Re: [Clamav-users] ClamAV 0.80rc2 on MacOS X, addition
On Thu, 23 Sep 2004 11:43:05 +0200 Mr Mailing List <[EMAIL PROTECTED]> wrote: > > freshclam needs to define > > BIND_8_COMPAT > > > for compiling dns.c Fixed in CVS. Thanks, -- oo. Tomasz Kojm <[EMAIL PROTECTED]> (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Sun Sep 26 02:30:51 CEST 2004 pgpQBcXcMptYG.pgp Description: PGP signature
Re: [Clamav-users] Error starting clamd 8.0rc2
On Sat, 25 Sep 2004, Brian Morrison wrote: > On Sat, 25 Sep 2004 06:51:26 -0700 (PDT) in > [EMAIL PROTECTED] Ed Kasky > <[EMAIL PROTECTED]> wrote: > > > Sept. 18 it was removed from clamd and clamav-milter on Sept. 20... > > Very late in the day then, probably explains why the docs are a bit > thin. Kind of like my day yesterday ;-) Ed . . . . . . . . . . . . . . . Randomly generated quote: Please write all your complaints in space reserved --> [] --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Clamav 0.80rc2 on NetBSD 1.6 addition
On Fri, 24 Sep 2004 08:32:24 +0200 Mr Mailing List <[EMAIL PROTECTED]> wrote: > /usr/home/jnp/src/clamav-0.80rc2/xx.c:94: undefined reference to > `gethostbyname_r' > collect2: ld returned 1 exit status Does "./configure --disable-gethostbyname_r" help? -- oo. Tomasz Kojm <[EMAIL PROTECTED]> (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Sun Sep 26 02:26:39 CEST 2004 pgpQmwhgzBXt9.pgp Description: PGP signature
Re: [Clamav-users] 0.80rc build fails (differently) on OSX @ mbox.c, with AND without --with-libcurl
On Tue, 21 Sep 2004 13:43:21 +0900 Masaki Ogawa <[EMAIL PROTECTED]> wrote: > I think this issue caused by double AC_CHECK_HEADER for resolv.h. > The attached patch will fix. Fixed in CVS. Thanks, -- oo. Tomasz Kojm <[EMAIL PROTECTED]> (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Sun Sep 26 02:21:52 CEST 2004 pgpyXHkS6Rpw0.pgp Description: PGP signature
RE: [Clamav-users] Re: Re: Re: Windows port ?
> -Original Message- > From: [EMAIL PROTECTED] [mailto:clamav-users- > [EMAIL PROTECTED] On Behalf Of Tomasz Kojm > Sent: September 25, 2004 12:22 > To: [EMAIL PROTECTED] > Subject: Re: [Clamav-users] Re: Re: Re: Windows port ? > > On Sun, 26 Sep 2004 00:09:22 -0700 > "Mitch (WebCob)" <[EMAIL PROTECTED]> wrote: > > > containing all their proprietary stuff, and write application B, which > > calls product A or uses it's libs, but IS open sourced and GPL'd - > > They can always use clamd (via its socket) without writing any > additional stuff. > [Mitch] I totally agree - except that to do that they have to install cygwin on windows, etc... I think that's what would have started this whole thing - still could be usable that way, though when everything is wrapped in cygwin calls and service emulators (to encapsulate daemon functionality) things can get ugly... he probably started thinking he was simplifying those problems without realizing the size of the ensuing discussion that would follow. Realizing and acknowledging that clam was written focusing on unix in general, mail scanners in particular, I wonder if the clam team would be interested in accepting windows ports of the code... assuming it's doable, and I'm not volunteering. It would just open the product to an even wider audience... of course maybe that's not desirable yet ;-) (considering mirror server loads etc.!) m/ --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: Re: Re: Windows port ?
On Sun, 26 Sep 2004 00:09:22 -0700 "Mitch (WebCob)" <[EMAIL PROTECTED]> wrote: > containing all their proprietary stuff, and write application B, which > calls product A or uses it's libs, but IS open sourced and GPL'd - They can always use clamd (via its socket) without writing any additional stuff. -- oo. Tomasz Kojm <[EMAIL PROTECTED]> (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Sat Sep 25 21:20:18 CEST 2004 pgpsLRbqDkbfO.pgp Description: PGP signature
Re: [Clamav-users] Renaming quarantined files by clamav-milter
Fixed in CVS. -Nigel --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Error starting clamd 8.0rc2
On Sat, 25 Sep 2004 06:51:26 -0700 (PDT) in [EMAIL PROTECTED] Ed Kasky <[EMAIL PROTECTED]> wrote: > Sept. 18 it was removed from clamd and clamav-milter on Sept. 20... Very late in the day then, probably explains why the docs are a bit thin. -- Brian Morrison bdm at fenrir dot org dot uk GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Renaming quarantined files by clamav-milter
On Sat, 25 Sep 2004 16:24:43 +0100, Nigel Horne <[EMAIL PROTECTED]> wrote: >On Saturday 25 Sep 2004 15:41, Steven Stern wrote: >> Can't rename /var/spool/clamav/040924/msg.ShraVX to >> _var_spool_clamav_040924_msg.ShraVX.Worm.SomeFool.P >> >> # clamd --version >> ClamAV 0.80rc/503/Thu Sep 23 14:32:44 2004 >> >> clamav-milter is run as >> >> # more clamav-milter >> CLAMAV_FLAGS="-lo --max-children=10 --noreject --dont-log-clean >> local:/var/run/clamav/clamav-milter.sock --quarantine-dir=/var/spool/clamav " > >What operating system? > Fedora Core 2 linux 2.6.8-1.521 -- Steve --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: AW: [Clamav-users] Re: Re: Re: Windows port ?
> The GPL defines "source" as "the preferred form of the work for making > modifications to it". If the maintainers of the clamav db add new > signatures by unpacking the database, modifying it and packing it again, > it is source code (the act of packing and unpacking is IMHO similar to > tarring and untarring C source files). If they the generate the database > from a different source, which cannot be trivially reconstructed from > the distributed database, it is not source code. In the latter case, the > database cannot be covered by the GPL (you cannot require somebody to > distribute the source if you don't give it to them). > > hp [Mitch (bitblock)] Hi Peter... Isn't just as easy as this? Company B wants to use GPL product A in a closed source commercial product So... They write library B, license it to themselves closed source, containing all their proprietary stuff, and write application B, which calls product A or uses it's libs, but IS open sourced and GPL'd - there's nothing in the GPL that prohibits you from using code within your GPL product that doesn't have the same license - there couldn't be or you could run a GPL app on a BSD system - right? Just a musing... m/ --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: Re: Windows port ?
On 2004-09-24 11:59:36 +0200, Lionel Bouton wrote: > Peter J. Holzer wrote the following on 09/23/2004 12:53 PM : > > >What Remi can do: > > > >1) Write a program (not using any ClamAV source code) which can read the > > ClamAV database (he did that already). This doesn't violate the GPL. > > I won't bet a penny on this : as long as the only usable database is > clamav's one, It may very well be that such a program is a "derivated > work" as it is clearly not usable without clamav dbs. Useability is in the eye of the user. For some users, a small database containing only the current viruses may be just as useful as clamav's database which recognizes 23000+ of them. You could also build a signature file which contains signatures of old MS-Office versions so that you can identify old office documents and convert them to the current version. Or whatever. In any case, it is irrelevant, whether there is only one file with this format or lots of them. The GPL clearly states in section 0: | The "Program", below, refers to any such program or work, and a "work | based on the Program" means either the Program or any derivative work | under copyright law: that is to say, a work containing the Program or a | portion of it, either verbatim or with modifications and/or translated | into another language. If you don't include the database or a portion of it in the distributed copy of your program, you don't violate the GPL. > >2) Create a small database with only a few signatures (don't look at the > > ClamAV db, make this yourself). This also doesn't violate the GPL. > > > >3) Distribute your program with your own database. This also doesn't > > violate the GPL. > > > >4) Users will download the ClamAV database and use it with your program. > > This is also perfectly legitimate. > > Is it ? Don't they knowingly link a non-GPL program against a GPL > library ? Firstly I doubt that the database can be viewed as a library used by the program. If that was the case you wouldn't be allowed to read documentation under the GFDL with notepad.exe, which is clearly not intended by the FSF. Secondly, the GPL doesn't forbid the user to link non-GPL and GPL code. In fact, everybody who links their program on windows or a proprietary unix, or against the libraries of a propietary database does this. It also doesn't forbid the user to make non-GPLed modifications. These restrictions only apply if you distribute the resulting combined work. hp -- _ | Peter J. Holzer| Je höher der Norden, desto weniger wird |_|_) | Sysadmin WSR | überhaupt gesprochen, also auch kein Dialekt. | | | [EMAIL PROTECTED] | Hallig Gröde ist fast gänzlich dialektfrei. __/ | http://www.hjp.at/ | -- Hannes Petersen in desd pgpvkLKZTMVKe.pgp Description: PGP signature
Re: [Clamav-users] Error starting clamd 8.0rc2
On Sat, 25 Sep 2004, Brian Morrison wrote: > On Fri, 24 Sep 2004 17:34:57 -0700 (PDT) in > [EMAIL PROTECTED] "Dennis Peterson" > <[EMAIL PROTECTED]> wrote: > > > I think I found it in the README or NEWS file, but it is definitely > > there- I also had this error before I finished reading the docs. > > The only mention that it is gone seems to be in the Changelog. Yup - found it there... Sept. 18 it was removed from clamd and clamav-milter on Sept. 20... Ed . . . . . . . . . . . . . . . Randomly generated quote: If you're sending someone some Styrofoam, what do you pack it in? -Steven Wright --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Renaming quarantined files by clamav-milter
On Saturday 25 Sep 2004 15:41, Steven Stern wrote: > Can't rename /var/spool/clamav/040924/msg.ShraVX to > _var_spool_clamav_040924_msg.ShraVX.Worm.SomeFool.P > > # clamd --version > ClamAV 0.80rc/503/Thu Sep 23 14:32:44 2004 > > clamav-milter is run as > > # more clamav-milter > CLAMAV_FLAGS="-lo --max-children=10 --noreject --dont-log-clean > local:/var/run/clamav/clamav-milter.sock --quarantine-dir=/var/spool/clamav " What operating system? -Nigel -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Renaming quarantined files by clamav-milter
On Sat, 25 Sep 2004 09:41:01 -0500, Steven Stern <[EMAIL PROTECTED]> wrote: >After going from .75 to .80rc, I'm finding an error reported by logwatch from >clamav-milter. > >Example: > >Can't rename /var/spool/clamav/040924/msg.ShraVX to >_var_spool_clamav_040924_msg.ShraVX.Worm.SomeFool.P > ># clamd --version >ClamAV 0.80rc/503/Thu Sep 23 14:32:44 2004 > >clamav-milter is run as > ># more clamav-milter >CLAMAV_FLAGS="-lo --max-children=10 --noreject --dont-log-clean >local:/var/run/clamav/clamav-milter.sock --quarantine-dir=/var/spool/clamav " Here are the raw lines from maillog Sep 24 19:12:27 ciscy clamav-milter[6376]: i8P0CQ90011259: /var/spool/clamav/040924/msg.ShraVX: Worm.SomeFool.P Intercepted virus from <[EMAIL PROTECTED]> to <[EMAIL PROTECTED]> Sep 24 19:12:27 ciscy clamav-milter[6376]: Can't rename /var/spool/clamav/040924/msg.ShraVX to _var_spool_clamav_040924_msg.ShraVX.Worm.SomeFool.P Sep 24 19:12:27 ciscy sendmail[11263]: i8P0CR4h011263: from=clamav, size=551, class=0, nrcpts=2, msgid=<[EMAIL PROTECTED]>, [EMAIL PROTECTED] Sep 24 19:12:27 ciscy sendmail[11263]: i8P0CR4h011263: to=postmaster, delay=00:00:00, mailer=relay, pri=60551, stat=queued Sep 24 19:12:27 ciscy sendmail[11263]: i8P0CR4h011263: to=<[EMAIL PROTECTED]>, delay=00:00:00, mailer=relay, pri=60551, stat=queued Sep 24 19:12:27 ciscy clamav-milter[6376]: Quarantined infected mail as /var/spool/clamav/040924/msg.ShraVX and, for the record # ll /var/spool/clamav/040924 total 176 -rw--- 1 clamav clamav 42079 Sep 24 18:27 msg.MZoQlq -rw--- 1 clamav clamav 42679 Sep 24 19:12 msg.ShraVX -rw--- 1 clamav clamav 41857 Sep 24 09:09 msg.uddm4v -rw--- 1 clamav clamav 42689 Sep 24 09:58 msg.YlxLMP -- Steve --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Renaming quarantined files by clamav-milter
After going from .75 to .80rc, I'm finding an error reported by logwatch from clamav-milter. Example: Can't rename /var/spool/clamav/040924/msg.ShraVX to _var_spool_clamav_040924_msg.ShraVX.Worm.SomeFool.P # clamd --version ClamAV 0.80rc/503/Thu Sep 23 14:32:44 2004 clamav-milter is run as # more clamav-milter CLAMAV_FLAGS="-lo --max-children=10 --noreject --dont-log-clean local:/var/run/clamav/clamav-milter.sock --quarantine-dir=/var/spool/clamav " -- Steve --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] ERROR: Can't open /var/log/clamd.log in append mode
On Thu, 23 Sep 2004 12:31:13 +0200, Meni Shapiro <[EMAIL PROTECTED]> wrote: >Hi, >I get this message a lot from the crod Daemon. >why? >i run linux crux 1.2 and mimedefang+SA Usually, this means that the clamd process doesn't have write access to the log. If you're running clamd as the user clamav, make sure clamav has rw permission on the file. -- Steve --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Unpacking archive
On Sat, 25 Sep 2004, Tim Rupp wrote: > Try following that prdownloads link until you get to a page that prompts > you to save a file, the one I used for instance to get the file was As a sugestion, I think the link to the downloads page is a bit confusing. It would help those not so familiar with the process at sourceforge to name the link "mirrors" and not the file name. I did the same thing myself. If I click on a file name in a browser I usually get a file and not a page that links you to the file... Ed . . . . . . . . . . . . . . . Randomly generated quote: If you're sending someone some Styrofoam, what do you pack it in? -Steven Wright --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] MailFollowURLs and logs
On Friday 24 Sep 2004 20:17, Brett Simpson wrote: > I have the MailFollowURLS feature enabled on a low priority mail server and was > wondering if there is a way to log that a virus was found from a url. > So far it only logs the name of the virus. Since the email parsing and hence URL following is separate from the AV scanning this is not possible. > Thanks, > Brett -Nigel -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] test windows exploit sigs
On Sat, 2004-09-25 at 10:35, Andy Fiddaman wrote: > A quick question for the database maintainers though - are you planning to > add a signature for this exploit (particularly now that an exploit toolkit > exists) ? All of my commercial scanners here now detect it - F-Prot even > released a new version yesterday to specifically catch it. Yes. There is an issue with the current 0.80rc2 that will cause false positives with this signature though, so it'll need to wait until after that is fixed, which should be this weekend. -trog --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] test windows exploit sigs
Slight modification to the last one. The new .ndb file allows the signature offset to be defined, so instead of * in the third field you should put 0 to anchor the JPEG magic number to the start of the file. The 5 means it is definitely a graphics file before it is checked against the signature but that encompasses more than just JPEGs. Ah... thanks for pointing that out, as it certainly makes it safer :) --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] test windows exploit sigs
On Fri, 24 Sep 2004 [EMAIL PROTECTED] wrote: ; Hi All, ; ; I've done done my *first* ndb sigs for some of the current windows expolits: ; ; JS.dragdrop.1:3:*:64796E7372633D22*2E65786522 ; JS.dragdrop.2:3:*:666F6C6465723D227368656C6C??7374617274757022 ; exploit.jpg:5:*:FFD8FF(E0|FE)*FFFE00(00|01) ; ; They need testing I guess... but no problems here... so far. Slight modification to the last one. The new .ndb file allows the signature offset to be defined, so instead of * in the third field you should put 0 to anchor the JPEG magic number to the start of the file. The 5 means it is definitely a graphics file before it is checked against the signature but that encompasses more than just JPEGs. I'm using Exploit.MS04-028:5:0:ffd8ff(e0|fe)*fffe00(00|01) here which works fine for me. A quick question for the database maintainers though - are you planning to add a signature for this exploit (particularly now that an exploit toolkit exists) ? All of my commercial scanners here now detect it - F-Prot even released a new version yesterday to specifically catch it. Thanks, Andy --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Updating Clamav
* David Chima <[EMAIL PROTECTED]> [20040925 10:57]: wrote: > Hello, > I am new to clamav. I would like to know. How could I update my clamav? I see a lot > of > viruses passing throuth my mail server. I have freshclam and clamav-milter in > /etc/cron.daily. Do these update my clamav database automatically or do I need to do > something. and how do I know that my databse has been updated. Hi David, The short answer: man freshclam The long answer: 1. You need to update your virus database. It's recommended 2 times a day. 2. You can tell freshclam to log it's activities to a file (see the -l option) 3. Your cron writes some output, yes? Have you verified that freshclam actually runs as expected? 4. You need to give information on the version of ClamAv that you run ;) cheers - wash +--+-+ Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) | . 1ere Etage, Loita Hse, Loita St., | GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI | GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 | +-+--+ "Oh My God! They killed init! You Bastards!" --from a /. post --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
AW: [Clamav-users] Updating Clamav
Hi > I am new to clamav. I would like to know. How could I update my clamav? Run freshclam. > I see a lot of viruses passing throuth my mail server. Which mail server? How connected to clamav? > I have freshclam and clamav-milter in /etc/cron.daily. Do these update my clamav database automatically or do I need to do something. freshclam should be enough. clamav-milter should not be startet by cron, it's used to connect some mail servers to clamav. > and how do I know that my databse has been updated. Run freshclam manually, it will show you the currently installed versions: ClamAV update process started at Sat Sep 25 11:12:50 2004 Reading CVD header (main.cvd): OK main.cvd is up to date (version: 27, sigs: 23982, f-level: 2, builder: tomek) Reading CVD header (daily.cvd): OK daily.cvd is up to date (version: 503, sigs: 453, f-level: 2, builder: ccordes) I assume you are missing some configuration here. It is not enough to install clamav (or have clamd runing) to secure anything (as it is usually in Windows). You also need to use that scanner somehow, for example with exiscan-ACLs out of exim. Regards, Steffen smime.p7s Description: S/MIME cryptographic signature
Re: [Clamav-users] Error starting clamd 8.0rc2
On Fri, 24 Sep 2004 17:34:57 -0700 (PDT) in [EMAIL PROTECTED] "Dennis Peterson" <[EMAIL PROTECTED]> wrote: > I think I found it in the README or NEWS file, but it is definitely > there- I also had this error before I finished reading the docs. The only mention that it is gone seems to be in the Changelog. -- Brian Morrison bdm at fenrir dot org dot uk GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Updating Clamav
Hello, I am new to clamav. I would like to know. How could I update my clamav? I see a lot of viruses passing throuth my mail server. I have freshclam and clamav-milter in /etc/cron.daily. Do these update my clamav database automatically or do I need to do something. and how do I know that my databse has been updated. Regards David --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: AW: [Clamav-users] Re: Re: Re: Windows port ?
On 2004-09-22 15:01:14 -0500, [EMAIL PROTECTED] wrote: > Kevin Spicer said: > > On Wed, 2004-09-22 at 14:25, [EMAIL PROTECTED] wrote: > > > >> The database is not a script. It is a binary compilation. > > > > It's not a script, true, but it also is not a binary compilation. If > > you look inside any of the database files unpacked by sigtool (sigtool > > --unpack) you'll note that they are actually a plain text files, one > > line per entry. So I think the previous posters point about them being > > analagous to scripts in that they are their own source is valid. > > > > Zip files are compressed/packed too. Would you consider them source? Or > a container. A container. Or a reversible transformation of the source code. Doesn't matter much. > I was using the term binary as in machine readable. And compilation as > defined by Merriam-Webster: 'to collect and edit into a volume' > > Perhaps not the best choice of wording, but very apparent to me when I > wrote it. > > Source is generally accepted as human readable. A 'cat daily.cvd' yields > something other than human readable. The GPL defines "source" as "the preferred form of the work for making modifications to it". If the maintainers of the clamav db add new signatures by unpacking the database, modifying it and packing it again, it is source code (the act of packing and unpacking is IMHO similar to tarring and untarring C source files). If they the generate the database from a different source, which cannot be trivially reconstructed from the distributed database, it is not source code. In the latter case, the database cannot be covered by the GPL (you cannot require somebody to distribute the source if you don't give it to them). hp -- _ | Peter J. Holzer| Je höher der Norden, desto weniger wird |_|_) | Sysadmin WSR | überhaupt gesprochen, also auch kein Dialekt. | | | [EMAIL PROTECTED] | Hallig Gröde ist fast gänzlich dialektfrei. __/ | http://www.hjp.at/ | -- Hannes Petersen in desd pgpku7UONJJpc.pgp Description: PGP signature