Re: [Clamav-users] Worm.Mydoom.M
?? ?? wanted us to know: >I remove old version of clamav >& install clamav .75.1 from tar.gz If you emerge sync, you can emerge clamav 0.75.1. It's masked though, so you have to force it: ACCEPT_KEYWORDS="~x86" emerge --buildpkg clamav I always use --buildpkg personally because I have a bank of machines. -- Regards... Todd They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. --Benjamin Franklin Linux kernel 2.6.3-15mdkenterprise 2 users, load average: 0.00, 0.01, 0.00 --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Worm.Mydoom.M
>> >> I have old libmilter.a: is it ? >> > >I wouldn't have thought so. > >I guess you are scanning the file by hand rather than pushing it back >through the mail system. > >You are running clamd as the user clamav - does that user have access >rights to the file you are trying to scan? > >What does the clamd.log file say? > >-trog I fix file permissions & clamav work fine . Thanks. --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re[2]: [Clamav-users] Worm.Mydoom.M
Hello, Кирилл. You wrote, 12 августа 2004 г., 15:25:03: КУ> I remove old version of clamav КУ> & install clamav .75.1 from tar.gz КУ> Clamav.conf КУ> _ КУ> LogFile /var/log/clamd.log КУ> LogFileMaxSize 16M КУ> LogTime КУ> LogSyslog КУ> User clamav КУ> LocalSocket /var/run/clamav/clamav.sock КУ> StreamSaveToDisk КУ> ScanMail КУ> ScanArchive КУ> ___ КУ> ls -l /usr/lib/clamav/ КУ> -rw-r--r-- 1 root root 66242 Июл 29 11:42 lib.a КУ> -rw-r--r-- 1 root root 405616 Авг 12 15:21 libclamav.a КУ> -rwxr-xr-x 1 root root765 Авг 12 15:21 libclamav.la КУ> lrwxr-xr-x 1 root root 18 Авг 12 15:21 libclamav.so -> КУ> libclamav.so.1.0.4 КУ> lrwxr-xr-x 1 root root 18 Авг 12 15:21 libclamav.so.1 -> КУ> libclamav.so.1.0.4 КУ> -rwxr-xr-x 1 root root 288739 Авг 12 15:21 libclamav.so.1.0.4 КУ> -r--r--r-- 1 root root 48588 Авг 4 21:37 libmilter.a КУ> drwxr-xr-x 2 root root 4096 Авг 12 15:21 pkgconfig КУ> I have old libmilter.a: is it ? КУ> -Original Message- КУ> From: [EMAIL PROTECTED] КУ> [mailto:[EMAIL PROTECTED] On Behalf Of Trog КУ> Sent: Thursday, August 12, 2004 3:42 PM КУ> To: [EMAIL PROTECTED] КУ> Subject: RE: [Clamav-users] Worm.Mydoom.M КУ> On Thu, 2004-08-12 at 10:31, Кирилл Усатов wrote: >> I'm update clamav to 0.75.1 >> Clamscan catch virus >> But clamdscan don't >> & clamav-milter don't stop infected mail КУ> Make sure you have ScanMail enabled in clamav.conf, that you've КУ> restarted clamd and that you don't have any old libclamav libraries on КУ> your system. КУ> -trog КУ> --- КУ> SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media КУ> 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 КУ> Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. КУ> http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 КУ> ___ КУ> Clamav-users mailing list КУ> [EMAIL PROTECTED] КУ> https://lists.sourceforge.net/lists/listinfo/clamav-users Read ClamAV user manual: "You need libmilter development files. Configure ClamAV with $ ./configure --enable-milter and recompile. The program will be installed in /usr/local/sbin/clamav-milter." -- Pavel Knyshov, SysAdm @ NPK "SoyuzSpetsAvtomatika" www.kodos.ru [EMAIL PROTECTED] --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Worm.Mydoom.M
On Thu, 2004-08-12 at 12:25, Кирилл Усатов wrote: > > I have old libmilter.a: is it ? > I wouldn't have thought so. I guess you are scanning the file by hand rather than pushing it back through the mail system. You are running clamd as the user clamav - does that user have access rights to the file you are trying to scan? What does the clamd.log file say? -trog signature.asc Description: This is a digitally signed message part
RE: [Clamav-users] Worm.Mydoom.M
I remove old version of clamav & install clamav .75.1 from tar.gz Clamav.conf _ LogFile /var/log/clamd.log LogFileMaxSize 16M LogTime LogSyslog User clamav LocalSocket /var/run/clamav/clamav.sock StreamSaveToDisk ScanMail ScanArchive ___ ls -l /usr/lib/clamav/ -rw-r--r-- 1 root root 66242 Июл 29 11:42 lib.a -rw-r--r-- 1 root root 405616 Авг 12 15:21 libclamav.a -rwxr-xr-x 1 root root765 Авг 12 15:21 libclamav.la lrwxr-xr-x 1 root root 18 Авг 12 15:21 libclamav.so -> libclamav.so.1.0.4 lrwxr-xr-x 1 root root 18 Авг 12 15:21 libclamav.so.1 -> libclamav.so.1.0.4 -rwxr-xr-x 1 root root 288739 Авг 12 15:21 libclamav.so.1.0.4 -r--r--r-- 1 root root 48588 Авг 4 21:37 libmilter.a drwxr-xr-x 2 root root 4096 Авг 12 15:21 pkgconfig I have old libmilter.a: is it ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Trog Sent: Thursday, August 12, 2004 3:42 PM To: [EMAIL PROTECTED] Subject: RE: [Clamav-users] Worm.Mydoom.M On Thu, 2004-08-12 at 10:31, Кирилл Усатов wrote: > I'm update clamav to 0.75.1 > Clamscan catch virus > But clamdscan don't > & clamav-milter don't stop infected mail Make sure you have ScanMail enabled in clamav.conf, that you've restarted clamd and that you don't have any old libclamav libraries on your system. -trog --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Worm.Mydoom.M
>On Thu, 2004-08-12 at 10:31, Кирилл Усатов wrote: >> I'm update clamav to 0.75.1 >> Clamscan catch virus >> But clamdscan don't >> & clamav-milter don't stop infected mail > >Make sure you have ScanMail enabled in clamav.conf, that you've >restarted clamd and that you don't have any old libclamav libraries on >your system. > >-trog I remove old version of clamav & install clamav .75.1 from tar.gz Clamav.conf _ LogFile /var/log/clamd.log LogFileMaxSize 16M LogTime LogSyslog User clamav LocalSocket /var/run/clamav/clamav.sock StreamSaveToDisk ScanMail ScanArchive ___ ls -l /usr/lib/clamav/ -rw-r--r-- 1 root root 66242 Июл 29 11:42 lib.a -rw-r--r-- 1 root root 405616 Авг 12 15:21 libclamav.a -rwxr-xr-x 1 root root765 Авг 12 15:21 libclamav.la lrwxr-xr-x 1 root root 18 Авг 12 15:21 libclamav.so -> libclamav.so.1.0.4 lrwxr-xr-x 1 root root 18 Авг 12 15:21 libclamav.so.1 -> libclamav.so.1.0.4 -rwxr-xr-x 1 root root 288739 Авг 12 15:21 libclamav.so.1.0.4 -r--r--r-- 1 root root 48588 Авг 4 21:37 libmilter.a drwxr-xr-x 2 root root 4096 Авг 12 15:21 pkgconfig I have old libmilter.a: is it ? --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Worm.Mydoom.M
On Thu, 2004-08-12 at 10:31, Кирилл Усатов wrote: > I'm update clamav to 0.75.1 > Clamscan catch virus > But clamdscan don't > & clamav-milter don't stop infected mail Make sure you have ScanMail enabled in clamav.conf, that you've restarted clamd and that you don't have any old libclamav libraries on your system. -trog signature.asc Description: This is a digitally signed message part
RE: [Clamav-users] Worm.Mydoom.M
I'm update clamav to 0.75.1 Clamscan catch virus But clamdscan don't & clamav-milter don't stop infected mail -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Trog Sent: Thursday, August 12, 2004 2:11 PM To: [EMAIL PROTECTED] Subject: RE: [Clamav-users] Worm.Mydoom.M On Thu, 2004-08-12 at 09:02, Кирилл Усатов wrote: > >Кирилл Усатов said the following on 8/12/2004 5:44 AM GMT+2: > >> I scan mail with clamav 0.75 on my gentoo. > >> > >> My bases is up to date. > >> > >> Clamdscan /virus_file > >> > >> Not catch a virus. > > > >You are probably scanning a broken sample. > >In any case, update to clamav 0.75.1. > > > I update clamav from 0.70 to 0.75 Update to 0.75.1 as you were advised. It catches additional Mydoom.M samples. -trog --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Worm.Mydoom.M
On Thu, 2004-08-12 at 09:02, Кирилл Усатов wrote: > >Кирилл Усатов said the following on 8/12/2004 5:44 AM GMT+2: > >> I scan mail with clamav 0.75 on my gentoo. > >> > >> My bases is up to date. > >> > >> Clamdscan /virus_file > >> > >> Not catch a virus. > > > >You are probably scanning a broken sample. > >In any case, update to clamav 0.75.1. > > > I update clamav from 0.70 to 0.75 Update to 0.75.1 as you were advised. It catches additional Mydoom.M samples. -trog signature.asc Description: This is a digitally signed message part
RE: [Clamav-users] Worm.Mydoom.M
>Кирилл Усатов said the following on 8/12/2004 5:44 AM GMT+2: >> I scan mail with clamav 0.75 on my gentoo. >> >> My bases is up to date. >> >> Clamdscan /virus_file >> >> Not catch a virus. > >You are probably scanning a broken sample. >In any case, update to clamav 0.75.1. I update clamav from 0.70 to 0.75 I regen my virus base files. & when I send this virus file to COSS he catch him like Worm.Mydoom.M I don't have error msg in syslog. --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Worm.Mydoom.M
Кирилл Усатов said the following on 8/12/2004 5:44 AM GMT+2: I scan mail with clamav 0.75 on my gentoo. My bases is up to date. Clamdscan /virus_file Not catch a virus. You are probably scanning a broken sample. In any case, update to clamav 0.75.1. Regards, Niek Baakman --- SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media 100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33 Save 50% off Retail on Ink & Toner - Free Shipping and Free Gift. http://www.shop4tech.com/z/Inkjet_Cartridges/9_108_r285 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Worm.Mydoom.M
I scan mail with clamav 0.75 on my gentoo. My bases is up to date. Clamdscan /virus_file Not catch a virus.