[Clamav-devel] Linux trojan binaries
Hi, I am just wondering why ClamAV does not support the detection of certain trojans which are binary executables for Linux, as described here: http://blogs.securiteam.com/index.php/archives/303 I have submitted a sample yesterday morning (while daily.cvd 1368 was recent), now we are at daily.cvd 1372 but the submission wasn't mentioned anywhere. thanks rob. -- ___ http://lurker.clamav.net/list/clamav-devel.html
Re: [Clamav-devel] clamav embedded setup
On Mon, Apr 03, 2006 at 04:45:57PM +0200, [EMAIL PROTECTED] said: > I see however at least 3 clamd processes , each claiming > VmRSS: 10736 kB and after a while (running overnight without > scanning) claiming over 19000 kB (but presumably much of > it beeing shared libraries). These 3 threads are there always after > a'startup and not only during scanning. > > When comparing this with the linux version (current debian sarge, clamav 0.88, > kernel 2.6.15.6 ) and using the same configuratin I see only one thread, > claiming > VmRSS: 10104 kB > > Should I expect to see only a single clamd thread when choosing MaxThreads 1 > ? > What is the memory consumption I should expect after running clamd for > a longer time with the above configuration ? There are generally speaking always at least a couple of threads (I think 3 is correct), but how 'ps' displays processes vs threads is very system dependant. On the sarge machine, I think either of ps -elF or ps axH will show you the threads as seperate LWP ids. As for the rest, I will defer to others for now. -- -- | Stephen Gran | Rome was not built in one day. -- | | [EMAIL PROTECTED] | John Heywood| | http://www.lobefin.net/~steve | | -- signature.asc Description: Digital signature ___ http://lurker.clamav.net/list/clamav-devel.html
[Clamav-devel] clamav embedded setup
Hi all ! First of all, thanks for this great project ! I'm currently looking into porting clamav to an embedded arm-xscale platform with rather tight memory resources (< 64 MB). My cross-compilation for big-endian xscale seems to work accurate as far as I can see by now. I'm working with the current stable release 0.88. I would be interested in your opinion regarding a runtime configuration for clamd optimized for memory consumption. I would prefer to use a single server thread handling a single local socket with successive (not parallel) client connections, i.e only one scan takes place at a time. Thats why I chose the following clamd.conf options LocalSocket /tmp/run/clamav/clamd.ctl MaxThreads 1 ... I see however at least 3 clamd processes , each claiming VmRSS: 10736 kB and after a while (running overnight without scanning) claiming over 19000 kB (but presumably much of it beeing shared libraries). These 3 threads are there always after a'startup and not only during scanning. When comparing this with the linux version (current debian sarge, clamav 0.88, kernel 2.6.15.6 ) and using the same configuratin I see only one thread, claiming VmRSS: 10104 kB Should I expect to see only a single clamd thread when choosing MaxThreads 1 ? What is the memory consumption I should expect after running clamd for a longer time with the above configuration ? Thanks and best regards Peter ___ http://lurker.clamav.net/list/clamav-devel.html
Re: [Clamav-devel] --as-needed in GNU ld
On Tuesday 14 March 2006 14:59, Sergey wrote: > configure: error: Cannot find libmilter > error: Bad exit status from /home/asy/tmp/rpm-tmp.82987 (%build) > > I found what test called as > > gcc -o conftest -g -O2 -lnsl -lmilter -lnsl -lpthread conftest.c -lmilter > -lnsl >&5 > > I think that -l* must be put after conftest.c... Sorry, this is my bug with building shared libmilter. -- Regards, Sergey ___ http://lurker.clamav.net/list/clamav-devel.html
