Re: [Clamav-users] trouble installing on OS X 10.2.6

[Guillaume Arcas]

Emrys Hughes a dit :
> Hi
>
> I'm having trouble installing clamav-0.74 on Darwin.
> I have tried with earlier versions of clamav also, same problem.

> *** Warning: linker path does not have real file for library -lbz2.

You have to run this command : ranlib /usr/lib/libbz2.a
before compiling clamav.

Note that clamav should work except that it will not be able to unzip
files...

Guillaume Arcas


Là-bas, vers le sud, la plaine s'ouvre, infinie, attirante...
Puis le désert, sa vie libre et errante et son bienfaisant silence.
Isabelle Eberhardt - Au pays des sables.


---
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21&alloc_id040&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Command line help

[Guillaume Arcas]

yoloits a écrit :
> I am using Clamscan in a cron job to scan my server but I want it to skip
> my quarantine directory.  How do I add that to the clamscan line command?

You cans use the --exclude option to skip it.

$ clamscan -r /home --exclude=/home/quarantine

Excluded files will be marked as... Excluded !

Regards,

Guillaume Arcas


Quiconque saurait le secret usage des mots de tous les jours
aurait un pouvoir illimité, et il ferait peur.
Jean Tardieu.

___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Re: [Clamav-users] Any way to add a line to cleaned email?

[Guillaume Arcas]

Thalador Du'Fosnee a écrit :
> I know some virus programs add a line to cleaned emails saying "This email
> was infected with blahblah and cleaned"
>
> Can ClamAV be set to do that?

If you accept deletion as a synonym for cleaning, ClamAV can do that... :-)

Guillaume Arcas


Quiconque saurait le secret usage des mots de tous les jours
aurait un pouvoir illimité, et il ferait peur.
Jean Tardieu.

___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

Re: [Clamav-users] Thank You!

[Guillaume Arcas]

Selon Scott Ryan <[EMAIL PROTECTED]>:

> On Thursday 24 February 2005 11:29, Yatin Shah (QualiSpace, Sales) shaped the
> electrons to say:
> > Thank You!

>
> WTF ?

Autoresponder I guess...

--
Guillaume Arcas


Quiconque saurait le secret usage des mots de tous les jours
aurait un pouvoir illimité, et il ferait peur.
Jean Tardieu, La part de l'ombre.
___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Re: How to Filter Spam Mails

[Guillaume Arcas]

Jijos a écrit :
> hai
> 
> Does any one know how to filter mails using clamAV milter using with sendmail
> I don't want to use spamassassin it will only mark as junk I don't want to 
> send
> it to users i want to move it to a perticular mail box

Hi.

ClamAV is not an antispam solution but an antivirus.
If I can give you an advice, you should do the both : filter spam then
afilter virus for inconmig (and outgoing as well) mail traffic.

If you just want to filter virus with clamav-milter and sendmail, this
page :
http://www.clamav.net/doc/0.83/html/node19.html
is all you need to read ! :-)

Regards,

-- 
Guillaume Arcas


J'ai personnellement connu un canard qui avait du genie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Latest virusdb update - mismatched signature count?

[Guillaume Arcas]

Tomasz Kojm a écrit :

> Your clamd doesn't support meta-data signatures.

What is a meta-date signature ?

BTW, what's in the .zmd file ? Patterns for password-protected zip file
detection ?

Regards,

-- 
Guillaume Arcas


J'ai personnellement connu un canard qui avait du genie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] clamav frm 0.80 to 0.83

[Guillaume Arcas]

[EMAIL PROTECTED] a écrit :

> WARNING: Your ClamAV installation is OUTDATED - please update immediately!
> WARNING: Current functionality level = 3, required = 4
> daily.cvd is up to date (version: 770, sigs: 586, f-level: 4, builder:
> ccordes)
> 
> 
> My version is 0.80 and I think it should be solved by installing 0.83 can
> any one help me with this. It would be better if  it is a rpm installation
> file…

You should upgrade to version 0.83. RPM do exist for RHL9 here :
http://dag.wieers.com/packages/clamav/

Regards,

-- 
Guillaume Arcas


J'ai personnellement connu un canard qui avait du genie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] what is milter ?

[Guillaume Arcas]

Victor a écrit :
> Hello,
> 
> Please, someone can explain to me, what is milter ?

Kind of Mail fILTER for sendmail.

Regards.

-- 
Guillaume Arcas


J'ai personnellement connu un canard qui avait du genie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Test installation

[Guillaume Arcas]

Michel Machado a écrit :
> Hi all,
> 
> I am  new with linux, but i could install it in the PC (Red hat 9). Now
> i have a problem with clamav0.83.  In the doc you can see the following:
> 
> To test your installation execute:
> 
> $ ~/clamav/bin/freshclam
> $ ~/clamav/bin/clamscan
> 
> When the installation finished i tried to do from my home directory but
> not exist this directory, i tried to do from the /home/clamav directory
> and not found this dirtectory or file.

How did you install ClamAV ?

-- 
Guillaume Arcas


J'ai personnellement connu un canard qui avait du genie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

[Clamav-users] Building his own CVD

[Guillaume Arcas]

Hi.
What is the process to build one's own CVD files from *.db files ?
I mean : how does the --server option runs exactly ?
Regards,
Guillaume Arcas
---
"Il dépend de celui qui passe que je sois tombe ou trésor."
Paul Valéry
___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Building his own CVD

[Guillaume Arcas]

Tomasz Papszun a écrit :
You can't use it. It's for database developers only.
OK. So, if for any - good or bad - reason I want to disable a signature, 
how can I do that ?

--
Guillaume Arcas
---
"Il dépend de celui qui passe que je sois tombe ou trésor."
Paul Valéry
___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Building his own CVD

[Guillaume Arcas]

Tomasz Papszun a écrit :
Unpack the CVD containers so some other directory, remove the unwanted
signature from the plain text databases, instruct the clamscan (or
clamd) to use databases from that other directory.
Means that clamscan can use both text databases and CVD. I wasn't sure.
Thanks.
--
Guillaume Arcas
---
"Il dépend de celui qui passe que je sois tombe ou trésor."
Paul Valéry
___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Building his own CVD

[Guillaume Arcas]

Tomasz Papszun a écrit :

> in case you wanted to disable some signature because of a false
> positive, the proper way of solving this is submitting the sample at
> http://www.clamav.net/sendvirus.html  (selecting the button "A false
> positive") so that the signature could be corrected/removed. This way,
> all users will benefit.

That's sure !
My question was kind of theorical.
By the way, are there technical advantages of using CVD files instead of
text files ? I mean: is it faster ?

Regards,

-- 
Guillaume Arcas


J'ai personnellement connu un canard qui avait du genie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Building his own CVD

[Guillaume Arcas]

Thomas Lamy a écrit :

> No it's not faster. But it's more secure, because it's signed, and it's
> contents is compressed.

OK, that does explain why clamscan runs a little faster with text
signatures database than with CVD files.

Shoud not be a problem with clamd for databases are loaded once but does
it mean that tools using libclamav and not clamd are "affected" by this
performance issue ?

-- 
Guillaume Arcas


J'ai personnellement connu un canard qui avait du genie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] ClamAV is not 100% open still ?!

[Guillaume Arcas]

Damian Menscher a écrit :

> http://www.clamav.net/doc/0.75/signatures.pdf
> 
> They removed the functionality in 0.80 and above, but that's because
> it's simplest for users to create md5 signatures of unknown binaries
> (and the automatic signature generation depended on having another virus
> scanner detect it already anyway).  Of course, you can also create
> signatures by hand, which isn't that difficult once you've read the .pdf
> file for the format.
> 
> About the only thing we *can't* do is create a .cvd file that is signed
> by the original authors.  But if the project were forked, that would be
> trivial to fix also (requires a one-line change to the source code).

What do you mean by "they removed the functionality" ?

sigtool - the command line utility used to create & manipulate
signatures - is still there in 0.83.

As already said, you cannot build CVD files by yourself but you can
create a signature and then create your own database with sigtool and
use these files.

-- 
Guillaume Arcas

J'ai personnellement connu un canard qui avait du génie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] ClamAV is not 100% open still ?!

[Guillaume Arcas]

Matt Fretwell a écrit :
> Joanna Roman wrote:
> 
>>>(2) The use violates the license of most (if not all) commercial
>>>scanners
> 
>>Why would it violate any license of any commercial scaners ?
> 
>  You are extracting information from a proprietary database.

I don't see how making signatures using sigtool would violate any
commercial scanner...
Or did I miss something ?

-- 
Guillaume Arcas

J'ai personnellement connu un canard qui avait du génie.
Alphonse Allais

___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Submitting a virus file

[Guillaume Arcas]

Trog a écrit :
We are, of course, also looking for people to volunteer to become sig
makers. Assuming that they have the time and the relevant skills.
How would you define these skills ?
Further I would say: how do actual sigmakers work ? Reverse-engineering 
on new virus ? Scan its with other AV products ? Mix of that and more 
other way to make a signature ? Is there a ClamAV virus lab somewhere to 
test suspicious exec ?

There's no malicious intent in these questions, just curiosity.
--
Guillaume Arcas
---
"Il dépend de celui qui passe que je sois tombe ou trésor."
Paul Valéry
___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] [Problem updating to 0.87.1

[Guillaume Arcas]

Selon Tugdual de Lassat <[EMAIL PROTECTED]>:

> Installed: clamav.i386 96:0.87.1-3
> Complete!
>
> i then do once more : service clamd start
> clamd: unrecognized service
>
> Hummm  where is the problem ??? is it the rpm that is corrupted ???

Did you test :
/etc/rc.d/init.d/clamd start ?

You may have to "declare" clamd by running something like "chkconfig clamd on"
then "service clamd start".

Regards,

Guillaume Arcas - [http://yom.retiaire.org]
---
"Je cherche un ailleurs, mais pas trop loin d'ici." (Sempé)
___
http://lurker.clamav.net/list/clamav-users.html

RE: [Clamav-users] [Problem updating to 0.87.1

[Guillaume Arcas]

Selon Tugdual de Lassat <[EMAIL PROTECTED]>:

> Is there a problem on those rpm's ???

Maybe, i don't know. I usually get RedHat RPM from here :
http://dag.wieers.com/packages/clamav/

Does clamav binaries work ? I mean : clamd, clamscan, freshclam ?

Guillaume Arcas - [http://yom.retiaire.org]
---
"Je cherche un ailleurs, mais pas trop loin d'ici." (Sempé)
___
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] how to scan via a perl script

[Guillaume Arcas]

Selon abhishek jain <[EMAIL PROTECTED]>:

> Dear Friends,
> I need to scan uploaded files via an antivirus i see clamav to be the
> solution.
> Pl. tell me how to do that via mine PERL script i mean is there an exe which
> i can give some commands and it will give some output which i will search
> for some words .

Hi.

You can try with these CPAN Modules :
- ClamAV::Client - http://search.cpan.org/~jmehnle/ClamAV-Client-0.11/
- File::Scan::ClamAV - http://search.cpan.org/~cfaber/File-Scan-ClamAV-1.8/

Regards.

Guillaume Arcas - [http://yom.retiaire.org]
---
"Je cherche un ailleurs, mais pas trop loin d'ici." (Sempé)
___
http://lurker.clamav.net/list/clamav-users.html