[Clamav-users] ClamAV For Windows v0.72 offical and a beta test
Hello, I don't normally make announcments, but I figured I'd see if anyone here wants to give a version of the installer I have put together a test and see if it solves the TMPDIR issues that have been causing issues with clamd/clamdscan on WinNT/2k/XP/2k3 and NTFS. Details of the beta installer are here: http://forums.sosdg.org/viewtopic.php?p=62 And I have a standard non-testing build here which should be fine for normal users to use with their mail servers and such: http://forums.sosdg.org/viewtopic.php?t=34 Let me know of any feedback, or issues you may have. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by the new InstallShield X. >From Windows to Linux, servers to mobile, InstallShield X is the one installation-authoring solution that does it all. Learn more and evaluate today! http://www.installshield.com/Dev2Dev/0504 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Ethics Question
On Wednesday, June 09, 2004 6:50 PM [EDT], jef moskot <[EMAIL PROTECTED]> wrote: > > Popping up a message on the machine with the proper IP number of the > source of the infection sounds useful at best and harmless at > worst...but is it really harmless? Could these popups interrupt > running processes on poorly configured servers and such? > No, under Windows NT/2k/XP/2k3 its a system service called Messenger that handles incoming messages. All it does is popup a rather intrusive but harmless dialog box that doesn't block other activity from continuing. In Win9x/ME you have to be running Winpopup or one of its variants to get the message. Its worth a shot. I will note that people are welcome to contact me offlist to discuss possibly sending the AHBL data on infected hosts, since I can get them added quick. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by: GNOME Foundation Hackers Unite! GUADEC: The world's #1 Open Source Desktop Event. GNOME Users and Developers European Conference, 28-30th June in Norway http://2004/guadec.org ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Upgraded kernel causing problems
On Sunday, July 04, 2004 4:22 PM [EST], Steve Lenti wrote:
> -Original Message-
> Seen on the list last week:
>
> It turned out the latest version of ClamAV (0.74) and development
> versions since devel-20040622 contain a bug regarding handling of
> stream scanning in TCP mode. The bug results in clamdscan hanging
> when scanning data on stdin ("clamdscan -"). The bug does _not_
> affect scanning files given to clamdscan directly on command line.
>
> The bug was reported today by Piotr Gackiewicz.
>
> A fix will be available tomorrow in CVS.
>
> Maybe this is the thing causing your problem?
>
> --
>
> I wasn't using clamd in TCP mode initially I just configured it
> that way to see if clamd would respond to PING. The other strange
> thing is that it was working fine in my previous kernel 2.4.21, but
> only started doing weird things when I upgraded the kernel to
> 2.4.26.
>
> With that said... the fix tomorrow might solve the problem anyways.
> I will try it and report back.
This sounds an awful lot like the bug one of the ClamAV For Windows
users are experiencing:
http://forums.sosdg.org/viewtopic.php?t=54
The fix has been put in CVS? Or are we still waiting on the fix?
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
---
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 -
digital self defense, top technical experts, no vendor pitches,
unmatched networking opportunities. Visit www.blackhat.com
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] crashat rpms and glibc
On Tuesday, July 06, 2004 5:08 PM [EST], Jim Maul wrote: > I am trying to install the crashat rpms on a redhat 9 machine. > I've been using these builds since about .68 or so without any > problems. Now i am trying to upgrade from 0.72 to 0.74 and when > trying to install the rpm, im getting: > > [EMAIL PROTECTED] download]# rpm -Uvh clamav-0.74-1.i386.rpm > warning: clamav-0.74-1.i386.rpm: V3 DSA signature: NOKEY, key ID > 6cdf2cc1 error: Failed dependencies: > libc.so.6(GLIBC_2.3.4) is needed by clamav-0.74-1 > > > Ok so i need to upgrade my glibc...not a problem...but wait! > Checking the latest release at > http://www.gnu.org/software/libc/libc.html#CurrentStatus shows the > current release to be 2.3.2, NOT 2.3.4. Does anyone know where i > can find an rpm for glibc-2.3.4 for redhat9 or is there something > else that can be done to get the clamav 0.74 rpm installed? > Grab the .src.rpm and do: rpmbuild --rebuild Then you will have a clamav RPM build for your system in /usr/src/redhat/BUILD/i386/ -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] crashat rpms and glibc
On Tuesday, July 06, 2004 11:24 PM [EST], Jim Maul wrote: > > Trying with --nodeps eliminates that error (obviously) but fails to > build later > on. > > Error: > > RPM build errors: > File not found: > /var/tmp/clamav-0.74-root/usr/sbin/clamav-milter > > > Umm...im dont want to use any milter. Why is it looking for it? > > Any ideas? > The RPM builds the milter automatically. You'll need to edit the clamav.spec in /usr/src/redhat/SPECS, and remove the milter config option, then remove the milter path towards the bottom of the files section. Then rpmbuild -bb --clean clamav.spec and you'll have an rpm. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] crashat rpms and glibc
On Wednesday, July 07, 2004 2:58 AM [EST], Brian Morrison wrote: > > No, just supply --without milter as an argument to the rpmbuild > command, I do: > > rpmbuild -bb --without milter clamav.spec > > and it just works. > > You do need the bzip2-devel package installed though. Eh, I'm used to stripping out unnecessary options out of the spec files by habit. But yeah, that is one way of doing it. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email sponsored by Black Hat Briefings & Training. Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] ClamAV refusing to build on cygwin due to mmap issues
I've known about this problem for about a week now or so, but been
rather busy, so I haven't had time to report it.
Basically, as we all know, Windows memory management is rather shoddy,
and under Cygwin, mmap doesn't work properly during the configure
test. As such, the build has HAVE_MMAP undefined. Thats fine, except
that with HAVE_MMAP undefined, libclamav/scanners.c refuses to build
due to MAP_FAILED being undefined.
I checked the section of code where its failing, and discovered that
the following section is the cause:
/* TODO: do file operations if mmap fails */
if(membuff == MAP_FAILED) {
cli_dbgmsg("mmap failed\n");
return CL_EMEM;
}
I'm not sure if this is the best fix for the problem, but I adjusted
where that code block is and moved it up above:
#else /* FIXME */
return CL_CLEAN;
#endif
so its within the "#ifdef HAVE_MMAP" condition. When moved,
scanners.c compiles correctly.
Like I said, I'm not sure if this is the best fix to the problem, but
I'm including a patch anyway. I know the mmap issue is a Cygwin
problem, and I'm going to pose the question to them next about the
error its having.
I'll be uploading ClamAV For Windows 0.74-6 in about an hour which
includes this fix (since I've been using it all day here with no
problems).
--
Brian Bruns
The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.sosdg.org
The Abusive Hosts Blocking List
http://www.ahbl.org
clamav-scanners-mmap.patch
Description: Binary data
Re: [Clamav-users] TCP/IP + ClamAV
On Saturday, July 24, 2004 2:45 AM [EST], Me Its wrote: > Hi all > > I am looking forward to implement tcp/ip filtering for my firewall, > the only solution that I found on the net is using a patched squid > which can work with clamav. > > I am looking for a better solution like implemented Trend Virus > Wall. > > Any idea? > > Regards > > > http://webcleaner.sourceforge.net/index.html One possible solution, even works under Windows directly with my clamav package. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by BEA Weblogic Workshop FREE Java Enterprise J2EE developer tools! Get your free copy of BEA WebLogic Workshop 8.1 today. http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamd timeout?
Is there any way to have clamd stop scanning a file/archive/etc fed to it after a set amount of seconds, and return an error? -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Idea for more timely virusdb updates
On Monday, August 09, 2004 11:18 PM [EST], Fajar A. Nugraha wrote: >> > You know, this isn't so crazy after all. I put arbitrary data on my > DNS server so that exim > can get config data using dnsdb lookup. Its cheaper than mysql > lookup (Plus, you eliminate single point of failure), > and you can still update config from a central location instead of > updating each server config. > > The only snag, is that TXT record is limited to a number of bytes ( > I tried putting 4096 bytes on it, it didn't work). > Now, the question is, can the daily (or hourly) updates fit in a > single TXT record? > If it must span multiple records than it will be somewhat > complicated > > Regards, > > Fajar I'd not recommend putting all the data in TXT records.TXT records can be a max of 255 characters (anything more and you'll have problems with other resolvers and such). But yeah, the version number in the TXT records would be good, set the TTL to about 30-60 mins, and have the freshclam client query and check the version. I could assist with implementing the necessary server side scripts to make the DNS management part really easy (I do something similar to this all the time, rbldnsd makes stuff like this stupidly simple and quick). Hell, I could even offer the DNSbl servers that the AHBL has to host the zones if needbe. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] OpenSource Clamav not ready?
On Wednesday, August 11, 2004 6:29 PM [EDT], Matthew Thomas wrote: > I was wondering how many clamav users came across this article: > http://www.eweek.com/article2/0,1759,1633536,00.asp > > The author says, among other things: "Clearly the biggest need > these days in an anti-virus system is for scanning e-mail, and > here's where ClamAntiVirus scares me. According to the manual, mail > support is turned off by default because it 'is still under > development and may cause stability problems.' Yikes!...In certain > circles ClamAntiVirus is highly respected, but that's at least > partially for lack of anything else to respect." > > I haven't had any stability problems myself and was just wondering > if users perceive clamav to be as experimental as the author > suggests. I know we haven't reached a 1.0 version, yet, but it's > all been good for me so far. > So far, I've been using ClamAV with exim/exiscan and it runs flawlessly. Under my Windows port, it runs fairly well, with small glitches here and there. Most of the problems stem from issues with Cygwin (more like issues with Windows not being up to par with the rest of the operating systems out there). However, I do know of at least a dozen smaller ISPs and hosting services which are running my ClamAV For Windows port with various mail apps (MX Guard, etc), and are quite pleased with the results (especially for the cost). ClamAV has come a long way since it began. I'm sure if people who question its capibilities and such spent as much of their time helping track down bugs and improving it as they do knocking it, things would go even further. On a side note, I was approached the other day by an unnamed company asking what it would take to bolt on a real time scanner into ClamAV For Windows, so that they could replace all of their big name desktop antivirus apps with something more open and lower costing. The potential for ClamAV is limitless at this point. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: Re: Re: Windows port ?
On Wednesday, September 22, 2004 4:40 AM [EDT], Remi Thomas wrote: > > > > I don't want to still your job and I will add link to clam project > home page in my About window and web site. > > The reason why I don't want UScanIT being GPL is because I use clam > database and also some heuristic test to decide is a suspect file > is a virus or not. This would help virus writter if they know how > to be "transparent" to this heuristic engine. They can reverse > compilation but it'll be harder for them. > > Security through obsecurity... How comforting. Either use the DB as the authors tell you you can use it, or don't use it at all. It is very simple to understand. How would you like it if you were the ones writing the virus defs and I did the same to you after you told me that it was against the license? -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170 Project Admins to receive an Apple iPod Mini FREE for your judgement on who ports your project to Linux PPC the best. Sponsored by IBM. Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] ClamAV return codes
Hey all, I'm sure this has probably been asked before, but I wasn't able to find it in the mailing list archives or the documentation - is there a list somewhere, either in the source code or in the docs, or on the web, which lists what each return code that clamscan gives back means? I've got someone asking about return code 128, and I've never seen it before. Thanks -- Brian Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: ClamAV return codes
On Friday, March 11, 2005 3:12 PM [EST], René Berber wrote: > > 128 means the program core-dumped. > > It's not a normal return code, those are documented at the end of > man clamscan, it's a stopping/termination reason given by the OS. > Just out of curiosity, in which OS are you seeing this? Its Cygwin, so I'll have to diagnose this with my user, since I'm not seeing these problems on my end. -- Brian Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: ClamAV return codes
On Friday, March 11, 2005 4:22 PM [EST], René Berber wrote: > Brian Bruns wrote: > >> Its Cygwin, so I'll have to diagnose this with my user, since I'm >> not seeing these problems on my end. > > That explains everything: Cygwin version 1.5.13-1 (the latest) > changed the way it reports exit codes to Windows. > > Inside a Cygwin shell everything is normal (in your case the shell > intercepts the 128 and shows a text message which is the usual way > under Unix) but for Windows processes things changed, now exit > codes are multiplied by 256 and core dumps or other problems are > included in the exit code, which (at OS level) is composed of two > parts, : (that's two bytes, usually reason is 0 > so exit code 1 is integer 256, and so on). > > I had to change cgFilterMessages (a CommunigatePro filter) when > this Cygwin change started. If you use clamdwatch.pl under anything > that is not a Cygwin shell you'll have to change the way exit codes > are handled (actually you have to change clamdwatch.pl anyway since > Cygwin's perl doesn't handle the line that sets the temporary file > mod). The issue with return codes in 1.5.13 was fixed in a 1.5.14 snapshot which is what this user is using. I know all about the return code issue, and was ready to fork the Cygwin source code to fix it if they didn't fix it themselves. With the latest snapshots, everything is returning the right codes again So, I still have the issue where I need to find out what is causing the dumps in ClamAV. Back to square one. I have noone else reporting this issue currently. Latest cygwin snapshots are here if you need the latest DLL: http://www.cygwin.com/snapshots/ -- Brian Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Yahoo using ClamAV
>From a bounce message posted to the SPAM-L mailing list, which I thought people might find interesting (if it hasn't already been mentioned): The original message was received at Fri, 15 Apr 2005 14:10:54 +0100 - The following addresses had permanent fatal errors - - Transcript of session follows - ... while talking to mrin4.corp.yahoo.com >>> DATA <<< 554 5.7.1 virus HTML.Phishing.Bank-165 detected by ClamAV - http://www.clamav.net Kudos to the ClamAV guys for their excellent work. -- Brian Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: Freshclam security wondering
On Sunday, July 10, 2005 12:48 PM [EDT], Damian Menscher wrote: So yes, there's a huge amount of trust placed in the database maintainers, and we have to hope they don't go bonkers on us. (Anyone remember that spam RBL site that decided to announce they were going to stop running by blacklisting the entire internet?) *ahem* That was only done after people were told for months on end to stop using the DNSbl since it was going away. They ignored the notice that it was going away, and cost him severe amounts of bandwidth. So, to get them to fix their servers and stop the waste, it was set as * 127.0.0.2. I had to do that with blackholes.2mbit.com as well when we retired it. Almost a year after people were told to STOP using it, they didn't. So we * it all and watched them scream and yell. It worked though - queries dropped from several hundred thousand per hour to a little over 200. Its the fault of systems administrators not doing their jobs and keeping their server configs up to date. Anyway, open source software is a bit less prone to this type of corruption with the developers from my experience - theres no financial gain for one of the developers to sabatoge the project like this. Even if it were to happen, recovering from it is just a matter of getting a new mirror setup and having people change the approprate settings. This is one thing that generally isn't brought up in the closed source vs open source debate - when you take away certain key factors in what drives closed source software development, you tend to have better products all around. They may not have the same smooth edges as say a very popular commercial application, but at least you have the peace of mind knowing that the software is under your control. Most of the open source developers on our servers for hosting and development tend to have pretty much free reign of the box in terms of resources (except for root of course), whereas most of the regular users and paid users are limited in what they can do. But you guys get the idea - I have the utmost faith in the people who work on ClamAV. Considering that I put out one of the Windows versions of ClamAV, and provide some consulting services to support it on both Linux and Windows, I need to have trust and faith in the people who produce the software I stake my reputation on. -- Brian Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clam AV on windows with the cygwin environmentinstalled
On Monday, August 01, 2005 10:41 AM [EDT], [EMAIL PROTECTED] wrote: Is this possible? Are there any pitfalls in doing this? http://www.sosdg.org/clamav-win32 No pitfalls with ClamAV in particular - theres issues with Cygwin though - some people report instability (though thats mostly been fixed with Cygwin 1.5.16 and later), and it can be slow at scanning (yet another cygwin issue, not ClamAV, and mostly because Windows is braindead to the extreme and needs to have alot of functionality emulated). -- Brian Bruns The Summit Open Source Development Group http://www.sosdg.org / http://www.ahbl.org ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] ClamAV-devel for Windows installer
Heya all, Being somewhat bored this afternoon, I decided to begin work on making clamav more Windows friendly. I've got a simple GUI in development, though its not nearly ready yet. I put together a simple, working version, of ClamAV-Devel 0.65 under cygwin with an install and some start menu shortcuts to do things like start clamd. What would be the easiest way to shut down clamd under Windows without having to go to the task manager and hitting end task? I know clamd can accept commands via its control socket, but I have no idea how to code in C a program to write commands to the socket. Its been several years since I've done any C programming besides tweaking existing code. http://www.sosdg.org/clamav-win32/index.php Its got all the major programs (clamd, clamscan, clamdscan, sigtool, freshclam, etc), plus the latest main and daily virus cvd is already loaded. Let me know what you think, and I'll make changes and adjust things. ------ Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] ClamAV-devel for Windows installer
> Hi Brian, > temporarily I have no access to my bochs (bochs.sf.net) with windows (I > mainly use it to test worms and viruses in a "real" environment) and > can't test your package but already have the following questions: > 1) is it possible to run clamd in background without an entry in the > command (or task - I don't remember how do windows users call it) >bar ? > 2) does your package support digital signatures (libgmp) ? > 3) does it support zip/bzip2 ? > 4) does the internal rar scanner work ? > 5) is clamscan --mbox functional ? 1) Yes, it runs in the background, the only way you see it is with the task manager. Otherwise, its completely faceless and doesn't take up taskbar space 2) Yes, uses gmp, and the DLL is included 3) Yep, supports both and the Bzip2 DLL is included as well 4) Internal rar scanner is broke. Trying to figure out why 5) I haven't tested it yet. I will when I get a chance though. I dont see why it shouldn't. :) -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org - Original Message - From: "Tomasz Kojm" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, November 25, 2003 6:57 PM Subject: Re: [Clamav-users] ClamAV-devel for Windows installer --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-milter: is it possble to mark infected e-mail, but still deliver it to addressee ?
- Original Message - From: "Eduardo Kaftanski" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, November 27, 2003 3:54 PM Subject: Re: [Clamav-users] clamav-milter: is it possble to mark infected e-mail, but still deliver it to addressee ? > On Thu, Nov 27, 2003 at 12:25:01PM -0800, Brian W. Antoine wrote: > > At 11:11 AM 11/27/03, you wrote: > > >Unfortunately not all our users are happy of the situation > > >when they cannot get e-mails with viruses in them. > > > > You've got to be kidding. Did the user take the hint when you had > > trouble replying because you were laughing too hard? > > > > users are a strage breed. they first want to be able to send the > email and get it through with out the virus. then they want > the warning. then they want it disabled... its always the same. There is a very simple solution to that. Make them sign a release that says, "I am hereby requesting that (ISP) disable virus protection on my e-mail account. I understand that by doing this, my machine may be infected with a virus, and may be involved in various forms of abuse. I also understand that by doing this, I will be solely responsible for any and all actions my computer takes. Should I get infected by a virus, I understand that my provider may deny my computer access to their network in order to prevent my computer from infecting other machines or disrupting normal network activity." Obviously, reword it and have your legal department take a look over it. But, that should release you from liability if the user should come back and blame you for getting infected. Plus, this gives you the right to deny the user in question access to your network until they solve the problem. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Autochecking script for clamd
Heya, For all of you who have concerns about clamd crashing/dying, attached is a simple shell script (ripped from the eggdrop botchk script) that basically checks to see if clamd is running, and if not, restarts clamd. Simple to use, and works like a charm. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org clamdchk Description: Binary data
Re: [Clamav-users] Autochecking script for clamd
Crap, I guess I did miss it. Sorry :) -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org - Original Message - From: "Odhiambo Washington" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, November 27, 2003 11:23 PM Subject: Re: [Clamav-users] Autochecking script for clamd * Brian Bruns <[EMAIL PROTECTED]> [20031128 03:03]: wrote: > Heya, > > For all of you who have concerns about clamd crashing/dying, attached is a > simple shell script (ripped from the eggdrop botchk script) that basically > checks to see if clamd is running, and if not, restarts clamd. Simple to > use, and works like a charm. What advantage would the use of this script have over the one that was contibuted earlier that uses daemontools? Or did you just miss to see that one? ;-) cheers - wash +--+ -+ Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) | . 1ere Etage, Loita Hse, Loita St., | GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI | GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 | +-+- -+ "Oh My God! They killed init! You Bastards!" --from a /. post --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Autochecking script for clamd
Well, I should have put this in the last message. I guess the one I threw together doesn't require anything special (doesn't need daemontools), and only needs bash. I have a habit of writing things very simply to be as small and lightweight as possible :) ------ Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org - Original Message - From: "Odhiambo Washington" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, November 27, 2003 11:23 PM Subject: Re: [Clamav-users] Autochecking script for clamd * Brian Bruns <[EMAIL PROTECTED]> [20031128 03:03]: wrote: > Heya, > > For all of you who have concerns about clamd crashing/dying, attached is a > simple shell script (ripped from the eggdrop botchk script) that basically > checks to see if clamd is running, and if not, restarts clamd. Simple to > use, and works like a charm. What advantage would the use of this script have over the one that was contibuted earlier that uses daemontools? Or did you just miss to see that one? ;-) cheers - wash +--+ -+ Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE) | . 1ere Etage, Loita Hse, Loita St., | GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI | GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 | +-+- -+ "Oh My God! They killed init! You Bastards!" --from a /. post --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] using ClamAV on Windows
Right now, there is no programs to integrate clamav with windows based apps. I've got something in development, but its still a long ways away. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org - Original Message - From: "G. Jullien" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, December 01, 2003 4:56 PM Subject: [Clamav-users] using ClamAV on Windows > Hi, > > I tried to use ClamAV on a standalone Win machine. > I don't know if I can filter incoming and outgoing mail > What should I install more ? > > Is it a good idea to try to use clamAV this way ? Or is this usage not > the purpose for ClamAV ? > > I had no answer about this before, maybe this time > > thanks for your help. > > niber > > > > > --- > This SF.net email is sponsored by: SF.net Giveback Program. > Does SourceForge.net help you be more productive? Does it > help you create better code? SHARE THE LOVE, and help us help > YOU! Click Here: http://sourceforge.net/donate/ > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users --- This SF.net email is sponsored by: SF.net Giveback Program. Does SourceForge.net help you be more productive? Does it help you create better code? SHARE THE LOVE, and help us help YOU! Click Here: http://sourceforge.net/donate/ ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] ClamAV in the news: heise.de
How much you want to bet that they either #1 didn't bother to update the definitions #2 aren't telling people that they have some sort of connection or agreement with one of the big vendors? This like FUD to the extreme. I run ClamAV alone here and it has yet to let a single virus through. ------ Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org - Original Message - From: "Alex Pleiner" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 04, 2003 1:34 PM Subject: [Clamav-users] ClamAV in the news: heise.de > Hiya, > > ClamAV is in the news. Today heise.de published an article about web.de > and there new use of ClamAV. That article (in German) can be found at: > > http://www.heise.de/newsticker/data/hob-04.12.03-000/ > > For all non-Germans of you I made a quick translation of the German > text. Please, I do not share any of those opinions, I repeat, I do not > share any of those opinions. I just thought, you should know what > heise.de is writing. > > -snip- > > web.de want to protect email users against malicious code > > web.de[1] has added virus protection to it freemail service for all > its customers. As the company stated, all incoming emails will be > tested against viruses, worms and trojans on user request. Infected > attachments will be removed or moved to a spam folder called > "unwanted". > > In a short test by heise online the new service did not recognize all > viruses and worms. Supprised by this result, we asked the company, > what software they use. web.de uses two tools for virus scans: > outgoing mails are checked by F-Secure-Scanner[2], incoming mails are > scanned by the Open-Source-Software Clam AntiVirus[3]. While F-Secure > was able to stand a test in c't [German Computer Magazine by heise] > [4], the alpha version 0.54 of ClamAV failed as a result of its low > recognition rate of viruses and worms. > > To its customers web.de explained today that the scanner provides an > effective protection of their mail account and PCs. This looks delusive > after the c't test. Therefore heise online asked the anti virus expert > Andreas Marx[5] of university Magdeburg to re-check the version 0.65 of > ClamAV supposably used by web.de. > > The results: Of 716 widely spread Viruses from the current > "wildlist"[6] ClamAV only recognised 242, that is a quote of > 33,8%. "You cannot call the virus protection of ClamAV as such", Marx > commented the result. Every commercial virus scanner gets a > recognition rate of 99 to 100 percent in these tests. Because ClamAV > does not include a code emulation it is currently useless against > polymorphic viruses. In the test it recognised 0,3 percent of the > 70,000 tested files. For comparison: scanners from Symantec, Network > Associates/McAfee, Trend Micro and other companies do find all 70,000 > infected files. An OLE2 engine is also missing, so the scanner misses > practically all macro viruses. > > It was noticeable that ClamAV often triggered false positive: of 5000 > clean files that he checked with ClamAV, more than 50 were detected as > virus infected, Marx explained. He attributed these false positives to > the bad quality of the signature database of ClamAV. > > Experts like Marx expressly point out that the Open-Source-Project > ClamAV is currently in alpha stage and should not be used in > production environments as the only virus scanner. web.de is doing the > developers of ClamAv and there own customers a disservice. The company > itself argues that they have resulted ver good recognition rates with > internal tests. > > [1] http://www.web.de/ > [2] http://www.f-secure.com/ > [3] http://clamav.elektrapro.com/ > [4] http://www.heise.de/security/artikel/39978/0 > [5] http://www.av-test.de/ > [6] http://www.wildlist.org/ > > snip-- > > Alex > > -- > Alex Pleiner > zeitform Internet Dienste Fraunhoferstrasse 5 > 64283 Darmstadt, Germany > http://www.zeitform.deTel.: +49 (0)6151 155-635 > mailto:[EMAIL PROTECTED]Fax: +49 (0)6151 155-634 > GnuPG/PGP Key-ID: 0x613C21EA > > > --- > This SF.net email is sponsored by: IBM Linux Tutorials. > Become an expert in LINUX or just sharpen your skills. Sign up for IBM's > Free Linux Tutorials. Learn everything from the bash shell to sys admin. > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click > ___ > Clama
[Clamav-users] failures on password protected zip files
Mon Dec 29 17:30:25 2003 -> /var/spool/exim/scan/1Ab5u4-00064B-VQ/1Ab5u4-00064B-VQ-0.zip: Zip module failure. ERROR Mon Dec 29 17:30:33 2003 -> /var/spool/exim/scan/1Ab5uB-00045R-RJ/1Ab5uB-00045R-RJ-0.zip: Zip module failure. ERROR Eh, running into a situation, clamav is failing on password protected zip files. Any way to make it ignore zip files that are password protected so that they can go through without being caught? -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org --- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Mirrors
Heya, probably offtopic for this list, but who do I contact about setting up a virusdb mirror? I've got a machine on a 5mbit pipe thats going pretty much unused :-) -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamscan/clamdscan --remove --move options not working
Hello, The --remove and --move options in clamscan and clamdscan do not appear to be working in the latest CVS build as of about 5 minutes ago. Any ideas? -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The AHBL - http://www.ahbl.org --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Wait for next stable version or use CVS
On Tuesday, February 03, 2004 10:35 PM [GMT-5=EST], Justin <[EMAIL PROTECTED]> wrote: > > [EMAIL PROTECTED] /usr/local/src/clamav/clamav-devel-20040201]#> make > Making all in libclamav > make[1]: Entering directory > `/usr/local/src/clamav/clamav-devel-20040201/libclamav' > cd .. && \ > /bin/sh /usr/local/src/clamav/clamav-devel-20040201/missing --run > automake-1.6 --gnu libclamav/Makefile > aclocal.m4:4200: version mismatch. This is Automake 1.6.3, but aclocal.m4 > aclocal.m4:4200: was generated for Automake 1.6.1. You should recreate > aclocal.m4:4200: aclocal.m4 with aclocal and run automake again. > make[1]: *** [Makefile.in] Error 1 > make[1]: Leaving directory > `/usr/local/src/clamav/clamav-devel-20040201/libclamav' > make: *** [all-recursive] Error 1 Thats easy to fix - run 'aclocal', then 'autoconf' and then rerun configure and make. Should be fine then. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamav-devel build error
Heya all, CVS update as of about 40 seconds ago fails when running configure. config.status: error: cannot find input file: clamav-config.h.in Missing file in the CVS tree? -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-devel build error
On Saturday, February 07, 2004 3:28 AM [GMT-5=EST], Thomas Lamy <[EMAIL PROTECTED]> wrote: > Brian Bruns wrote: > >> Heya all, >> >> CVS update as of about 40 seconds ago fails when running configure. >> >> >> config.status: error: cannot find input file: clamav-config.h.in >> >> Missing file in the CVS tree? > Yes, although you can rebuild that one yourself if you have the > "autoconf" and "automake" packages installed. Just enter > "autoreconf" inside the source root directory. Ah, that would explain it. I was only doing autoconf. Much thanks :) -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- The SF.Net email is sponsored by EclipseCon 2004 Premiere Conference on Open Tools Development and Integration See the breadth of Eclipse activity. February 3-5 in Anaheim, CA. http://www.eclipsecon.org/osdn ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] New version of Clamav for Windows
Heya all, Just letting you guys know, between now and tomorrow night, I'll be releasing a new version of Clamav For Windows binaries based on the latest CVS checkout, plus the latest cygwin dll's which fix some problems in the last version I released. I'll have more details soon, but hopefully this version will be quite useful to people. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamav-devel 20040213 for windows
Ok, I finished it up quickly and uploaded, so enjoy. http://www.sosdg.org/clamav-win32/clamav-devel.exe Major changes in this version are cygwin 1.5.7 DLLs which fixes some version mismatch issues, latest CVS source used to build the binary. Give it a try, if theres problems, let me know. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] RE: clamav-devel 20040213 for windows
On Saturday, February 14, 2004 8:23 AM [EST], Andrey Cherezov <[EMAIL PROTECTED]> wrote: >> And please check you're using current mbox.c >> * $Log: mbox.c,v $ >> * Revision 1.41 2004/02/12 18:43:58 nigelhorne >> * Use mkstemp on Solaris >> * >> * Revision 1.40 2004/02/11 08:15:59 nigelhorne >> * Use O_BINARY for cygwin >> ^ >> When I did the initial testing here, I didn't have a problem with MD5 checksums at all. But, apparently others are having this problem for some reason... No idea why. I'll put it through some paces here and see if I can reproduce the problem myself. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-devel 20040213 for windows
On Saturday, February 14, 2004 8:14 AM [EST], Fajar A. Nugraha <[EMAIL PROTECTED]> wrote: > > Yes, it does that. I don't know how to fix it. However, clamscan > handles absoulte path correctly. > If you WANT to use clamd, don't use clamdscan. > > Look at contrib/Windows/ directory on Clamav's SOURCE package > (http://clamav.net/snapshot/clamav-devel-latest.tar.gz) > You will find a GUI client for clamd, clamav.exe. > AFAIK you also have to change clamav.conf to use TCP port instead of > Local Socket. > > Regarding the MD5 error, what makes me wonder is why some people has it > and some don't. > What's your system spec? e.g : > - CPU, OS > - Do you have Cygwin, what version > - If you have cygwin, what line ending convention do you use? Dos or > Unix style? > I've actually included the GUI client for clamd in the contrib directory of the install, you can grab it from there. I will probably make the GUI part of the main installer next time I upload a new build. The system which compiled clamav for windows is a Windows 2000 SP4 machine running Cygwin 1.5.7 in UNIX line ending mode. I'll check the source and see if I can figure out why the paths are not being correctly mapped. In cygwin, it is supposed to be able to map C:\ to /cygdrive/c (which is how I make programs that use cygwin work like standard Windows applications). -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-devel 20040213 for windows
On Saturday, February 14, 2004 12:35 PM [EST], Fajar A. Nugraha <[EMAIL PROTECTED]> wrote: > Brian Bruns wrote: > >> running Cygwin 1.5.7 in *UNIX line ending mode*. >> > Which, I think, is why neither of us has problems with freshclam.exe. > > I tried my build on non-cygwin Win2k's, and they have MD5 verification > error too. > I still can't figure out why Ignasi Pratt's build has handle_exceptions > error though. Well, heres the question - is this just a matter of setting the right env flags? I could have sworn that cygwin works in unix line ending mode by default. You also have the issue of either binary or ascii mount points (and cygwin IIRC does binary mount points by default too). I guess I'll go documentation diving. This is what I [EMAIL PROTECTED]@[EMAIL PROTECTED] hate about Windows. It does literally EVERYTHING different from the rest of the world such to a point that even cygwin can't compensate all the time for it. The question is, should we force it into DOS LF mode, or UNIX LF mode? I'd say for compatibility reasons, UNIX LF mode. > Not map. Cygwin can recognize both paths, the /cygdrive/c and c:\.. > Which is why clamscan works. > But the problem is clamd (or clamdscan) thinks of > "c:\clamav-devel-latest\share\clamav\test" as non-absolute path, and > automatically add it's own path (/cgdrive/c/ ...) in front of it. Thus > you get /cygdrive/c/clamav-devel-latest/bin/c:\clamav- which is a > non-existent path. > Well, you know what I mean. I know they changed the behavior a while ago since you used to be able to do //c IIRC as well. Wonder, if I put out another build specifying C:\clamav-devel instead of /cygdrive/c/clamav-devel, might it make a difference? I only used ./cygdrive/c/clamav-devel because I ran into a machine once that for some reason had a heart attack every time I tried the normal C:\ paths with cygwin. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] GNU MP 3
On Saturday, February 14, 2004 1:40 PM [EST], Awie <[EMAIL PROTECTED]> wrote: > In ClamAV manual, there is statement "It's highly recommended to install the > GNU MP 3 library in order to enable support for a database digital > signatures." > > What RPM of RH9 should I install to get GNU MP 3 library and enabling > DIGITAL SIGNATURES? I assume that DIGITAL SIGNATURES is the source of > problem to "integrate" ClamAV 0.66 to qmail-scanner. Just install the gmp and gmp-devel package (which are version 4.x IIRC) and come in the RedHat CDs or on one of the FTP sites (pulls out his trusty bookmarks): ftp://194.199.20.114/linux/redhat/9/en/os/i386/RedHat/RPMS/gmp-4.1.2-2.i386.rpm ftp://194.199.20.114/linux/redhat/9/en/os/i386/RedHat/RPMS/gmp-devel-4.1.2-2.i386.rpm Give those a try. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-devel 20040213 for windows
On Saturday, February 14, 2004 1:51 PM [EST], Brian Bruns <[EMAIL PROTECTED]> wrote: > Well, heres the question - is this just a matter of setting the right env > flags? I could have sworn that cygwin works in unix line ending mode by > default. You also have the issue of either binary or ascii mount points > (and cygwin IIRC does binary mount points by default too). I guess I'll go > documentation diving. > > This is what I [EMAIL PROTECTED]@[EMAIL PROTECTED] hate about Windows. It does > literally EVERYTHING > different from the rest of the world such to a point that even cygwin can't > compensate all the time for it. > > The question is, should we force it into DOS LF mode, or UNIX LF mode? I'd > say for compatibility reasons, UNIX LF mode. > Ok, did some reading - cygwin is a big stickler for having the right flags when opening a file. It seems that the O_BINARY patch is gone in the current version? The people who are having problems with clamd/clamdscan, can you try accessing the file that you were using to test in the following ways: C:/path/to/file C:\\path\\to\\file and see if it properly scans this time? -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-devel 20040213 for windows
On Saturday, February 14, 2004 6:05 PM [EST], Cedric Foll <[EMAIL PROTECTED]> wrote: >> The people who are having problems with clamd/clamdscan, can you try >> accessing the file that you were using to test in the following ways: >> >> C:/path/to/file >> C:\\path\\to\\file >> >> and see if it properly scans this time? >> >> >> > > Same problem. Looks like I get to brush up on my programming skills tonight and get to look at the code in clamd/clamdscan that handles paths. Perhaps something at one point got updated in clamscan and not clamd/clamdscan in regards to file paths. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-devel 20040213 for windows
Ok, let me see what I can do about getting another release ready by tomorrow morning. We also have the issue about the paths in clamd/clamdscan that I'm still looking at. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org - Original Message - From: "Tomasz Kojm" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Saturday, February 14, 2004 8:13 PM Subject: Re: [Clamav-users] clamav-devel 20040213 for windows This is now fixed in CVS (added support for O_BINARY in freshclam compiled under Cygwin). --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Implementation Questions
On Monday, February 16, 2004 10:27 AM [EST], Spam <[EMAIL PROTECTED]> wrote: > I have installed ClamAV friday and have it successfully tagging viruses > e-mail with a header, but am wondering how people have actually stoped the > message that has a virus attached. > > It seems to me like the easiest way would be to just not devilver any mail > that has a header saying it has a virus. Although this would work I would > rather send the recipient of the letter a message saying that someone tried > to send them a message, but it had a virus so it was stopped. I am curious > to know how some of you have this setup. Any input would be appreciated. > > I am currently running clamav via procmail. I use exim 4.30 with the exiscan/local_scan patches which integrate clamav directly into exim. Works like a charm and stops a good portion of the viruses (still some MyDoom viruses getting through, not sure why). -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: clamav-devel 20040213 for windows
On Monday, February 16, 2004 4:15 AM [EST], Fajar A. Nugraha <[EMAIL PROTECTED]> wrote: > Just as I thought. ANyway, the developers seems to have fixed this by > adding O_BINARY (again) for Cygwin build only. > As usual, you can get my precompiled daily build on www.clamav.or.id. > Tested it earlier, and it works fine. > BTW, the only reason why we are putting out our own build (not to compete with you obviously) is because we are trying to eventually release a 'quality assured' version of clamav (if you could call it that), sorta like what ActiveState does with Perl. The idea being that once things are stabilized and we have clamav-win32 working like we want to, we are going to release 'stable' builds based on the most current version of clamav. We do the same thing with ircII EPIC4 For Windows and have had pretty good success. My hope is, that eventually, we might be able to create a native version of clamav for windows which does not require the cygwin layer, and would be able to compete directly with Norton AV or McAffee. I've got some of my internal developers tinkering with the code right now to see if we can do it easily or if we are out of our league. Naturally, any changes we make will obviously be contributed back :-) -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] clamav-devel-20040217 working in windows here
On Tuesday, February 17, 2004 5:03 AM [EST], Ignasi Prat <[EMAIL PROTECTED]> wrote: > Hi devel comunity: > > Only to say to win testers that clamav-devel-20040217 solved all problems I > had with CYGWIN version of clamav in all the computers I have tested (5 so > far). > > In case anyone knows: how was the problem of "handle_exceptions" solved ? > > Good job ! > I'll have a new build/installer out by later on tonight that has the new code. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] RE: clamav-devel 20040213 for windows
On Tuesday, February 17, 2004 11:36 AM [EST], Andrey Cherezov <[EMAIL PROTECTED]> wrote: > On the Win2003 Server this clamscan.exe build also NOT detects MyDoom. > And clamDscan.exe not usable because inserts /cygdrive/... in the path, > and clamD.exe unable to use such path: > > clamdscan.exe C:\Eserv3-mail\DATA\infected > /cygdrive/c/Eserv3-mail/DATA/infected/C:\Eserv3-mail\DATA\infected: Can't > access the file ERROR I'm still working on the problem. As my programming skills are rather limited these days, I can only tinker and hope I find out whats causing it :( -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] RE: clamav-devel 20040213 for windows
On Tuesday, February 17, 2004 12:36 PM [EST], Andrey Cherezov <[EMAIL PROTECTED]> wrote: > > I found, this problem in the clamscan.exe itself. > But clamDscan.exe (via clamd.exe) detects all viruses successfully now. > > The only required additional fix - change the file clamdscan/client.c: > line 219: > under cygwin use > sprintf(file, "%s", opt->filename); > instead of original > sprintf(file, "%s/%s", cwd, opt->filename); > Because in cygwin getcwd() returns /cygdrive/... confusing clamd.exe Ok, patch added in mine. I've attached it for anyone else who wants it. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org clamdscan-cygwin.patch Description: Binary data
[Clamav-users] New version of clamav for windows
Hello all, Its been a while, but I just uploaded a completely new build of clamav for Windows. Its based off of today's CVS. http://www.sosdg.org/clamav-win32 I still haven't gotten the DLL version to build or work properly (ie: cygclamav-90.dll thing, or whatever its called). This version also includes the latest virusdb, and should be somewhat stable. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Re: ClamAV CVS version devel-20040325 instability
On Fri, April 2, 2004 4:29 pm, Jesse Guardiani said: > > Why would you want to run more than five threads concurrently on a single > processor box? Queue the remaining connections (and make sure your queue > is > large enough) and you'll run more efficiently by avoiding thread context > switching and such. 5 threads are quite capable of bringing my CPU to 0% > idle. > > My mailserver doesn't reject any mail with only 5 threads. The high > MaxConnectionQueueLength insures (or should insure) that incoming messages > wait their turn to be processed. Having a lower thread count insures > that my server isn't brought to it's knees by high incoming mail volume. > > If I had 2 CPUs on a Solaris, Linux, or FreeBSD 5.x box then I would > probably > run 10 threads. 4 CPUs would merit maybe 20-30 threads, etc... > > Anyway, that's my understanding of the way threading works. If you run too > many threads concurrently then you end up wasting a lot of time switching > context. If anyone has a good argument against that logic then please let > me know. > Something interesting I'll throw into the mix here. I'm putting together specs and development plans for a clamav based antivirus scanning appliance. I've got a customer that needs to be able to scan a ton of incoming mail, and wants to quickly be able to add in more antivirus appliances to handle the load. The idea I was putting together was small, boxes with alot of raw power CPU wise running Linux 2.6.x, boot from flash, so no moving parts to fail besides the CPU fan and power supply. When you need more scanning power, power up another scanning appliance, plug in ethernet (gig probably), adjust the configs to add this new scanner to the pool of available devices, and boom, more scanning power. Obviously, still in development stage. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Violation of the GPL ?
On Wednesday, April 07, 2004 10:34 PM [EST], Guillermito <[EMAIL PROTECTED]> wrote: > Hello to all members of this list. > > I was wondering if a company has the right to distribute a scanner > they probably coded, which uses the ClamAV virus signatures database, > and provide this package for free - as in free beer - but not under > the GPL, without source code, and even more, with a home-made licence > that explicitely forbids any reverse engineering or analysis. In other > words, a closed software under a non-GPL compliant licence. > > This french company sells a generic antivirus, and distributes this > scanner tool, well hidden on their website, to clean computers before > installation of their own product. You can find this tool here: > > http://www.tegam.fr/download/tools/vdetect.zip > > > > [DISCLAIMER] > > There is a conflict of interest here. I am currently sued by this > company because I published an analysis of their anti-virus product, > showed a few flaws, and debunked their claim of stopping "100% of > known and unknown viruses", on my website. The publication of exploits > to demonstrate my theorical analysis was labelled as "counterfeiting", > and I am currently indicted for that in France. More info on my > website: http://www.guillermito2.net/archives/2004_03_25e.html > I'm not hiding that if this company actually violates the GPL, it will > help my own case, by showing who acts in good faith and who does not. > > [/DISCLAIMER] Regardless of what ClamAV is licensed as, is the database being published under the GPL as well? Is it public domain? We've run into very similar type questions with the AHBL stuff - what are we going to publish our database information as? Our standard license is either GPL or BSD. Now, there is a difference between the AHBL and the ClamAV database - the AHBL database was pretty much completely constructed by me, and as I own the SOSDG/AHBL, I also own the database, so I can decide alone, or delegate that decision to someone else in my group, on what it will be released as. However, there is alot more people working on ClamAV and its database then just one group - so who technically owns the ClamAV virus database? That would be the person who could act on something like this. If this company is found to be in violation of the GPL, let me know, and I'll see if I can put some heat on them. We've had to smack some people up in the past for breaking licenses on software some of our users developed years ago. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Violation of the GPL ?
Ok, I'm still somewhat unsure if your saying that the DB is covered by the GPL, BSD, some other license, or if its considered public domain? I have not been able to find info on what the openav database was licensed as. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org - Original Message - From: "Tomasz Kojm" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 08, 2004 5:06 AM Subject: Re: [Clamav-users] Violation of the GPL ? On Thu, 8 Apr 2004 01:06:27 -0400 "Brian Bruns" <[EMAIL PROTECTED]> wrote: > Regardless of what ClamAV is licensed as, is the database being > published under the GPL as well? Is it public domain? > > We've run into very similar type questions with the AHBL stuff - what > are we going to publish our database information as? Our standard > license is either GPL or BSD. Now, there is a difference between the > AHBL and the ClamAV database - the AHBL database was pretty much > completely constructed by me, and as I own the SOSDG/AHBL, I also own > the database, so I can decide alone, or delegate that decision to > someone else in my group, on what it will be released as. > > > However, there is alot more people working on ClamAV and its database > then just one group - so who technically owns the ClamAV virus > database? The database is partially owned by the OpenAV team (in this case represented by Kurt Huwig) because it includes about 4500 signatures from then and by ClamAV (represented by me). > If this company is found to be in violation of the GPL, let me know, > and I'll see if I can put some heat on them. We've had to smack some > people up in the past for breaking licenses on software some of our > users developed years ago. That's a simple merge of the main and daily databases but it has removed the (Clam) markers. [EMAIL PROTECTED]:/tmp/vdetect$ unzip vdetect.zip Archive: vdetect.zip inflating: LisezMoi.txt inflating: sign.dbp inflating: vdetect.exe [EMAIL PROTECTED]:/tmp/vdetect$ file sign.dbp sign.dbp: Zip archive data, at least v2.0 to extract [EMAIL PROTECTED]:/tmp/vdetect$ unzip sign.dbp Archive: sign.dbp inflating: sign.db [EMAIL PROTECTED]:/tmp/vdetect$ tail -5 sign.db Trojan.Dropper.Small.HG=45ec8b008b00a3304040008b55ec8b02a3344040008b420 4a338404000565751b914008d3d3c4040008b3534404000f3a58d3d3c404000893d 34404000595f5eff548f045d5e8b5d0c09c0742878348b7b0853e82aff83c4048d6 b105653e8c3fe83c4088d0c768b048f Trojan.Padodor.d=f5e0dfd16c8150a73c695bee58ca922d3c69512d69e0777e6a3e19 5830e2cf3dc36c065d7d6911d3c31c9ed249617a50b46992a4fab87424ca1db61cc3828 2a4c6b878a67161182105e19e3ebfae9014cb1b7ea4c22743c3fa2d8c2c3c8291eb3f69 cd7367345178b58c2a813f6892c5 Trojan.Padodor.d-dll=5a616b726f6d61206f6620526f64696e610053504557532063 726577202d207a616f63686e6f20707269676f766f72656e69206b20726173737472656 c75004672617564203465766572004c69676a70693332006a6b6c6d6e6f0025735c2573 004e6568657220763221284845584550 Worm.Bagle.Z=6104f72591b21b2aff18813da0067002c23675e35f9a3b25da5610fe40 9020a00f82c1d08210c87181750a6805118ce990ff02c7a3a96739daf72306253c11808 65e0481e3311e7f0bc3c7c8d1e8f7d6e1c2340684411a33c3809f010bc900740535dfb0 0899897e0618c604ff78817d Trojan.Dropper.Small.HG-zippwd=504b0304140009000800*2e636f6d2e667261756 42e73656375726974792e7069662e706966 -- oo. Tomasz Kojm <[EMAIL PROTECTED]> (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Thu Apr 8 10:54:49 CEST 2004 --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Violation of the GPL ?
My apologizes. I had like barely any sleep last night, so I'm not using my head completely :) So, I guess the question is, do you want me to address this issue with them, or do you want to do it yourself, if you haven't done so already? I know your probably rather busy, which is why I made the offer, since I have free time on my hands. I'd consider this a blatant violation of the GPL (based on my interpretation of the GNU General Public License v2), but its your call as being one of the copyright holders of the DB. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org - Original Message - From: "Tomasz Kojm" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 08, 2004 1:49 PM Subject: Re: [Clamav-users] Violation of the GPL ? On Thu, 8 Apr 2004 13:16:51 -0400 "Brian Bruns" <[EMAIL PROTECTED]> wrote: > Ok, I'm still somewhat unsure if your saying that the DB is covered by > the GPL, BSD, some other license, or if its considered public domain? > I have not been able to find info on what the openav database was > licensed as. [EMAIL PROTECTED]:/tmp$ sigtool -u daily.cvd [EMAIL PROTECTED]:/tmp$ less COPYING --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Violation of the GPL ?
On Thursday, April 08, 2004 3:17 PM [EST], Lionel Bouton <[EMAIL PROTECTED]> wrote: > Tomasz Kojm wrote the following on 04/08/04 19:49 : > >> On Thu, 8 Apr 2004 13:16:51 -0400 >> "Brian Bruns" <[EMAIL PROTECTED]> wrote: >> >> >> >>> Ok, I'm still somewhat unsure if your saying that the DB is covered by >>> the GPL, BSD, some other license, or if its considered public domain? >>> I have not been able to find info on what the openav database was >>> licensed as. >>> >>> >> >> [EMAIL PROTECTED]:/tmp$ sigtool -u daily.cvd >> [EMAIL PROTECTED]:/tmp$ less COPYING >> >> >> > > IANAL... > > I'm worried about the license choice : daily and main.cvd are clearly > GPLed but I'm not sure if it prevents using them in proprietary software > (you don't link to the cvd files, you only use them as data). I think it > only prevents people from taking the files, modifying them and release > them alone or as part of a whole package without the GPL attached for > the cvd files. > > Is it the real goal or shouldn't proprietary software be forbidden to > use these files ? > > In this case I'd try to make things clear by renaming COPYING to GPLv2 > and adding a COPYING which clearly states that the whole CVD is covered > by the GPL and software using the content for the purpose of detecting > virii must be covered by the GPL too (I think you want to allow people > to use proprietary software to transmit the file for example). > > But as I said IANAL, better ask the fsf... Perhaps it might be better to use one of the documentation licenses then? I'm not sure, I consider the use of the data file in the case of clamav to be an integral part, very similar to the source code itself. But, like I said, everyone has their own opinions on this. -- Brian Bruns The Summit Open Source Development Group Open Solutions For A Closed World / Anti-Spam Resources http://www.sosdg.org The Abusive Hosts Blocking List http://www.ahbl.org --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
