subject:"\[clamav\-users\] I am unable to access clamav.net"

Re: [clamav-users] I am unable to access clamav.net

2023-09-04 Thread Maxim Britov via clamav-users


On 03.09.2023 22:36, Victor Sizov via clamav-users wrote:


Cloudflare Ray ID: 8005341f1fbc9daa • Your IP: 91.77.160.250


https://github.com/Cisco-Talos/clamav/issues/500
ClamAV site and update database blocked by CDN in Russia
___

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Re: [clamav-users] I am unable to access clamav.net

2023-09-04 Thread Matus UHLAR - fantomas

On 02.09.23 17:04, Victor Sizov via clamav-users wrote:
>Perhaps my Ubuntu computer is infected with a virus that redirects
>html requests to "iyfbodn.com". To test it, I installed clamav (sudo
>apt install clamav clamav-daemon). When I updated it (sudo freshclam)
>I got the message:
>
>...
>Sat Sep 2 10:13:18 2023 -> DON'T PANIC! Read
>https://docs.clamav.net/manual/Installing.html
>Sat Sep 2 10:13:18 2023 -> ^FreshClam previously received error code
>429 or 403 from the ClamAV Content Delivery Network (CDN).
>Sat Sep 2 10:13:18 2023 -> This means that you have been rate limited
>or blocked by the CDN.

On Sat, Sep 2, 2023 at 6:02 PM Matus UHLAR - fantomas  wrote:

Which clamav version do you have? versions older than 0.103 are not
supported.

On 03.09.23 22:36, Victor Sizov via clamav-users wrote:

I have 0.103.9 version.

this is new enough.

!  > >When I open https://docs.clamav.net in a browser, I get a message
! > >about blocking in cloudflare:
! > >
! > >Cloudflare Ray ID: 8005341f1fbc9daa • Your IP: 91.77.160.250

This ray ID could tell clamav people what to look for.

I cannot use my brouser (Firefox 117 64 bit) because cloudflare blocks
my access to clamav.net.

>2) Could you advise me how to make sure the presence/absence of a
>redirect to "iyfbodn.com"?

sorry, looks like a real virus targetting browsers.
Can you try searching from other computer?

Yes, i tried installing clamav on another computer in my local network
and got the same errors when running freshclam and clamscan.

If you have clamav running on multiple computers in your network and if they 
sit on a single IP behind NAT, this may be the reason why you are getting 
denied.

You many need to set up local clamav database mirror not to overload clamav 
network with repeated requests for databases.

https://github.com/Cisco-Talos/cvdupdate

https://packages.ubuntu.com/search?keywords=cvdupdate

sizov@ironUbuntu:~$ sudo freshclam
Sun Sep  3 22:20:23 2023 -> ClamAV update process started at Sun Sep
3 22:20:23 2023
Sun Sep  3 22:20:23 2023 -> ^Your ClamAV installation is OUTDATED!
Sun Sep  3 22:20:23 2023 -> ^Local version: 0.103.9 Recommended
version: 0.103.10
Sun Sep  3 22:20:23 2023 -> DON'T PANIC! Read
https://docs.clamav.net/manual/Installing.html
Sun Sep  3 22:20:23 2023 -> ^FreshClam previously received error code
429 or 403 from the ClamAV Content Delivery Network (CDN).
Sun Sep  3 22:20:23 2023 -> This means that you have been rate limited
or blocked by the CDN.

calscan error:
sizov@ironUbuntu:~$ sudo clamscan .
LibClamAV Error: cli_loaddbdir(): No supported database files found in
/var/lib/clamav
ERROR: Can't open file or directory

This says there's no database loaded on that machine, apparently because of 
being blocked.

--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Nothing is fool-proof to a talented fool.
___

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Re: [clamav-users] I am unable to access clamav.net

2023-09-03 Thread Victor Sizov via clamav-users

I'm sorry to be late with the reply.

On Sat, Sep 2, 2023 at 6:02 PM Matus UHLAR - fantomas  wrote:
>
> On 02.09.23 17:04, Victor Sizov via clamav-users wrote:
> >Perhaps my Ubuntu computer is infected with a virus that redirects
> >html requests to "iyfbodn.com". To test it, I installed clamav (sudo
> >apt install clamav clamav-daemon). When I updated it (sudo freshclam)
> >I got the message:
> >
> >...
> >Sat Sep 2 10:13:18 2023 -> DON'T PANIC! Read
> >https://docs.clamav.net/manual/Installing.html
> >Sat Sep 2 10:13:18 2023 -> ^FreshClam previously received error code
> >429 or 403 from the ClamAV Content Delivery Network (CDN).
> >Sat Sep 2 10:13:18 2023 -> This means that you have been rate limited
> >or blocked by the CDN.
> >Sat Sep 2 10:13:18 2023 -> 1. Verify that you're running a supported
> >ClamAV version.
> >Sat Sep 2 10:13:18 2023 -> See
> >https://docs.clamav.net/faq/faq-eol.html for details.
>

> Which clamav version do you have? versions older than 0.103 are not
> supported.

I have 0.103.9 version.

>
>
> >...
> > I launched
> >curl -IL docs.clamav.net
> >and received:
> >
> >HTTP/1.1 403 Forbidden
> >Date: Sat, 02 Sep 2023 07:19:15 GMT
> >Content-Type: text/html; charset=UTF-8
> >Connection: keep-alive
> >X-Frame-Options: SAMEORIGIN
> >Referrer-Policy: same-origin
> >Cache-Control: max-age=15
> >Expires: Sat, 02 Sep 2023 07:19:30 GMT
> >Set-Cookie: 
> >__cf_bm=1MZmm2EcWi6S8fOiuha9zoaXngA5e44ph5LO2aXJchA-1693639155-0-AS7aYuYw1QJSTpioxNW76blxkMJKz2kTfvsaiUlH/kP9Z0sLbeMcLKgyf42ANBRqndUJQx
> >2dXrePUzX9Aj+RnvA=; path=/; expires=Sat, 02-Sep-23 07:49:15 GMT;
> >domain=.clamav.net; HttpOnly; SameSite=None
> >X-Content-Type-Options: nosniff
> >Server: cloudflare
> >CF-RAY: 8003fbd3bbe89d6d-DME
> >
!  > >When I open https://docs.clamav.net in a browser, I get a message
! > >about blocking in cloudflare:
! > >
! > >Cloudflare Ray ID: 8005341f1fbc9daa • Your IP: 91.77.160.250
> >
> >1) How I can resolve this to get last clamav updates?

>
> clamav web and virus DB are protected from automated fetching. You need
> browser or freshclam new enough.

Is freshclam 0.103.9 new enough?
I cannot use my brouser (Firefox 117 64 bit) because cloudflare blocks
my access to clamav.net.

>
>
> >2) Could you advise me how to make sure the presence/absence of a
> >redirect to "iyfbodn.com"?
>
> sorry, looks like a real virus targetting browsers.
> Can you try searching from other computer?

Yes, i tried installing clamav on another computer in my local network
and got the same errors when running freshclam and clamscan.

freshcalm error:
sizov@ironUbuntu:~$ sudo freshclam
Sun Sep  3 22:20:23 2023 -> ClamAV update process started at Sun Sep
3 22:20:23 2023
Sun Sep  3 22:20:23 2023 -> ^Your ClamAV installation is OUTDATED!
Sun Sep  3 22:20:23 2023 -> ^Local version: 0.103.9 Recommended
version: 0.103.10
Sun Sep  3 22:20:23 2023 -> DON'T PANIC! Read
https://docs.clamav.net/manual/Installing.html
Sun Sep  3 22:20:23 2023 -> ^FreshClam previously received error code
429 or 403 from the ClamAV Content Delivery Network (CDN).
Sun Sep  3 22:20:23 2023 -> This means that you have been rate limited
or blocked by the CDN.
Sun Sep  3 22:20:23 2023 ->  1. Verify that you're running a supported
ClamAV version.
Sun Sep  3 22:20:23 2023 -> See
https://docs.clamav.net/faq/faq-eol.html for details.
Sun Sep  3 22:20:23 2023 ->  2. Run FreshClam no more than once an
hour to check for updates.
Sun Sep  3 22:20:23 2023 -> FreshClam should check DNS first to
see if an update is needed.
Sun Sep  3 22:20:23 2023 ->  3. If you have more than 10 hosts on your
network attempting to download,
Sun Sep  3 22:20:23 2023 -> it is recommended that you set up a
private mirror on your network using
Sun Sep  3 22:20:23 2023 -> cvdupdate
(https://pypi.org/project/cvdupdate/) to save bandwidth on the
Sun Sep  3 22:20:23 2023 -> CDN and your own network.
Sun Sep  3 22:20:23 2023 ->  4. Please do not open a ticket asking for
an exemption from the rate limit,
Sun Sep  3 22:20:23 2023 -> it will not be granted.
Sun Sep  3 22:20:23 2023 -> ^You are still on cool-down until after:
2023-09-03 23:22:34
s

calscan error:
sizov@ironUbuntu:~$ sudo clamscan .
LibClamAV Error: cli_loaddbdir(): No supported database files found in
/var/lib/clamav
ERROR: Can't open file or directory

--- SCAN SUMMARY ---
Known viruses: 0
Engine version: 0.103.9
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 0.005 sec (0 m 0 s)
Start Date: 2023:09:03 22:02:04
End Date:   2023:09:03 22:02:04

Also, I can't access to clamav .net from any computer on my local
network because claudflare blocks me. I have access to it from a
smartphone only,  it is on another network.


> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu post

Re: [clamav-users] I am unable to access clamav.net

2023-09-02 Thread Matus UHLAR - fantomas


On 02.09.23 17:04, Victor Sizov via clamav-users wrote:

Perhaps my Ubuntu computer is infected with a virus that redirects
html requests to "iyfbodn.com". To test it, I installed clamav (sudo
apt install clamav clamav-daemon). When I updated it (sudo freshclam)
I got the message:

...
Sat Sep 2 10:13:18 2023 -> DON'T PANIC! Read
https://docs.clamav.net/manual/Installing.html
Sat Sep 2 10:13:18 2023 -> ^FreshClam previously received error code
429 or 403 from the ClamAV Content Delivery Network (CDN).
Sat Sep 2 10:13:18 2023 -> This means that you have been rate limited
or blocked by the CDN.
Sat Sep 2 10:13:18 2023 -> 1. Verify that you're running a supported
ClamAV version.
Sat Sep 2 10:13:18 2023 -> See
https://docs.clamav.net/faq/faq-eol.html for details.


Which clamav version do you have? versions older than 0.103 are not 
supported.



...
I launched
curl -IL docs.clamav.net
and received:

HTTP/1.1 403 Forbidden
Date: Sat, 02 Sep 2023 07:19:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Sat, 02 Sep 2023 07:19:30 GMT
Set-Cookie: 
__cf_bm=1MZmm2EcWi6S8fOiuha9zoaXngA5e44ph5LO2aXJchA-1693639155-0-AS7aYuYw1QJSTpioxNW76blxkMJKz2kTfvsaiUlH/kP9Z0sLbeMcLKgyf42ANBRqndUJQx
2dXrePUzX9Aj+RnvA=; path=/; expires=Sat, 02-Sep-23 07:49:15 GMT;
domain=.clamav.net; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 8003fbd3bbe89d6d-DME

When I open https://docs.clamav.net in a browser, I get a message
about blocking in cloudfare:

Cloudflare Ray ID: 8005341f1fbc9daa • Your IP: 91.77.160.250

1) How I can resolve this to get last clamav updates?


clamav web and virus DB are protected from automated fetching. You need 
browser or freshclam new enough.



2) Could you advise me how to make sure the presence/absence of a
redirect to "iyfbodn.com"?


sorry, looks like a real virus targetting browsers.
Can you try searching from other computer?
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
REALITY.SYS corrupted. Press any key to reboot Universe.
___

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

[clamav-users] I am unable to access clamav.net

2023-09-02 Thread Victor Sizov via clamav-users

Perhaps my Ubuntu computer is infected with a virus that redirects
html requests to "iyfbodn.com". To test it, I installed clamav (sudo
apt install clamav clamav-daemon). When I updated it (sudo freshclam)
I got the message:

...
Sat Sep 2 10:13:18 2023 -> DON'T PANIC! Read
https://docs.clamav.net/manual/Installing.html
Sat Sep 2 10:13:18 2023 -> ^FreshClam previously received error code
429 or 403 from the ClamAV Content Delivery Network (CDN).
Sat Sep 2 10:13:18 2023 -> This means that you have been rate limited
or blocked by the CDN.
Sat Sep 2 10:13:18 2023 -> 1. Verify that you're running a supported
ClamAV version.
Sat Sep 2 10:13:18 2023 -> See
https://docs.clamav.net/faq/faq-eol.html for details.
...
 I launched
curl -IL docs.clamav.net
and received:

HTTP/1.1 403 Forbidden
Date: Sat, 02 Sep 2023 07:19:15 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Sat, 02 Sep 2023 07:19:30 GMT
Set-Cookie: 
__cf_bm=1MZmm2EcWi6S8fOiuha9zoaXngA5e44ph5LO2aXJchA-1693639155-0-AS7aYuYw1QJSTpioxNW76blxkMJKz2kTfvsaiUlH/kP9Z0sLbeMcLKgyf42ANBRqndUJQx
2dXrePUzX9Aj+RnvA=; path=/; expires=Sat, 02-Sep-23 07:49:15 GMT;
domain=.clamav.net; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 8003fbd3bbe89d6d-DME

When I open https://docs.clamav.net in a browser, I get a message
about blocking in cloudfare:

Cloudflare Ray ID: 8005341f1fbc9daa • Your IP: 91.77.160.250

1) How I can resolve this to get last clamav updates?
2) Could you advise me how to make sure the presence/absence of a
redirect to "iyfbodn.com"?

with regards,
Victor Sizov
___

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Re: [clamav-users] I am unable to access clamav.net

Re: [clamav-users] I am unable to access clamav.net

Re: [clamav-users] I am unable to access clamav.net

Re: [clamav-users] I am unable to access clamav.net

[clamav-users] I am unable to access clamav.net

5 matches

Site Navigation

Mail list logo

Footer information