[clamav-users] How to abort a scan

[Chaitanya Puchakayala]

Is there way to abort a submitted scan in clamav?.  We are using a java client 
to connect to clamav to do scanning, there is socket time out on the client, 
but we actually want to know if there is way to abort a scan so clam doesn't 
churn system resources after a certain timeout. I didn't find anything in the 
clamd config?

Any help is appreciated :)

--
Chaitanya
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] ClamAV - Open Source License

[Reindl Harald]

Am 21.11.2017 um 18:47 schrieb Peggy Anstett:

Hi there,

Can you please advise which open source license the ClamAV library is licensed 
under? The documentation is somewhat confusing


Name: clamav-lib
Version : 0.99.2
Release : 12.fc26
Architecture: x86_64
Install Date: Mon Oct 30 10:45:35 2017
Group   : System Environment/Libraries
Size: 11516960
License : GPLv2
Signature   : (none)
Source RPM  : clamav-0.99.2-12.fc26.src.rpm
Build Date  : Fri Sep 15 20:31:49 2017
Build Host  : buildhw-08.phx2.fedoraproject.org
Relocations : (not relocatable)
Packager: Fedora Project
Vendor  : Fedora Project
URL : http://www.clamav.net
Summary : Dynamic libraries for the Clam Antivirus scanner
Description :
This package contains dynamic libraries shared between applications
using the Clam Antivirus scanner
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] ClamAV - Open Source License

[Peggy Anstett]

Hi there,

Can you please advise which open source license the ClamAV library is licensed 
under? The documentation is somewhat confusing.

Thank you!

Peggy Anstett | Relativity
Paralegal, Transactions and Corporate

direct: +1 (312) 676-5068
mobile: +1 (650) 338-8240

relativity.com

___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] CVE fix status

[Steven Morgan]

Zetan,

I've added you to the cc list. Please try it now.

Steve

On Tue, Nov 21, 2017 at 11:58 AM, Zetan Drableg 
wrote:

> Thank you. After signing up with bugzilla I still get the message " You are
> not authorized to access bug #11961. "
>
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] CVE fix status

[Zetan Drableg]

Thank you. After signing up with bugzilla I still get the message " You are
not authorized to access bug #11961. "

On Mon, Nov 20, 2017 at 2:23 PM, Steven Morgan 
wrote:

> I think some may be fixed already. I've opened ticket 11961 in the ClamAV
> bugzilla for followup and tracking.
>
> Steve
>
>
> On Mon, Nov 20, 2017 at 2:54 PM, Zetan Drableg 
> wrote:
>
> > Hi,
> > Anyone know when these CVEs will be fixed? Does clamav provide a 0.99.2
> > security fix branch or I need to consume 0.99.3 devel? Does EPEL backport
> > fixes?
> >
> > CVE-2017-6418
> > CVE-2017-6419
> > CVE-2017-6420
> >
> > It was discovered that ClamAV incorrectly handled parsing certain e-mail
> > messages. A remote attacker could possibly use this issue to cause ClamAV
> > to crash, resulting in a denial of service. (CVE-2017-6418
> > )
> >
> > It was discovered that ClamAV incorrectly handled certain malformed CHM
> > files. A remote attacker could use this issue to cause ClamAV to crash,
> > resulting in a denial of service, or possibly execute arbitrary code.
> This
> > issue only affected Ubuntu 14.04 LTS. In the default installation,
> > attackers would be isolated by the ClamAV AppArmor profile.
> (CVE-2017-6419
> > )
> > It was discovered that ClamAV incorrectly handled parsing certain PE
> files
> > with WWPack compression. A remote attacker could possibly use this issue
> to
> > cause ClamAV to crash, resulting in a denial of service. (CVE-2017-6420
> > )
> >
> > Thank you
> > ___
> > clamav-users mailing list
> > clamav-users@lists.clamav.net
> > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
> >
> >
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> >
> > http://www.clamav.net/contact.html#ml
> >
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Questions about ClamAV

[Brian Turner]

Thank you Micah!

On Mon, Nov 20, 2017 at 11:48 PM, Micah Snyder (micasnyd) <
micas...@cisco.com> wrote:

> Hello,
>
> 1. Can it scan all files/data from a dirty S3 bucket, and place the files
> into a clean bucket?
> I don’t have experience working with S3 buckets.  ClamAV works with files
> on a filesystem.  ClamAV’s ability to move files during scanning is limited
> to moving dirty files, not moving clean files.  For example:
> https://askubuntu.com/questions/171441/how-to-
> quarantine-or-delete-infected-files-with-clamav  In theory you could use
> a technology such as S3FS to mount your S3 bucket as a file system and then
> scan the files as such.  However, I make no guarantees about how well that
> will work.
>
> 2. Does it have the ability to scan large files (2 GBs+)?
> ClamAV currently has max file size limits around 2GB.
>
> 3. Is it compatible with both Linux and Windows?
> Yes, however certain features (e.g. on access scanning) are limited to
> Linux.
>
> 4. Does it scale horizontally, adding more scanning capacity?
> It depends on what you mean by “Scale horizontally”.  The clamd component
> (a daemon process) may be used in conjunction with clamdscan (a process
> that interacts with clamd to scan with multithreading.  I’m guessing, based
> on your question about S3 that you’re talking about the idea of hosting
> clamav services in the cloud and scaling up the number of instances to
> handle scan requests.  In theory, if you could mount your S3 bucket and if
> clamav does handle scanning these files well, you could write a wrapper
> around clamdscan to accept scan requests in a scalable architecture.  That
> said, I still make no guarantees about the scan performance and of course
> this cloud-scaling wrapper tech is not provided as a part of ClamAV.
>
> 5. Does it give the user the ability to load their own virus signatures (in
> addition to pulling signatures down from vendor's site)?
> Yes.
>
>
> Micah Snyder
> Software Engineer
> Talos Intelligence
> Cisco Systems, Inc.
>
> This email may contain confidential and privileged material for the sole
> use of the intended recipient. Any review, use, distribution or disclosure
> by others is strictly prohibited. If you are not the intended recipient (or
> authorized to receive for the recipient), please contact the sender by
> reply email and delete all copies of this message.
>
> On Nov 20, 2017, at 2:34 PM, Brian Turner  software.com> wrote:
>
> Hello,
>
> I have a few questions about ClamAV.
>
> 1. Can it scan all files/data from a dirty S3 bucket, and place the files
> into a clean bucket?
> 2. Does it have the ability to scan large files (2 GBs+)?
> 3. Is it compatible with both Linux and Windows?
> 4. Does it scale horizontally, adding more scanning capacity?
> 5. Does it give the user the ability to load their own virus signatures (in
> addition to pulling signatures down from vendor's site)?
>
> --
>
>
> Brian Turner
> Blue Star Software
> p: 703.968.1974  m: 301.980.6657 a: 8500 Leesburg Pike #403 Vienna, VA
> 22182
> s: http://www.blue-star-software.com e: brian.turner@blue-star-
> software.com
>
>
> Listed as a "Best Place to Work" by the Washington Business Journal in 2016
> and 2017!
> *Read our company reviews on Glassdoor
> 
> to
> learn more!*
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
> ___
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml




-- 


Brian Turner
Blue Star Software
p: 703.968.1974  m: 301.980.6657 a: 8500 Leesburg Pike #403 Vienna, VA 22182
s: http://www.blue-star-software.com e: brian.tur...@blue-star-software.com


Listed as a "Best Place to Work" by the Washington Business Journal in 2016
and 2017!
*Read our company reviews on Glassdoor
 to
learn more!*
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml