Hello Tom, I used the lowercase...I think it was Outlook that capitalized the first letter of each command. It still isn't working for me. Perhaps it is because I'm using a WORKSTATION version of RHEL 6? FYI This is not a standard RHEL Server version...do you think that may have something to do with it?
With no network connection here is what yum tells me. Note the path to the workstation repository: [root@ISFAV-Linux Desktop]# yum install -y epel-release Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security, : subscription-manager Setting up Install Process https://cdn.redhat.com/content/dist/rhel/workstation/6/6Workstation/x86_64/os/repodata/repomd.xml: [Errno 14] PYCURL ERROR 6 - "Couldn't resolve host 'cdn.redhat.com'" Trying other mirror. No package epel-release available. Error: Nothing to do Here is yum output with network connection: [root@ISFAV-Linux Desktop]# yum install -y epel-release Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security, : subscription-manager Setting up Install Process rhel-6-workstation-rpms | 3.5 kB 00:00 rhel-6-workstation-rpms/primary_db | 61 MB 00:55 No package epel-release available. Error: Nothing to do [root@ISFAV-Linux Desktop]# yum install -y clamav Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security, subscription-manager Setting up Install Process No package clamav available. Error: Nothing to do Regards Jason -----Original Message----- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of clamav-users-requ...@lists.clamav.net Sent: Wednesday, November 15, 2017 12:00 PM To: clamav-users@lists.clamav.net Subject: clamav-users Digest, Vol 156, Issue 14 Send clamav-users mailing list submissions to clamav-users@lists.clamav.net To subscribe or unsubscribe via the World Wide Web, visit http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users or, via email, send a message with subject or body 'help' to clamav-users-requ...@lists.clamav.net You can reach the person managing the list at clamav-users-ow...@lists.clamav.net When replying, please edit your Subject line so it is more specific than "Re: Contents of clamav-users digest..." Today's Topics: 1. RHEL 6 Clam AV Installation (Walker, Jason T) 2. Re: RHEL 6 Clam AV Installation (Thomas McCourt (tmccourt)) 3. Re: RHEL 6 Clam AV Installation (Reindl Harald) 4. Re: password protected encrypted .docx files (Al Varnell) 5. Re: password protected encrypted .docx files (Mark Foley) ---------------------------------------------------------------------- Message: 1 Date: Tue, 14 Nov 2017 19:07:33 +0000 From: "Walker, Jason T" <jason.wal...@gd-ms.com> To: "clamav-users@lists.clamav.net" <clamav-users@lists.clamav.net> Subject: [clamav-users] RHEL 6 Clam AV Installation Message-ID: <64613dda3217475392343571a261a...@vadc-mmb03.gd-ms.us> Content-Type: text/plain; charset="us-ascii" Hello, I'm trying to install your product on a RHEL 6.9 PC. Your documentation refers to the yum repository as a source of the RPM file, however yum replies that the RPMs do not exist for the following packages: 1) Epel-release 2) Clamav Any assistance on this installation is appreciated. Regards Jason ------------------------------ Message: 2 Date: Tue, 14 Nov 2017 19:35:17 +0000 From: "Thomas McCourt (tmccourt)" <tmcco...@cisco.com> To: ClamAV users ML <clamav-users@lists.clamav.net> Subject: Re: [clamav-users] RHEL 6 Clam AV Installation Message-ID: <7de5892f-0f35-48a3-a5fe-2a7ecdbb0...@cisco.com> Content-Type: text/plain; charset="utf-8" Hello Jason, Using Yum, I can do the following command and download both Epel-release and clamav. This of course, downloads 99.2 (not the beta version). yum install -y epel-release yum install -y clamav Duck]# yum install -y epel-release Loaded plugins: fastestmirror, refresh-packagekit, security Setting up Install Process Loading mirror speeds from cached hostfile * base: distro.ibiblio.org * extras: mirror.umd.edu * updates: mirror.cs.vt.edu Resolving Dependencies --> Running transaction check ---> Package epel-release.noarch 0:6-8 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: epel-release noarch 6-8 extras 14 k Transaction Summary ================================================================================ Install 1 Package(s) Total download size: 14 k Installed size: 22 k Downloading Packages: epel-release-6-8.noarch.rpm | 14 kB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : epel-release-6-8.noarch 1/1 Verifying : epel-release-6-8.noarch 1/1 Installed: epel-release.noarch 0:6-8 I am wondering if it is because you capitalized the ?E? in epel-release. Try it by lowercasing it, to see if it works. Double checking- capitalizing the ?e? in epel-release finds no results. Thank you, Tom McCourt On 11/14/17, 2:07 PM, "clamav-users on behalf of Walker, Jason T" <clamav-users-boun...@lists.clamav.net on behalf of jason.wal...@gd-ms.com> wrote: >Hello, > >I'm trying to install your product on a RHEL 6.9 PC. Your documentation >refers to the yum repository as a source of the RPM file, however yum replies >that the RPMs do not exist for the following packages: > > >1) Epel-release > >2) Clamav > >Any assistance on this installation is appreciated. > >Regards >Jason > >_______________________________________________ >clamav-users mailing list >clamav-users@lists.clamav.net >http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > >Help us build a comprehensive ClamAV guide: >https://github.com/vrtadmin/clamav-faq > >http://www.clamav.net/contact.html#ml ------------------------------ Message: 3 Date: Tue, 14 Nov 2017 20:37:02 +0100 From: Reindl Harald <h.rei...@thelounge.net> To: clamav-users@lists.clamav.net Subject: Re: [clamav-users] RHEL 6 Clam AV Installation Message-ID: <b6805a3a-720a-33ba-5bf4-a6d5ba042...@thelounge.net> Content-Type: text/plain; charset=utf-8; format=flowed Am 14.11.2017 um 20:07 schrieb Walker, Jason T: > I'm trying to install your product on a RHEL 6.9 PC. Your documentation > refers to the yum repository as a source of the RPM file, however yum replies > that the RPMs do not exist for the following packages: > > > 1) Epel-release > > 2) Clamav > > Any assistance on this installation is appreciated you hardly can install a yum repo itself via yum and hence here you go: https://fedoraproject.org/wiki/EPEL - however, why installing RHEL6 in 2017? ------------------------------ Message: 4 Date: Wed, 15 Nov 2017 01:14:00 -0800 From: Al Varnell <alvarn...@mac.com> To: ClamAV users ML <clamav-users@lists.clamav.net> Subject: Re: [clamav-users] password protected encrypted .docx files Message-ID: <96cdeeb0-6975-4a45-951e-180336b15...@mac.com> Content-Type: text/plain; charset="us-ascii" On Tue, Nov 14, 2017 at 07:45 AM, Mark Foley wrote: > I found this older message in the archives. I'm receiving a lot of > fake "Invoice" messages with attached encrypted .doc files that run VB > scripts and execute .exe files. > > I'd like to block encrypted Word documents. Interestingly, as Reindl > Harald says, ".docx files *are* zip files", but lately I've been > getting .doc files which are really .docx file. KDE Dolphin isn't > deceived and opens the attachment as an archive, but Word in WIN7 goes > ahead and opens it as a document. If I rename the document to .docx, > then Dolphin opens it in LibreOffice. > > So, will ArchiveblockEncrypted work on .doc files too? I.e. is clamav > smart enough to look beyond the extension? In general, yes, clamAV doesn't pay attention to extensions and looks for document signatures that are usually at the top of a file to determine file type. That being said, I can't confirm exactly how it handles .doc and .docx files. -Al- > Will ArchiveblockEncrypted block *ALL* encrypted archives including zip? > > Finally, Dino Edwards wrote: > >> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf >> (it's off by default) > > Is that a typeo? Did he mean "you can turn ArchiveBlockEncrypted on in > clamd.conf"? Seems like turning this "off" would NOT block encrypted files. > > THX --Mark > > -----Original Message----- >> Date: Wed, 5 Apr 2017 21:19:47 +0200 >> From: Reindl Harald <h.rei...@thelounge.net >> <mailto:h.rei...@thelounge.net>> >> >> technically .docx *are* zip files >> >> Am 05.04.2017 um 21:08 schrieb Dino Edwards: >>> Didn't realize the ArchiveblockEncrypted included MS Word files. I >>> thought it would be for password protected zip rar and such >>> >>> -----Original Message----- >>> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net >>> <mailto:clamav-users-boun...@lists.clamav.net>] On Behalf Of Benny >>> Pedersen >>> Sent: Wednesday, April 5, 2017 11:22 AM >>> To: clamav-users@lists.clamav.net >>> <mailto:clamav-users@lists.clamav.net> >>> Subject: Re: [clamav-users] password protected encrypted .docx files >>> >>> Dino Edwards skrev den 2017-04-05 16:48: >>>> Any way to get clamav to block password protected Microsoft word files? >>> >>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf >>> (it's off by default) >>> >>> if not working pastebin your clamconf (clamav section only) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3569 bytes Desc: not available URL: <http://lists.clamav.net/pipermail/clamav-users/attachments/20171115/5d85189e/attachment-0001.bin> ------------------------------ Message: 5 Date: Wed, 15 Nov 2017 11:56:27 -0500 From: Mark Foley <mfo...@novatec-inc.com> To: clamav-users@lists.clamav.net Subject: Re: [clamav-users] password protected encrypted .docx files Message-ID: <201711151656.vafgurjw006...@server.novatec-inc.com> Content-Type: text/plain; charset=us-ascii On Wed 15 Nov 2017 01:14:00 -0800 Al Varnell <alvarn...@mac.com> wrote: >On Tue, Nov 14, 2017 at 07:45 AM, Mark Foley wrote: >> I found this older message in the archives. I'm receiving a lot of >> fake "Invoice" messages with attached encrypted .doc files that run >> VB scripts and execute .exe files. >> >> I'd like to block encrypted Word documents. Interestingly, as Reindl >> Harald says, ".docx files *are* zip files", but lately I've been >> getting .doc files which are really .docx file. KDE Dolphin isn't >> deceived and opens the attachment as an archive, but Word in WIN7 >> goes ahead and opens it as a document. If I rename the document to >> .docx, then Dolphin opens it in LibreOffice. >> >> So, will ArchiveblockEncrypted work on .doc files too? I.e. is clamav >> smart enough to look beyond the extension? > > In general, yes, clamAV doesn't pay attention to extensions and looks for > document signatures that are usually at the top of a file to determine file > type. That being said, I can't confirm exactly how it handles .doc and .docx > files. > Thanks Al. I'll turn this on and experiment. I'll post back my findings. Does anyone have exerience with this? >-Al- > >> Will ArchiveblockEncrypted block *ALL* encrypted archives including zip? >> >> Finally, Dino Edwards wrote: >> >>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf >>> (it's off by default) >> >> Is that a typeo? Did he mean "you can turn ArchiveBlockEncrypted on >> in clamd.conf"? Seems like turning this "off" would NOT block encrypted >> files. >> >> THX --Mark >> >> -----Original Message----- >>> Date: Wed, 5 Apr 2017 21:19:47 +0200 >>> From: Reindl Harald <h.rei...@thelounge.net >>> <mailto:h.rei...@thelounge.net>> >>> >>> technically .docx *are* zip files >>> >>> Am 05.04.2017 um 21:08 schrieb Dino Edwards: >>>> Didn't realize the ArchiveblockEncrypted included MS Word files. I >>>> thought it would be for password protected zip rar and such >>>> >>>> -----Original Message----- >>>> From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net >>>> <mailto:clamav-users-boun...@lists.clamav.net>] On Behalf Of Benny >>>> Pedersen >>>> Sent: Wednesday, April 5, 2017 11:22 AM >>>> To: clamav-users@lists.clamav.net >>>> <mailto:clamav-users@lists.clamav.net> >>>> Subject: Re: [clamav-users] password protected encrypted .docx >>>> files >>>> >>>> Dino Edwards skrev den 2017-04-05 16:48: >>>>> Any way to get clamav to block password protected Microsoft word files? >>>> >>>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf >>>> (it's off by default) >>>> >>>> if not working pastebin your clamconf (clamav section only) ------------------------------ Subject: Digest Footer _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ------------------------------ End of clamav-users Digest, Vol 156, Issue 14 ********************************************* _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml