[Clamav-users] Japanese Documentation
Hi, I've updated my Japanese documentation for adjusting current clamav version. Old one (also I wrote on Aug 2002) on www.clamav.net and clamav-xx/docs/Japanese/* is too old and useless. please replace it. current japanese doc is here. http://homepage.mac.com/proc/clamav.html -- Masaki Ogawa [EMAIL PROTECTED] --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] x86_64 install
Hello, Has anyone successfully compiled (version 70 - stable) on a SuSE 9 x86_64 architecture or any x86_64 distrobution architecture for that matter? Quoted from the ClamAV site: "Clam AntiVirus is prepared for the installation on the following operating systems / architectures (tested platforms in brackets): GNU/Linux - all versions and platforms" I'm trying to compile after running the config script (with no errors that I could see) and I get this at the end after running make: *** Warning: linker path does not have real file for library -lgmp. *** I have the capability to make that library automatically link in when *** you link to this library. But I can only do this if you have a *** shared version of the library, which you do not appear to have *** because I did check the linker path looking for a file starting *** with libgmp and none of the candidates passed a file format test *** using a file magic. Last file checked: /lib/libz.so.1.1.4 *** The inter-library dependencies that have been dropped here will be *** automatically added whenever a program is linked with this library *** or is declared to -dlopen it. gcc -shared matcher.lo md5.lo others.lo readdb.lo cvd.lo dsig.lo str.lo scanners.lo unrarlib.lo zzip-dir.lo zzip-err.lo zzip-file.lo zzip-info.lo zzip-io.lo zzip-stat.lo zzip-zip.lo strc.lo blob.lo mbox.lo message.lo strrcpy.lo table.lo text.lo ole2_extract.lo vba_extract.lo -lz /usr/lib/libbz2.so -lpthread -Wl,-soname -Wl,libclamav.so.1 -o libs/libclamav.so.1.0.3 /usr/lib/libbz2.so: could not read symbols: Invalid operation collect2: ld returned 1 exit status make[2]: *** [libclamav.la] Error 1 make[2]: Leaving directory `/home/natedog/Downloads/ClamAV/clamav-0.70-rc/libclamav' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/natedog/Downloads/ClamAV/clamav-0.70-rc' make: *** [all] Error 2 SoI know that most of the libraries are in directories specific to the 64 bit platform like /usr/lib64 etc etc. So neways...my question isis there a way to work around thismaybe a soft link or something? Or am I just missing a normal library that should be there and has nothing to do with the 64 bit architecture? P.S. This is the second time I've sent this because come to find out my first one was sent as HTML - sorry. -- Nathan Peters --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] freshclam PID file .... no where to be found
-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of [EMAIL PROTECTED]Sent: Friday, April 16, 2004 4:45 PMTo: [EMAIL PROTECTED]Subject: [Clamav-users] freshclam PID file no where to be found I have tried: /etc/freshclam.conf PidFile /var/run/pid.file and freshclam -d --config-file=/etc/freshclam.conf --pid=/var/run/pid.file --- But I can't get a freshclam to create a PID file. Anyone else seen this? Does freshclam have permissions to write to /var/run? Jim
[Clamav-users] freshclam PID file .... no where to be found
I have tried: /etc/freshclam.conf PidFile /var/run/pid.file and freshclam -d --config-file=/etc/freshclam.conf --pid=/var/run/pid.file --- But I can't get a freshclam to create a PID file. Anyone else seen this?
RE: [Clamav-users] Problems with clamav and qmailscanner
-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Administrador da RedeSent: Friday, April 16, 2004 3:19 PMTo: >Subject: [Clamav-users] Problems with clamav and qmailscanner I have a qmail system with clamav e qmailscanner. it seems functioning normaly, but I'm having trouble because netsky virus is comin from messages. Some on can help -me? try [EMAIL PROTECTED] bin]# sigtool -l|grep SomeFool if you do not get the same output as below: Worm.SomeFool.Gen-unpWorm.SomeFool.OWorm.SomeFool.PWorm.SomeFool.P-dllWorm.SomeFool.QWorm.SomeFool.NWorm.SomeFool.RWorm.SomeFool.Q.2Exploit.HTML.SomeFool.VWorm.SomeFoolWorm.SomeFool.BWorm.SomeFool.B.2Worm.SomeFool.DWorm.SomeFool.EWorm.SomeFool.FWorm.SomeFool.Gen-1Worm.SomeFool.Gen-2Worm.SomeFool.IWorm.SomeFool.KWorm.SomeFool.LWorm.SomeFool.M Then you have outdated virus definitions. Make sure freshclam is running and that it is saving the database definitions in the same place that clamav is looking for them. If your output is the same as above then there most likely is a configuration problem. In this case we would need to know more information about your setup. Jim
[Clamav-users] FreshClam and Proxy Settings...
Hi all -- I've downloaded and installed ClamAV .7 on my server, and it works really well. All except freshclam, that is. I've created /etc/freshclam.conf (after copying from the distributed file and editing), and changed the server and port settings to read: HTTPProxyServer 192.168.2.4 HTTPProxyPort 3128 Which doesn't appear to work. However, these ARE the settings that the rest of the network uses, as does the server for reading mail and doing ftp and http transfers (lynx or links). I can do an nslookup from the box for the database.clamav.net. However, when I run freshclam from the command line, all I get is: ClamAV update process started at Fri Apr 16 16:10:47 2004 ERROR: Can't connect to port 80 of host database.clamav.net (65.75.154.69) ERROR: Connection with database.clamav.net (IP: 65.75.154.69) failed. Trying again... ClamAV update process started at Fri Apr 16 16:13:57 2004 This proceeds onward for some time. However, if I power up links on the same box, I CAN get to those IP's using those same ports (80?). I'm not using user based authentication on the proxy, just by IP, which works well. Lastly neither freshclam nor clamscan seem to use the log files, which are: -rw---1 clamav root0 Apr 14 15:24 clamd.log -rw---1 clamav root0 Apr 14 15:23 freshclam.log Following is my /etc/freshclam.conf file (comments removed): UpdateLogFile /var/log/freshclam.log LogVerbose DatabaseMirror database.clamav.net MaxAttempts 3 Checks 12 HTTPProxyServer 192.168.2.4 HTTPProxyPort 3128 What do I need to do to get this to work? Thanks. --Anthony --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Problems with clamav and qmailscanner
I have a qmail system with clamav e qmailscanner. it seems functioning normaly, but I'm having trouble because netsky virus is comin from messages. Some on can help -me?
RE: [Clamav-users] clamd segfault
> -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Bill Pitz > Sent: Friday, April 16, 2004 12:10 PM > To: [EMAIL PROTECTED] > Subject: [Clamav-users] clamd segfault > > > I've had an occasional problem with clamd segfaulting. The basics of my > system are as follows: > > Red Hat Linux 9 / 2.4.25 kernel > Sendmail 8.12.11 > clamav-0.68 + clamav-milter > If not already stated already, i'll be the first and suggest an upgrade to the latest cvs. There have been significant bugfixes since 0.68. Jim --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Update: clamav-milter child process issues
On Wed, 14 Apr 2004, I wrote: > On Fri, 9 Apr 2004, I wrote: > > > I have been running ClamAV version devel-20040405 for three days without > > issue, until this morning. > > Actually, clamav-milter had been running for about 28 hours before the > start of the errors. > > > Now, for each virus rejected, the following > > entry appears in the syslog: > > > > /kernel: pid 72343 (clamav-milter), uid 3001: exited on signal 11 > > > > These appear to be from children as the parent proccess continues to > > run. All else appears normal. > > > > System info: > > FreeBSD 4.9-RELEASE-p2 > > clamd / ClamAV version devel-20040405 > > ClamAV version devel-20040405, clamav-milter version 0.70g > > > > # ps ax | grep clam > > 17139 ?? Is 0:00.07 /usr/local/bin/freshclam -d -c 13 > > 40560 ?? Ss 2:41.65 /usr/local/sbin/clamd > > 40568 ?? Ss 0:13.25 /usr/local/sbin/clamav-milter -lonHP -m50 > > This has happened again. After nearly four days of error free operation, > clamav-milter children that find a virus exit sig 11. Also, I found one > clamav-milter child stuck consuming 100% CPU. > > Please note: > - Some amount of time passes from the start of the clamav-milter > parent process before problems with child processes begin. > - ONLY clamav-milter children that report a virus exit sig 11 > (or consume 100% cpu). > - clamav-milter children that DO NOT report a virus exit cleanly. > - Both clamd.log and maillog look normal. Only syslog has errors. > These are milters reporting a virus... > > Apr 13 10:03:12 copland /kernel: pid 33341 (clamav-milter), uid 3001: > exited on signal 11 Shortly after sending the above I realized that in my environment the only functional difference between a milter that reports a virus and one that does not is the email notification. I looked through my logs and found that when a clamav-milter process had reported a virus and exited cleanly, the event was correctly logged in the syslog and the email notification was sent, but when the clamav-milter processes began to sig 11, correct logging to the syslog continued, but email notifications stopped. I have since restarted clamav-milter with the "--quiet" option. Time will tell if this is effective. -- Michael Lambert Systems Admin, IT Dept JEOL USA Inc http://www.jeol.com --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] SuSE 9 x86_64 installation
Tomasz did you reply or did it delete your reply because you replied in html? Or was mine in HTML? Neways..if anyone else has any suggestions read below for my original email. Thanks. P.S. Not trying to be annoying but I don't want this topic to go away because an email was replied to in HTML. -- Nathan Peters - Original Message - From: NateDog To: [EMAIL PROTECTED] Sent: Friday, April 16, 2004 10:29 AM Subject: [Clamav-users] SuSE 9 x86_64 installation Hello, Has anyone successfully compiled (version 70 - stable) on a SuSE 9 x86_64 architecture or any x86_64 distrobution architecture for that matter? Quoted from the ClamAV site: "Clam AntiVirus is prepared for the installation on the following operating systems / architectures (tested platforms in brackets): GNU/Linux - all versions and platforms" I'm trying to compile after running the config script (with no errors that I could see) and I get this at the end after running make: *** Warning: linker path does not have real file for library -lgmp. *** I have the capability to make that library automatically link in when *** you link to this library. But I can only do this if you have a *** shared version of the library, which you do not appear to have *** because I did check the linker path looking for a file starting *** with libgmp and none of the candidates passed a file format test *** using a file magic. Last file checked: /lib/libz.so.1.1.4 *** The inter-library dependencies that have been dropped here will be *** automatically added whenever a program is linked with this library *** or is declared to -dlopen it. gcc -shared matcher.lo md5.lo others.lo readdb.lo cvd.lo dsig.lo str.lo scanners.lo unrarlib.lo zzip-dir.lo zzip-err.lo zzip-file.lo zzip-info.lo zzip-io.lo zzip-stat.lo zzip-zip.lo strc.lo blob.lo mbox.lo message.lo strrcpy.lo table.lo text.lo ole2_extract.lo vba_extract.lo -lz /usr/lib/libbz2.so -lpthread -Wl,-soname -Wl,libclamav.so.1 -o libs/libclamav.so.1.0.3 /usr/lib/libbz2.so: could not read symbols: Invalid operation collect2: ld returned 1 exit status make[2]: *** [libclamav.la] Error 1 make[2]: Leaving directory `/home/natedog/Downloads/ClamAV/clamav-0.70-rc/libclamav' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/natedog/Downloads/ClamAV/clamav-0.70-rc' make: *** [all] Error 2 SoI know that most of the libraries are in directories specific to the 64 bit platform like /usr/lib64 etc etc. So neways...my question isis there a way to work around thismaybe a soft link or something? Or am I just missing a normal library that should be there and has nothing to do with the 64 bit architecture? -- Nathan Peters --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamd segfault
I've had an occasional problem with clamd segfaulting. The basics of my system are as follows: Red Hat Linux 9 / 2.4.25 kernel Sendmail 8.12.11 clamav-0.68 + clamav-milter Here are a few lines from my clamd logfile, leading up to the point of the segfault: Thu Apr 15 13:16:09 2004 -> /var/spool/quarantine/msg.RUn5yx: Worm.Bagle.N FOUND Thu Apr 15 13:16:10 2004 -> /var/spool/quarantine/msg.cCKcwi: Worm.Bagle.N FOUND Thu Apr 15 13:16:17 2004 -> /var/spool/quarantine/msg.4wGSbv: Worm.SomeFool.Gen-1 FOUND Thu Apr 15 13:16:28 2004 -> /var/spool/quarantine/msg.65IM3b: Worm.SomeFool.Gen-1 FOUND Thu Apr 15 13:16:36 2004 -> /var/spool/quarantine/msg.XtmPzP: Worm.SomeFool.Gen-1 FOUND Thu Apr 15 13:21:48 2004 -> /var/spool/quarantine/msg.OMoBrW: Worm.SomeFool.Gen-2 FOUND Thu Apr 15 13:22:20 2004 -> /var/spool/quarantine/msg.KJ6QsC: Worm.SomeFool.P FOUND Thu Apr 15 13:22:22 2004 -> /var/spool/quarantine/msg.pdBMFc: Worm.SomeFool.P FOUND Thu Apr 15 13:22:58 2004 -> Segmentation fault :-( Bye.. At the same time, the following appears in /var/log/messages: Apr 15 13:22:58 svn clamav-milter: clamfi_eom: read nothing from clamd My /etc/clamav.conf: --snip-- LogFile /var/log/clamd.log LogFileMaxSize 20M LogTime PidFile /var/run/clamav/clamd.pid DataDirectory /usr/share/clamav LocalSocket /var/run/clamav/clamd.sock StreamSaveToDisk StreamMaxLength 2M MaxThreads 20 ThreadTimeout 300 MaxDirectoryRecursion 15 User clamav ScanMail ScanArchive ArchiveMaxFileSize 10M ArchiveMaxRecursion 5 ArchiveMaxFiles 1000 #ClamukoScanOnLine ClamukoScanOnOpen ClamukoScanOnClose ClamukoScanOnExec ClamukoIncludePath /home #ClamukoIncludePath /students #ClamukoExcludePath /home/guru ClamukoMaxFileSize 1M ClamukoScanArchive --snip-- clamav-mitler is being started with the following arguments: --max-children=15 local:/var/run/clamav/clamav.sock -q -U /var/spool/quarantine -d Any ideas as to what could be causing this or what I can do to prevent it? Unfortunately, this is all of the information I have been able to get. It's happened twice now.. the first time was a couple of months ago, with clamav-0.67. Thanks, -Bill --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] OpenBSD 3.4
Title: RE: [Clamav-users] OpenBSD 3.4 >>> OpenBSD 3.4>Is there a version of CLAMAV that runs on OpenBSD 3.4 ? I get >>> the following message when trying to >install Clamav-0.6.8 on OpenBSD 3.4. >>> >>> >>> http://www.fatbsd.com/ >>> >>> >>> >>> >>> >>> I went there, and downloaded both Clamav-0.68-1_3.4.tar.gz and >>Clamav-0.67-1_3.4.tar.gz. When I tried to install them on OPENBSD 6.4 I got >>this message. >>> >>> $ zcat clamav-0.68-1_3.4.tar.gz | tar xvf - >>> zcat: clamav-0.68-1_3.4.tar.gz: No such file or directory >>> tar: End of archive volume 1 reached >>> tar: Sorry, unable to determine archive format. >>Hello, >>Try to download the archive again. "$ zcat clamav-0.68-1_3.4.tar.gz | tar >>xvf -" is working fine for me on 3.4 >>Try this: >> >># wget http://www.fatbsd.com/openbsd/clamav-0.68-1_3.4.tar.gz >># tar -xzvf clamav-0.68-1_3.4.tar.gz >># cd clamav-0.68-1 >># make uninstall >># make >># su >># make install >> >>:-p >>It must work fine. >> >>++ Jerome >> >> >I tried that, and now I get the message ># cd clamav-0.68-1 ># make uninstall >"/usr/share/mk/bsd.port.mk", line 3: Could not find /usr/ports/infrastructure/mk/bsd.port.mk >Fatal errors encountered -- cannot continue Do you have the ports.tar.gz for 3.4 up to date? You must have the 3.4 version. You have to get ftp://ftp.openbsd.org/pub/OpenBSD/3.4/ports.tar.gz and decompress it (# tar -xzvf /where/you/downloaded/the/archive/ports.tar.gz -C /usr) ++ Jerome It installed with no problems now, thanks.
[Clamav-users] SuSE 9 x86_64 installation
Hello, Has anyone successfully compiled (version 70 - stable) on a SuSE 9 x86_64 architecture or any x86_64 distrobution architecture for that matter? Quoted from the ClamAV site: "Clam AntiVirus is prepared for the installation on the following operating systems / architectures (tested platforms in brackets): GNU/Linux - all versions and platforms" I'm trying to compile after running the config script (with no errors that I could see) and I get this at the end after running make: *** Warning: linker path does not have real file for library -lgmp.*** I have the capability to make that library automatically link in when*** you link to this library. But I can only do this if you have a*** shared version of the library, which you do not appear to have*** because I did check the linker path looking for a file starting*** with libgmp and none of the candidates passed a file format test*** using a file magic. Last file checked: /lib/libz.so.1.1.4*** The inter-library dependencies that have been dropped here will be*** automatically added whenever a program is linked with this library*** or is declared to -dlopen it.gcc -shared matcher.lo md5.lo others.lo readdb.lo cvd.lo dsig.lo str.lo scanners.lo unrarlib.lo zzip-dir.lo zzip-err.lo zzip-file.lo zzip-info.lo zzip-io.lo zzip-stat.lo zzip-zip.lo strc.lo blob.lo mbox.lo message.lo strrcpy.lo table.lo text.lo ole2_extract.lo vba_extract.lo -lz /usr/lib/libbz2.so -lpthread -Wl,-soname -Wl,libclamav.so.1 -o .libs/libclamav.so.1.0.3/usr/lib/libbz2.so: could not read symbols: Invalid operationcollect2: ld returned 1 exit statusmake[2]: *** [libclamav.la] Error 1make[2]: Leaving directory `/home/natedog/Downloads/ClamAV/clamav-0.70-rc/libclamav'make[1]: *** [all-recursive] Error 1make[1]: Leaving directory `/home/natedog/Downloads/ClamAV/clamav-0.70-rc'make: *** [all] Error 2 SoI know that most of the libraries are in directories specific to the 64 bit platform like /usr/lib64 etc etc. So neways...my question isis there a way to work around thismaybe a soft link or something? Or am I just missing a normal library that should be there and has nothing to do with the 64 bit architecture? -- Nathan Peters
Re: [Clamav-users] System scan...
Now how to find the infected ones ??? I have Bin looking for logfiles but canot find it Why do you assume you should be spoonfed here? Type man clamscan in your shell and it will give you all information you need. B. Slackware rocks. --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Delete infected email
I use clamassassin and procmail to filter the virus mail clamassassin is a script that runs clamscan and puts headers inthe email much like spamassassin. you can then use procmail to send it any where you want a specific holding folder, or straight to /dev/null see http://drivel.com/clamassassin/ Marco Draghi wrote: Hi, I've been using Clamav on Cyrus imap mail server. Clamscan works great on mbox, but I'd like to delete automatically infected mail after clamscan. How can I set it? Thanks, Marco. --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] System scan...
On Fri, 16 Apr 2004 18:36:57 +0530, Dilip M <[EMAIL PROTECTED]> wrote: On Fri, 16 Apr 2004 14:20:39 +0200, Mike van Vugt <[EMAIL PROTECTED]> wrote: Scaned a lot of files: --- SCAN SUMMARY --- Known viruses: 21074 Scanned directories: 9239 Scanned files: 97704 Infected files: 8 Data scanned: 13575.66 MB I/O buffer size: 131072 bytes Time: 6137.270 sec (102 m 17 s) [EMAIL PROTECTED] root]# Now how to find the infected ones ??? I have Bin looking for logfiles but canot find it EX:grep 'FOUND' $grep 'FOUND' /var/log/clamav/clamd.log :) -Dilip -- Sorry for my engalishit not my mother tongue ;) --- --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] System scan...
On Friday 16 April 2004 1:20 pm, Mike van Vugt wrote: > Scaned a lot of files: > > --- SCAN SUMMARY --- > Known viruses: 21074 > Scanned directories: 9239 > Scanned files: 97704 > Infected files: 8 > Data scanned: 13575.66 MB > I/O buffer size: 131072 bytes > Time: 6137.270 sec (102 m 17 s) > [EMAIL PROTECTED] root]# > > Now how to find the infected ones ??? I have Bin looking for logfiles > but canot find it Maybe you should have used the "-i" option to clamscan in order to get it to print the names of the infected files? Please try "clamscan --help" on your machine and see if it is useful. Regards, Antony. -- Most people are aware that the Universe is big. - Paul Davies, Professor of Theoretical Physics Please reply to the list; please don't CC me. --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] System scan...
Scaned a lot of files: --- SCAN SUMMARY --- Known viruses: 21074 Scanned directories: 9239 Scanned files: 97704 Infected files: 8 Data scanned: 13575.66 MB I/O buffer size: 131072 bytes Time: 6137.270 sec (102 m 17 s) [EMAIL PROTECTED] root]# Now how to find the infected ones ??? I have Bin looking for logfiles but canot find it Regards, -- - Mike van Vugt - ICQ: 291077353 - - Mail: [EMAIL PROTECTED] - --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Delete infected email
Marco Draghi wrote: Hi, I've been using Clamav on Cyrus imap mail server. Clamscan works great on mbox, but I'd like to delete automatically infected mail after clamscan. How can I set it? Thanks, Marco. As answered previously on this list Make sure you only scan one peice of email each time you call clamscan, then by using the return code delete it/quarantine it/flag it/whatever If their are in a mbox spool file, tools such as formail can help you with that. You will probaly see a large performance improvement in the above by using clamd with the ScanMail directive uncommented in /etc/clamav.conf or wherever your is. I have found that you can usualy do something like this cat $email_msg | clamdscan - --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Delete infected email
Hi, I've been using Clamav on Cyrus imap mail server. Clamscan works great on mbox, but I'd like to delete automatically infected mail after clamscan. How can I set it? Thanks, Marco.
RE: [Clamav-users] Complete system scan...
> [ ] > > > > On Thu, 2004-04-15 at 19:35, Brad Morgan wrote: > > > > > > > > What command can I use to scan my compleet system ??? > > > > > > > If its a *nix system, "find / -name daily.cvd" should work. > > > > > > If its a Windows system, Start, Search, For files & folders..., > > and enter > > > daily.cvd in the appropriate place. The exact wording and > > location of the > > > search tool depends on which flavor of Windows you are running. > > > > > > If its some other operating system, tell us and hopefully, > > someone on this > > > list can give you directions. > > > > $ more /etc/mandrake-release ; rpm -qa|grep -i kernel > > Mandrake Linux release 10.0 (RC1) for i586 > > kernel-2.6.2.3mdk-1-1mdk > > > > Trying both options... could take a while I think... Nothing happends, > > the only thing I see is a blinking cursor ;-)) > > > > > This will in no way scan your system. It will however locate where your > virus database definitions are. There have been many other replies to this > question with the correct answer. As i stated before "clamscan -r /" will > do it. > > Jim This works ;-)) Regards, -- - Mike van Vugt - ICQ: 291077353 - - Mail: [EMAIL PROTECTED] - --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] know virus not detected
On 15 Apr 2004 at 10:15, Steven Stern wrote: > On Thu, 15 Apr 2004 13:09:29 +0200, "Andrea Trasatti" <[EMAIL PROTECTED]> > wrote: > > > > >I update my virii DB once everyday this is my latest update status: > >ClamAV update process started at Thu Apr 15 02:00:00 2004 > >SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES > >main.cvd is up to date (version: 22, sigs: 20229, f-level: 1, builder: tkojm) > >daily.cvd updated (version: 263, sigs: 844, f-level: 1, builder: ccordes) > >Database updated (21073 signatures) from database.clamav.net (212.31.160.239). > > > > > We've seen this many times on the list. Search your entire file system for > main.cvd and daily.cvd. Do you find more than one copy? If so, the updates are > going one place and the scanner is using another set. You'll need to check all > your command lines and .conf files to find the disparity. First of all sorry for a repeated question I am not really comfortable with SF's mailinglist archives interface. I checked my system: server log # find / -name main.cvd /var/lib/clamav/main.cvd server log # find / -name daily.cvd /var/lib/clamav/daily.cvd As you can see I have a single main.cvd and daily.cvd. Any other idea? - Andrea --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Problems with Clamav and freshclam
On Fri, 16 Apr 2004 at 9:40:26 +0200, Jorge Rodríguez wrote: > > I have installed on my email server qmail, spamassassin, clamav-freshclam, > qmail-scanner and vpopmail, all, except vpopmail, through apt-get in debian. You missed a few needed packages! Like clamav, clamav-base, clamav-daemon, clamav-testfiles, libclamav1. > It seems all is ok, but I have no clamav.conf, it supposed to be in > /etc/clamav. Instead of this file I have freshclam.conf but into this file > there's none of the options it has to be into clamav.conf. > > Daemon fresh-clam works fine, it starts correctly but I don't see clamd > running. Is it should be running? [...] -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] | ones and zeros. [EMAIL PROTECTED] http://www.ClamAV.net/ A GPL virus scanner --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Problems with Clamav and freshclam
Hi people, I have installed on my email server qmail, spamassassin, clamav-freshclam, qmail-scanner and vpopmail, all, except vpopmail, through apt-get in debian. It seems all is ok, but I have no clamav.conf, it supposed to be in /etc/clamav. Instead of this file I have freshclam.conf but into this file there's none of the options it has to be into clamav.conf. Daemon fresh-clam works fine, it starts correctly but I don't see clamd running. Is it should be running? /usr/bin/freshclam --daemon --quiet --pid /var/run/clamav/freshclam.pid In addition, when freshclam updates the antivirus database I receive this message in freshclam.log: ClamAV update process started at Thu Apr 15 14:22:21 2004 main.cvd is up to date (version: 22, sigs: 20229, f-level: 1, builder: tkojm) daily.cvd updated (version: 264, sigs: 845, f-level: 1, builder: diego) Database updated (21074 signatures) from database.clamav.net (213.203.254.4). ERROR: Clamd was NOT notified: Can't find or parse configuration file /etc/clamav/clamav.conf And qmail-scanner doesn't work anymore. Then I downloaded an example for clamav.conf file, with defaults options most of them, and make freshclam to update manually, this is the result: ClamAV update process started at Fri Apr 16 09:21:56 2004 main.cvd updated (version: 22, sigs: 20229, f-level: 1, builder: tkojm) daily.cvd updated (version: 264, sigs: 845, f-level: 1, builder: diego) Database updated (21074 signatures) from database.clamav.net (152.66.249.132). ERROR: Clamd was NOT notified: Can't connect to clamd on 127.0.0.1:3310 It seems socket on port 3310 doesn't start. Can anyone help me?? I'm driving crazy with this... Thanks a lot, Jorge Rodríguez [EMAIL PROTECTED] Clave PGP Pública: http://www.imaggina.es/pgp/JorgeRodriguez.asc --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Netsky -V
Andrew Mouawad wrote: Hi, Just heard a report of a new virus called netsky -v that is doing the rounds. Apparently works only on an up-patched OE, but does not need an attachment to be opened, just for the user to click on the subject line. Haven't heard of this one, or find anything on the net yet. Any one else seen or heard of this one? http://securityresponse.symantec.com/avcenter/venc/data/[EMAIL PROTECTED] --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] OpenBSD 3.4
>>> OpenBSD 3.4>Is there a version of CLAMAV that runs on OpenBSD 3.4 ? I get >>> the following message when trying to >install Clamav-0.6.8 on OpenBSD 3.4. >>> >>> >>> http://www.fatbsd.com/ >>> >>> >>> >>> >>> >>> I went there, and downloaded both Clamav-0.68-1_3.4.tar.gz and >>Clamav-0.67-1_3.4.tar.gz. When I tried to install them on OPENBSD 6.4 I got >>this message. >>> >>> $ zcat clamav-0.68-1_3.4.tar.gz | tar xvf - >>> zcat: clamav-0.68-1_3.4.tar.gz: No such file or directory >>> tar: End of archive volume 1 reached >>> tar: Sorry, unable to determine archive format. >>Hello, >>Try to download the archive again. "$ zcat clamav-0.68-1_3.4.tar.gz | tar >>xvf -" is working fine for me on 3.4 >>Try this: >> >># wget http://www.fatbsd.com/openbsd/clamav-0.68-1_3.4.tar.gz >># tar -xzvf clamav-0.68-1_3.4.tar.gz >># cd clamav-0.68-1 >># make uninstall >># make >># su >># make install >> >>:-p >>It must work fine. >> >>++ Jerome >> >> >I tried that, and now I get the message ># cd clamav-0.68-1 ># make uninstall >"/usr/share/mk/bsd.port.mk", line 3: Could not find /usr/ports/infrastructure/mk/bsd.port.mk >Fatal errors encountered -- cannot continue Do you have the ports.tar.gz for 3.4 up to date? You must have the 3.4 version. You have to get ftp://ftp.openbsd.org/pub/OpenBSD/3.4/ports.tar.gz and decompress it (# tar -xzvf /where/you/downloaded/the/archive/ports.tar.gz -C /usr) ++ Jerome --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Netsky -V
Hi, Just heard a report of a new virus called netsky -v that is doing the rounds. Apparently works only on an up-patched OE, but does not need an attachment to be opened, just for the user to click on the subject line. Haven't heard of this one, or find anything on the net yet. Any one else seen or heard of this one? Kind Regards, Andrew Mouawad http://www.earthlink.com.au * Unlimited ADSL from $69.95 p/m 256/64K Speed http://adsl.earthlink.com.au Unlimited Dialup Internet $18.95 p/m including Free Virus & Spam Filter * Tel: 03 9735 2069 Fax: 03 9735 2082 Mobile: 0400 735 350 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users