Re: [Clamav-users] feature request?
Dennis Peterson wrote: > Chuck Swiger wrote: > >> On May 8, 2008, at 5:43 PM, Dennis Peterson wrote: >> Can't you do this via something like: % ls -1 > /tmp/filelist_to_scan % xargs clamdscan < /tmp/filelist_to_scan >>> The clamd user would need to be root for this to always work. That is >>> probably not a good idea when scanning user space. >>> >> If clamd doesn't have permissions to read some of the files you want >> to check, use clamscan as root instead, although any potential >> security risk from a maliciously crafted input file would likely >> affect clamscan in such circumstances as well. >> >> Add salt and season to taste. >> >> > > If permissions on home dirs or (dev dirs) are set correctly clamd would > be locked out of all of them. But there's no reason to assume that would > be the case in the OP's world. If it is the case he could always pipe > files as root to the clamd socket. There's a clamd-stream client on > sourceforge from a couple years ago that may do the trick. clamdscan can do the streaming (although you can't scan anything larger than StreamMaxLength): $ clamdscan - http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamd 0.93 100%CPU during startup for 2 Minutes
100% CPU also happens after update of db using freshclam. However, it does not happen immediately, but during first usage of clamd after the update. I am using clamd together with dansguardian, so dansguardian is waiting for about 2-3 minutes for clamd to complete after usage of freshclam. - Nicht vergessen! Am Sonntag, den 11. Mai ist Muttertag Geschenkideen, Gedichte & mehr: www.yahoo.de/muttertag. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] feature request?
Chuck Swiger wrote: > On May 8, 2008, at 4:08 PM, Rekrutacja wrote: >> is it possible that developers will add option to clamscan, to load >> file >> list to be scanned, from other file? > > Can't you do this via something like: > > % ls -1 > /tmp/filelist_to_scan > % xargs clamdscan < /tmp/filelist_to_scan > > ...? i didn't know i can give more than 1 argument to clamscan... by the way - any idea how to scan files encoded in base64 ? there are PHP.shells on my server, that are easly found by clamscan when in normal text, but when encoded in base64 , clam doesn't detect anything. i thought base64 was added already? also, any way to add daemon but not for mails, but one that will scan files added to some directory in the background automatically? > >> the problem is i have many users uploading files, and i log it. i want >> clamscan to run like every minute or less, and scan these files from >> the >> list, but it takes a lot of time for clamscan to load into memory >> (viruses databases) > > Right, so use clamdscan rather than normal clamscan. > >> wouldn't that be easier to just be able to add like --load-from-file >> option, where i can tell clamscan which files should be scanned? > > I don't see anything wrong with the notion of having explicit support > for loading filenames from a file, but you can use xargs to place such > files onto the command-line arguments and get the same results > ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Upgraded freshclam not updating
> This box doesn't have a browser, it's a server. That's why I was trying > to use wget. If I do that, I get: > > # wget http://db.us.clamav.net/main.cvd > --16:52:08-- http://db.us.clamav.net/main.cvd > => `main.cvd.2' > Resolving db.us.clamav.net... 64.142.100.50, 64.246.44.108, > 128.121.60.235, ... > Connecting to db.us.clamav.net|64.142.100.50|:80... connected. > HTTP request sent, awaiting response... 200 OK > Length: 13,050,207 (12M) [text/plain] > > 0% [ ] 0 --.--K/s > > and it hangs there, never downloading anything. > > OK. The wget command indicates that you are establishing a connection but the download just is not happening. Some of the next questions are: Are you able to wget any files on this server? What directory were you in when running wget command? What OS? Jim ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamd 0.93 100%CPU during startup for 2 Minutes
reiner otto wrote: > 100% CPU also happens after update of db using freshclam. However, it does > not happen immediately, but during first usage of clamd after the update. > I am using clamd together with dansguardian, so dansguardian is waiting for > about 2-3 minutes for clamd to complete after usage of freshclam Can you post excerpts the clamav and freshclam logs for the period associated with the above? Jim ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html