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] RHEL 6 Clam AV Installation
Message-ID: <b6805a3a-720a-33ba-5bf4-a6d5ba042...@thelounge.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Am 14.11.2017 um 20:07 schrieb Walker, Jason T:
> I'm trying to install your product on a RHEL 6.9 PC. Your documentation
> refers to the yum repository as a source of the RPM file, however yum replies
> that the RPMs do not exist for the following packages:
>
>
> 1) Epel-release
>
> 2) Clamav
>
> Any assistance on this installation is appreciated
you hardly can install a yum repo itself via yum and hence here you go:
https://fedoraproject.org/wiki/EPEL - however, why installing RHEL6 in 2017?
------------------------------
Message: 4
Date: Wed, 15 Nov 2017 01:14:00 -0800
From: Al Varnell <alvarn...@mac.com>
To: ClamAV users ML <clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] password protected encrypted .docx files
Message-ID: <96cdeeb0-6975-4a45-951e-180336b15...@mac.com>
Content-Type: text/plain; charset="us-ascii"
On Tue, Nov 14, 2017 at 07:45 AM, Mark Foley wrote:
> I found this older message in the archives. I'm receiving a lot of
> fake "Invoice" messages with attached encrypted .doc files that run VB
> scripts and execute .exe files.
>
> I'd like to block encrypted Word documents. Interestingly, as Reindl
> Harald says, ".docx files *are* zip files", but lately I've been
> getting .doc files which are really .docx file. KDE Dolphin isn't
> deceived and opens the attachment as an archive, but Word in WIN7 goes
> ahead and opens it as a document. If I rename the document to .docx,
> then Dolphin opens it in LibreOffice.
>
> So, will ArchiveblockEncrypted work on .doc files too? I.e. is clamav
> smart enough to look beyond the extension?
In general, yes, clamAV doesn't pay attention to extensions and looks for
document signatures that are usually at the top of a file to determine file
type. That being said, I can't confirm exactly how it handles .doc and .docx
files.
-Al-
> Will ArchiveblockEncrypted block *ALL* encrypted archives including zip?
>
> Finally, Dino Edwards wrote:
>
>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>> (it's off by default)
>
> Is that a typeo? Did he mean "you can turn ArchiveBlockEncrypted on in
> clamd.conf"? Seems like turning this "off" would NOT block encrypted files.
>
> THX --Mark
>
> -----Original Message-----
>> Date: Wed, 5 Apr 2017 21:19:47 +0200
>> From: Reindl Harald <h.rei...@thelounge.net
>> <mailto:h.rei...@thelounge.net>>
>>
>> technically .docx *are* zip files
>>
>> Am 05.04.2017 um 21:08 schrieb Dino Edwards:
>>> Didn't realize the ArchiveblockEncrypted included MS Word files. I
>>> thought it would be for password protected zip rar and such
>>>
>>> -----Original Message-----
>>> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net
>>> <mailto:clamav-users-boun...@lists.clamav.net>] On Behalf Of Benny
>>> Pedersen
>>> Sent: Wednesday, April 5, 2017 11:22 AM
>>> To: clamav-users@lists.clamav.net
>>> <mailto:clamav-users@lists.clamav.net>
>>> Subject: Re: [clamav-users] password protected encrypted .docx files
>>>
>>> Dino Edwards skrev den 2017-04-05 16:48:
>>>> Any way to get clamav to block password protected Microsoft word files?
>>>
>>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>>> (it's off by default)
>>>
>>> if not working pastebin your clamconf (clamav section only)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL:
<http://lists.clamav.net/pipermail/clamav-users/attachments/20171115/5d85189e/attachment-0001.bin>
------------------------------
Message: 5
Date: Wed, 15 Nov 2017 11:56:27 -0500
From: Mark Foley <mfo...@novatec-inc.com>
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] password protected encrypted .docx files
Message-ID: <201711151656.vafgurjw006...@server.novatec-inc.com>
Content-Type: text/plain; charset=us-ascii
On Wed 15 Nov 2017 01:14:00 -0800 Al Varnell <alvarn...@mac.com> wrote:
>On Tue, Nov 14, 2017 at 07:45 AM, Mark Foley wrote:
>> I found this older message in the archives. I'm receiving a lot of
>> fake "Invoice" messages with attached encrypted .doc files that run
>> VB scripts and execute .exe files.
>>
>> I'd like to block encrypted Word documents. Interestingly, as Reindl
>> Harald says, ".docx files *are* zip files", but lately I've been
>> getting .doc files which are really .docx file. KDE Dolphin isn't
>> deceived and opens the attachment as an archive, but Word in WIN7
>> goes ahead and opens it as a document. If I rename the document to
>> .docx, then Dolphin opens it in LibreOffice.
>>
>> So, will ArchiveblockEncrypted work on .doc files too? I.e. is clamav
>> smart enough to look beyond the extension?
>
> In general, yes, clamAV doesn't pay attention to extensions and looks for
> document signatures that are usually at the top of a file to determine file
> type. That being said, I can't confirm exactly how it handles .doc and .docx
> files.
>
Thanks Al. I'll turn this on and experiment. I'll post back my findings.
Does anyone have exerience with this?
>-Al-
>
>> Will ArchiveblockEncrypted block *ALL* encrypted archives including zip?
>>
>> Finally, Dino Edwards wrote:
>>
>>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>>> (it's off by default)
>>
>> Is that a typeo? Did he mean "you can turn ArchiveBlockEncrypted on
>> in clamd.conf"? Seems like turning this "off" would NOT block encrypted
>> files.
>>
>> THX --Mark
>>
>> -----Original Message-----
>>> Date: Wed, 5 Apr 2017 21:19:47 +0200
>>> From: Reindl Harald <h.rei...@thelounge.net
>>> <mailto:h.rei...@thelounge.net>>
>>>
>>> technically .docx *are* zip files
>>>
>>> Am 05.04.2017 um 21:08 schrieb Dino Edwards:
>>>> Didn't realize the ArchiveblockEncrypted included MS Word files. I
>>>> thought it would be for password protected zip rar and such
>>>>
>>>> -----Original Message-----
>>>> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net
>>>> <mailto:clamav-users-boun...@lists.clamav.net>] On Behalf Of Benny
>>>> Pedersen
>>>> Sent: Wednesday, April 5, 2017 11:22 AM
>>>> To: clamav-users@lists.clamav.net
>>>> <mailto:clamav-users@lists.clamav.net>
>>>> Subject: Re: [clamav-users] password protected encrypted .docx
>>>> files
>>>>
>>>> Dino Edwards skrev den 2017-04-05 16:48:
>>>>> Any way to get clamav to block password protected Microsoft word files?
>>>>
>>>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>>>> (it's off by default)
>>>>
>>>> if not working pastebin your clamconf (clamav section only)
------------------------------
Subject: Digest Footer
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
------------------------------
End of clamav-users Digest, Vol 156, Issue 14
*********************************************
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
