Re: [Clamav-users] ClamAV integration
At 08:19 PM 8/14/2006, Nigel Horne wrote: Babu.N wrote: Any pointers on Clam AV API details ? like available API, functionality description, expected inputs, return values, .. Did you look in the docs directory that came with the source code? Docs directory has clamdoc.pdf. I hope this is the doc you are referring to. I'm going through the doc now. Thanks for all the responses. thanks, babu thanks, babu -Nigel ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav segfaulting when scanning infected files
Ben Lull wrote: Hello, I recently wrote a program which uses libclamav. However, whenever I scan an infected file (archive, plain file, etc..) the call to cl_scanfile() segfaults. When I scan a clean file, there is no problem. I'm guessing this has something to do with how I'm init'ing the virus database, but thats just a guess. You can take a look at my code at http://blull.storagefreak.com/main.c The program segfaults on line 242. I'm pretty stuck here, I've spent the last 12 hours working on this and have exhausted the mailing archives, irc, and google. I advise you to ask this on clamav-devel, rather than clamav-users. Thanks, Ben -Nigel ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav segfaulting when scanning infected files
Ben Lull wrote: Hello, I recently wrote a program which uses libclamav. However, whenever I scan an infected file (archive, plain file, etc..) the call to cl_scanfile() segfaults. When I scan a clean file, there is no problem. I'm guessing this has something to do with how I'm init'ing the virus database, but thats just a guess. You can take a look at my code at http://blull.storagefreak.com/main.c The program segfaults on line 242. I'm pretty stuck here, I've spent the last 12 hours working on this and have exhausted the mailing archives, irc, and google. Thanks, Ben Good guess. You've declared struct cl_node **root = NULL;, but it should be struct cl_node *root = NULL; instead. Also, I believe cl_buildtrie() is deprecated, you should use cl_build() now. See the API. The only other flag you need is CL_SCAN_BLOCKMAX, CL_SCAN_STDOPT already includes the rest. -- Brian Bebeau SecurePipe, Inc. [EMAIL PROTECTED] ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav segfaulting when scanning infected files
I actually caught that already and changed it. Still getting the same problem. I was using cl_build() first however I switched over to cl_buildtrie() to see if that would make a difference. No luck with either ones being changed. - Ben On Wed, 2006-08-16 at 08:11 -0400, Brian Bebeau wrote: Ben Lull wrote: Hello, I recently wrote a program which uses libclamav. However, whenever I scan an infected file (archive, plain file, etc..) the call to cl_scanfile() segfaults. When I scan a clean file, there is no problem. I'm guessing this has something to do with how I'm init'ing the virus database, but thats just a guess. You can take a look at my code at http://blull.storagefreak.com/main.c The program segfaults on line 242. I'm pretty stuck here, I've spent the last 12 hours working on this and have exhausted the mailing archives, irc, and google. Thanks, Ben Good guess. You've declared struct cl_node **root = NULL;, but it should be struct cl_node *root = NULL; instead. Also, I believe cl_buildtrie() is deprecated, you should use cl_build() now. See the API. The only other flag you need is CL_SCAN_BLOCKMAX, CL_SCAN_STDOPT already includes the rest. ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Is there an ubuntu (dapper) repository out there?
On Wed, Aug 16, 2006 at 07:39:16AM +1000, Robert S said: I have been looking at replacing my debian box with ubuntu dapper LTS (because of the LTS). I have been thwarted by the fact that there does not seem to be a compatible repository for clamav. I don't want to have to compile clamav manually every time a new release comes out. Is there a repository out there? I've put a message on the ubuntu forums but have not been told that such a thing exists. I have no idea whether such a thing exists, but you can usually install debian packages on ubuntu, unless one or the other has incompatibly changed library version or something. It's not hard to build from source, or build debian packages from the debian source package. I think there is an apt-source program out there somewhere that keeps track of what you are rebuilding from source and that sort of thing. Good luck, -- -- | Stephen Gran | Horner's Five Thumb Postulate: | | [EMAIL PROTECTED] | Experience varies directly with | | http://www.lobefin.net/~steve | equipment ruined. | -- signature.asc Description: Digital signature ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] anti virus comparisons
Michael Grant wrote: Does anyone know any good independent sites that have reviewed the effectiveness of various different anti-virus programs including Clam? Doing such comparisons is not an easy task. Results are quite a lot affected by the type of the samples inside the collection used for the tests. The only researcher I'm personally aware of that knows how to work in this field and that is also reviewing ClamAV (in fact one win32 port) is Andreas Marx from av-test.org. In every other case the collection was not properly sorted out (lots of broken, not properly replicated or even clean samples, lack of dropped files, etc.) or the testing metodolody was flawed. Anyway, since again the results are much dependent on the samples used, what we usually raccomend on this list is not to blindly believe any stats you can find around the internet, but test the products inside your specific environment. And possibly don't rely on a single AV product. I tried doing both a google and yahoo search for obvious things like 'anti virus compare' and all it turns up is junk. It pisses me off the way people spam the search engines to the point of making them useless. http://www.searchlores.org/ ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Is there an ubuntu (dapper) repository out there?
On Wed, 16 Aug 2006 07:39:16 +1000 Robert S [EMAIL PROTECTED] wrote: I have been looking at replacing my debian box with ubuntu dapper LTS (because of the LTS). I have been thwarted by the fact that there does not seem to be a compatible repository for clamav. I don't want to have to compile clamav manually every time a new release comes out. Is there a repository out there? I've put a message on the ubuntu forums but have not been told that such a thing exists. Ubuntu has a clamav version 0.88.2-1 in their repository for Dapper as of yesterday. ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Is there an ubuntu (dapper) repository out there?
Robert S said: I have been looking at replacing my debian box with ubuntu dapper LTS (because of the LTS). I have been thwarted by the fact that there does not seem to be a compatible repository for clamav. I don't want to have to compile clamav manually every time a new release comes out. Is there a repository out there? I've put a message on the ubuntu forums but have not been told that such a thing exists. I have no idea whether such a thing exists, but you can usually install debian packages on ubuntu, unless one or the other has incompatibly changed library version or something. It's not hard to build from source, or build debian packages from the debian source package. I think there is an apt-source program out there somewhere that keeps track of what you are rebuilding from source and that sort of thing. Good luck, -- -- | Stephen Gran | Horner's Five Thumb Postulate: | | [EMAIL PROTECTED] | Experience varies directly with | | http://www.lobefin.net/~steve | equipment ruined. | -- I could not install Debian (Volatile) clamav due to differences in the names of a couple libraries. Installing from Debian unstable wants to bring the Debian libc6 with it which would probably destroy the entire planet so that should be avoided. If unstable is set to a low priority, it won't install (broken package). There is a standard Ubuntu source that has this (see http://www.ubuntulinux.nl/source-o-matic ): deb http://us.archive.ubuntu.com/ubuntu dapper universe multiverse [EMAIL PROTECTED]:~# apt-cache policy clamav clamav: Installed: (none) Candidate: 0.88.2-1ubuntu1 Version table: 0.88.2-1ubuntu1 0 500 http://us.archive.ubuntu.com dapper/universe Packages A little dated, but I think you could install this, then (if you are adventurous) install from source, then create some symlinks from the old to the new, e.g.: sudo -i apt-get install clamav-base apt-get install clamav clamav-daemon apt-get install gcc bison make libc6-dev libgmp3-dev zlib1g-dev libbz2-dev apt-get install lha zip cd /usr/local/src wget http://easynews.dl.sourceforge.net/sourceforge/clamav/clamav-0.88.4.tar.gz tar xzvf clamav-0.88.4.tar.gz cd clamav-0.88.4 ./configure make make install # use the binaries compiled from source mv /usr/bin/clamdscan /usr/bin/clamdscan-ubuntu mv /usr/bin/clamscan /usr/bin/clamscan-ubuntu mv /usr/sbin/clamd /usr/sbin/clamd-ubuntu mv /usr/bin/freshclam /usr/bin/freshclam-ubuntu ln -s /usr/local/bin/clamdscan /usr/bin/clamdscan ln -s /usr/local/bin/clamscan /usr/bin/clamscan ln -s /usr/local/bin/freshclam /usr/bin/freshclam ln -s /usr/local/sbin/clamd /usr/sbin/clamd # but use the ubuntu supplied conf files mv /usr/local/etc/clamd.conf /usr/local/etc/clamd.conf-source mv /usr/local/etc/freshclam.conf /usr/local/etc/freshclam.conf-source ln -s /etc/clamav/clamd.conf /usr/local/etc/clamd.conf ln -s /etc/clamav/freshclam.conf /usr/local/etc/freshclam.conf The source supplied man pages were used when I tried them. /etc/init.d/clamav-freshclam restart /etc/init.d/clamav-daemon restart Not for those who are risk averse. This could break in the future (maybe the next release!) and would require more work if milter is involved. Don't take me too seriously here, this was just a 'see if it works' kind of thing. If you should try this, there is ABSOLUTELY NO WARRANTY, use entirely at your own risk. But, now that the Ubuntu framework is in place, it would only take a minute to download and compile a new version. Gary V _ On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement ___ http://lurker.clamav.net/list/clamav-users.html