Re: [clamav-users] daily.cvd out of date?
Interestingly I just ran it on one more server and got the correct date... Could it be that the Mirrors at Clamav.net are out of sync? Thanks! Dave Smith drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Smith, David Sent: Thursday, February 26, 2015 11:03 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Yep, same results from three different servers Thanks! Dave Smith drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 10:53 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
Looks to be database.clamav.net|150.214.142.197|:80 Thanks! Dave Smith drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 11:48 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Which mirror(s) do you suspect to be out of sync? On Feb 26, 2015, at 11:14 AM, Smith, David drsm...@fsu.edu wrote: Interestingly I just ran it on one more server and got the correct date... Could it be that the Mirrors at Clamav.net are out of sync? Thanks! Dave Smith drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Smith, David Sent: Thursday, February 26, 2015 11:03 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Yep, same results from three different servers Thanks! Dave Smith drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 10:53 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
Yep, same results from three different servers Thanks! Dave Smith drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 10:53 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] daily.cvd out of date?
Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Why is ArchiveBlockMax obsoleted?
Hi Vladislav, Unfortunately there is currently not an option to flag files when MaxRecursion is exceeded. Looking at the README, ArchiveBlockMax was removed from ClamAV in 0.93, don't know what were the reasons, it was before my time. Maybe a search of the mail list archive could give insight, or maybe someone else will have some thoughts? You can also open a feature request at bugzilla.clamav.net. Steve On Thu, Feb 26, 2015 at 4:46 AM, Vladislav Kurz vladislav.k...@webstep.net wrote: Hi all, in response to recent wave of viruses that were not detected by any antivirus, we decided to simply block any nested zip files. (Exe inside Zip inside Zip). So I tried to set MaxRecursion=1, just to find out that it passes such files as clean without scanning deeper. I want to block such files in the same manner as encrypted archives, but the ArchiveBlockMax option is obsolete. Why? Is there any undocumented replacement option for that? On some man pages I found --max-block, but that is ignored as well. Is there any reason to drop such function? -- Best Regards Vladislav Kurz ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Why is ArchiveBlockMax obsoleted?
Features that have graduated from deprecated to deleted should have all remnants removed from associated files. Sounds like it's past time to tidy up the clamd.conf and freshclam.conf files. dp On 2/26/15 10:10 AM, Steven Morgan wrote: Hi Vladislav, Unfortunately there is currently not an option to flag files when MaxRecursion is exceeded. Looking at the README, ArchiveBlockMax was removed from ClamAV in 0.93, don't know what were the reasons, it was before my time. Maybe a search of the mail list archive could give insight, or maybe someone else will have some thoughts? You can also open a feature request at bugzilla.clamav.net. Steve On Thu, Feb 26, 2015 at 4:46 AM, Vladislav Kurz vladislav.k...@webstep.net wrote: Hi all, in response to recent wave of viruses that were not detected by any antivirus, we decided to simply block any nested zip files. (Exe inside Zip inside Zip). So I tried to set MaxRecursion=1, just to find out that it passes such files as clean without scanning deeper. I want to block such files in the same manner as encrypted archives, but the ArchiveBlockMax option is obsolete. Why? Is there any undocumented replacement option for that? On some man pages I found --max-block, but that is ignored as well. Is there any reason to drop such function? -- Best Regards Vladislav Kurz ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
Hi there, On Thu, 26 Feb 2015, Joel Esler wrote: Which mirror(s) do you suspect to be out of sync? I can't believe you haven't got an nmap script that will tell you that with a single command. -- 73, Ged. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
Who says we don’t? :) But you may be seeing different results than what we see. It’s the internet. On Feb 26, 2015, at 12:41 PM, G.W. Haywood cla...@jubileegroup.co.uk wrote: Hi there, On Thu, 26 Feb 2015, Joel Esler wrote: Which mirror(s) do you suspect to be out of sync? I can't believe you haven't got an nmap script that will tell you that with a single command. -- 73, Ged. ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
Looks to be database.clamav.net|150.214.142.197|:80 [root@SERVERNAME]# nslookup 150.214.142.197 Non-authoritative answer: 197.142.214.150.in-addr.arpaname = clamav.us.es. Thanks! Dave Smith drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Anssi Johansson Sent: Thursday, February 26, 2015 12:22 PM To: clamav-users@lists.clamav.net Subject: Re: [clamav-users] daily.cvd out of date? If you do know the IP addresses of the outdated mirrors, I think that information might be very very useful in diagnosing this problem. For what it's worth, works fine here. 26.2.2015, 18.14, Smith, David kirjoitti: Interestingly I just ran it on one more server and got the correct date... Could it be that the Mirrors at Clamav.net are out of sync? Thanks! Dave Smith drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Smith, David Sent: Thursday, February 26, 2015 11:03 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Yep, same results from three different servers Thanks! Dave Smith drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 10:53 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
If you do know the IP addresses of the outdated mirrors, I think that information might be very very useful in diagnosing this problem. For what it's worth, works fine here. 26.2.2015, 18.14, Smith, David kirjoitti: Interestingly I just ran it on one more server and got the correct date... Could it be that the Mirrors at Clamav.net are out of sync? Thanks! Dave Smith drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Smith, David Sent: Thursday, February 26, 2015 11:03 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Yep, same results from three different servers Thanks! Dave Smith drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 10:53 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
Nope .. not yet! :) [root@SERVERNAME]# wget http://database.clamav.net/daily.cvd --2015-02-26 14:46:30-- http://database.clamav.net/daily.cvd Resolving database.clamav.net... 150.214.142.197, 200.236.31.1, 209.198.147.20, ... Connecting to database.clamav.net|150.214.142.197|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 27596102 (26M) [text/plain] Saving to: `daily.cvd.2' 100%[==] 27,596,102 161K/s in 66s 2015-02-26 14:47:37 (406 KB/s) - `daily.cvd.2' saved [27596102/27596102] [root@SERVERNAME]# ls -la total 207540 drwxr-xr-x 2 root root 4096 Feb 26 14:46 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd.2 Thanks! Dave Smith drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 2:45 PM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Believe the problem has been rectified. Thank you for pointing it out. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Security Intelligence and Research Group On Feb 26, 2015, at 12:23 PM, Smith, David drsm...@fsu.edumailto:drsm...@fsu.edu wrote: Looks to be database.clamav.nethttp://database.clamav.net|150.214.142.197|:80 [root@SERVERNAME]# nslookup 150.214.142.197 Non-authoritative answer: 197.142.214.150.in-addr.arpaname = clamav.us.eshttp://clamav.us.es. Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Anssi Johansson Sent: Thursday, February 26, 2015 12:22 PM To: clamav-users@lists.clamav.netmailto:clamav-users@lists.clamav.net Subject: Re: [clamav-users] daily.cvd out of date? If you do know the IP addresses of the outdated mirrors, I think that information might be very very useful in diagnosing this problem. For what it's worth, works fine here. 26.2.2015, 18.14, Smith, David kirjoitti: Interestingly I just ran it on one more server and got the correct date... Could it be that the Mirrors at Clamav.nethttp://Clamav.net are out of sync? Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Smith, David Sent: Thursday, February 26, 2015 11:03 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Yep, same results from three different servers Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 10:53 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edumailto:drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edumailto:drsm...@fsu.edu (850)645-8024 Linux Administrators
Re: [clamav-users] daily.cvd out of date?
Maybe it's time to run that nmap script they might have :) Hopefully they have something more elegant, though. dp On 2/26/15 11:49 AM, Smith, David wrote: Nope .. not yet! :) [root@SERVERNAME]# wget http://database.clamav.net/daily.cvd --2015-02-26 14:46:30-- http://database.clamav.net/daily.cvd Resolving database.clamav.net... 150.214.142.197, 200.236.31.1, 209.198.147.20, ... Connecting to database.clamav.net|150.214.142.197|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 27596102 (26M) [text/plain] Saving to: `daily.cvd.2' 100%[==] 27,596,102 161K/s in 66s 2015-02-26 14:47:37 (406 KB/s) - `daily.cvd.2' saved [27596102/27596102] [root@SERVERNAME]# ls -la total 207540 drwxr-xr-x 2 root root 4096 Feb 26 14:46 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd.2 ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] daily.cvd out of date?
Believe the problem has been rectified. Thank you for pointing it out. -- Joel Esler Open Source Manager Threat Intelligence Team Lead Talos Security Intelligence and Research Group On Feb 26, 2015, at 12:23 PM, Smith, David drsm...@fsu.edumailto:drsm...@fsu.edu wrote: Looks to be database.clamav.nethttp://database.clamav.net|150.214.142.197|:80 [root@SERVERNAME]# nslookup 150.214.142.197 Non-authoritative answer: 197.142.214.150.in-addr.arpaname = clamav.us.eshttp://clamav.us.es. Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Anssi Johansson Sent: Thursday, February 26, 2015 12:22 PM To: clamav-users@lists.clamav.netmailto:clamav-users@lists.clamav.net Subject: Re: [clamav-users] daily.cvd out of date? If you do know the IP addresses of the outdated mirrors, I think that information might be very very useful in diagnosing this problem. For what it's worth, works fine here. 26.2.2015, 18.14, Smith, David kirjoitti: Interestingly I just ran it on one more server and got the correct date... Could it be that the Mirrors at Clamav.nethttp://Clamav.net are out of sync? Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Smith, David Sent: Thursday, February 26, 2015 11:03 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? Yep, same results from three different servers Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edu(850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University -Original Message- From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Joel Esler (jesler) Sent: Thursday, February 26, 2015 10:53 AM To: ClamAV users ML Subject: Re: [clamav-users] daily.cvd out of date? I just did the same operation and pulled this mornings. Can you try again? On Feb 26, 2015, at 10:50 AM, Smith, David drsm...@fsu.edumailto:drsm...@fsu.edu wrote: Just did a wget http://database.clamav.net/daily.cvd and am getting a daily.cvd dated Aug 28 is there something going on with the servers??? [root@SOMESERVER freshclam]# ls -la total 90288 drwxr-xr-x 2 root root 4096 Feb 26 10:43 . drwxr-xr-x 4 root root 4096 Feb 23 15:01 .. -rw-r--r-- 1 root root 27596102 Aug 28 13:26 daily.cvd Thanks! Dave Smith drsm...@fsu.edumailto:drsm...@fsu.edumailto:drsm...@fsu.edu (850)645-8024 Linux Administrators its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edumailto:its-unixadm...@fsu.edu (850)644-2591 Information Technology Services Florida State University ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Why is ArchiveBlockMax obsoleted?
Hi all, in response to recent wave of viruses that were not detected by any antivirus, we decided to simply block any nested zip files. (Exe inside Zip inside Zip). So I tried to set MaxRecursion=1, just to find out that it passes such files as clean without scanning deeper. I want to block such files in the same manner as encrypted archives, but the ArchiveBlockMax option is obsolete. Why? Is there any undocumented replacement option for that? On some man pages I found --max-block, but that is ignored as well. Is there any reason to drop such function? -- Best Regards Vladislav Kurz ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml