RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Samuel Benzaquen Sent: Wednesday, June 08, 2005 5:21 PM To: ClamAV users ML Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Scott Woodford Sent: Wednesday, June 08, 2005 3:55 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Tim, not a problem. Been a long day for me too, so I know how ya feel. I'd love to just replace that code and use it, but that doesn't seem to work for me. All I want is a message box popping up, telling the user that a virus was found. I've even tried VirusEvent echo %v, which is a pretty simple, but that's not working either. I hate being a newbie. You could use xmessage to show a message in a window on X. For example: VirusEvent xmessage Virus found: %v I have not used xmessage for a long time, so you should read the man page for more customization. -Samuel ___ http://lurker.clamav.net/list/clamav-users.html Ok, thanks to everyone on this list, I have gotten almost everything up and running perfectly. I really appreciate all of your help. I still have two problems: 1 - I cannot get Dazuko to start automatically every time the computer boots in RedHat 9. 2 - xmessage works great for the VirusEvent, but I can't figure out how to use a newline character to get the text to wrap - Otherwise, I wrote a Perl script that displays the VirusEvent message just fine, but I have no idea how to pass %v to it Thanks again for everything. ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Hi all, I'm having trouble getting Clamuko working. My system is RedHat 9.0. I installed Dazuko just fine, and was able to run the example program with no problems. I also got ClamAV installed fine, and tested it without fail. I edited clamd.conf, and enabled the following: ClamukoScanOnAccess ClamukoScanOnOpen ClamukoScanOnExec I used a test virus, and Clamuko didn't pick it up. I tried running clamd just for the heck of it, and it shows ERROR: Clamuko: Can't register with Dazuko in the log file. Any ideas? Thanks in advance for any help you can give me. Scott ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Have you looked at the clamav doc? Located here: http://www.clamav.net/doc/0.85.1/clamdoc.pdf Read 4.1.1 and 5.3 (if you have the time read it all!) Tim ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Thanks Tim. I have read (and practically memorized) the entire clamdoc.pdf file. I am very familiar with 4.1.1 and 5.3. Anyway, I was able to figure out my problem, but I have another. My problem was that dazuko was not initializing after I restarted the machine. I have no idea why. Any idea on how to change that? Also, I cannot get the VirusEvent line in clamd.conf to work properly. Onacess is working great, because it finds my test virus, but I get no notification such as Virus found. I have uncommented the VirusEvent line and it's still not working. Any ideas? Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 1:58 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Hi all, I'm having trouble getting Clamuko working. My system is RedHat 9.0. I installed Dazuko just fine, and was able to run the example program with no problems. I also got ClamAV installed fine, and tested it without fail. I edited clamd.conf, and enabled the following: ClamukoScanOnAccess ClamukoScanOnOpen ClamukoScanOnExec I used a test virus, and Clamuko didn't pick it up. I tried running clamd just for the heck of it, and it shows ERROR: Clamuko: Can't register with Dazuko in the log file. Any ideas? Thanks in advance for any help you can give me. Scott ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Have you looked at the clamav doc? Located here: http://www.clamav.net/doc/0.85.1/clamdoc.pdf Read 4.1.1 and 5.3 (if you have the time read it all!) Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
-Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 19:13 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Thanks Tim. I have read (and practically memorized) the entire clamdoc.pdf file. I am very familiar with 4.1.1 and 5.3. Anyway, I was able to figure out my problem, but I have another. My problem was that dazuko was not initializing after I restarted the machine. I have no idea why. Any idea on how to change that? Also, I cannot get the VirusEvent line in clamd.conf to work properly. Onacess is working great, because it finds my test virus, but I get no notification such as Virus found. I have uncommented the VirusEvent line and it's still not working. Any ideas? Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 1:58 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Hi all, I'm having trouble getting Clamuko working. My system is RedHat 9.0. I installed Dazuko just fine, and was able to run the example program with no problems. I also got ClamAV installed fine, and tested it without fail. I edited clamd.conf, and enabled the following: ClamukoScanOnAccess ClamukoScanOnOpen ClamukoScanOnExec I used a test virus, and Clamuko didn't pick it up. I tried running clamd just for the heck of it, and it shows ERROR: Clamuko: Can't register with Dazuko in the log file. Any ideas? Thanks in advance for any help you can give me. Scott ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Have you looked at the clamav doc? Located here: http://www.clamav.net/doc/0.85.1/clamdoc.pdf Read 4.1.1 and 5.3 (if you have the time read it all!) Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] I had the same problem :-), looking at the log /var/log/clamav/clamd.log I found that Dazuko was being loaded after clamd. To start Dazuko and reload clamd I added this to /etc/rc.local #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd (maybe not the best way, I am new to this!) The VirusEvent line in clamd.conf does not work with Clamuko (As clamd uses that config file not Clamuko) I use this in my crontab to email me when Clamuko finds a virus... #Does a scan with clamav @ 2am, sends email if there is a problem 0 2 * * * /usr/local/bin/clamscan --no-summary --infected -i -r / || mail -s A virus has been found on the Office Server [EMAIL PROTECTED] Hope this helps, Tim ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Excellent! Thanks Tim, that helps a lot. I'm still really confused about the clamd.conf file. According to sources on the net (and I thought I read this in clamdoc), Clamuko does use clamd. But who the heck knows. Either way, when I run a scan using clamscan or clamdscan, or Clamuko simply finds a virus, I get no message that a virus was found, except in the log. All I get was something like error accessing file. I want both myself (root) and users to get a message saying virus found if either Clamuko picks it up, or a manual scan. I'm not concerned with emailing right now. These are standalone systems. Any ideas on that? Thanks again. Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 2:26 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 19:13 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Thanks Tim. I have read (and practically memorized) the entire clamdoc.pdf file. I am very familiar with 4.1.1 and 5.3. Anyway, I was able to figure out my problem, but I have another. My problem was that dazuko was not initializing after I restarted the machine. I have no idea why. Any idea on how to change that? Also, I cannot get the VirusEvent line in clamd.conf to work properly. Onacess is working great, because it finds my test virus, but I get no notification such as Virus found. I have uncommented the VirusEvent line and it's still not working. Any ideas? Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 1:58 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Hi all, I'm having trouble getting Clamuko working. My system is RedHat 9.0. I installed Dazuko just fine, and was able to run the example program with no problems. I also got ClamAV installed fine, and tested it without fail. I edited clamd.conf, and enabled the following: ClamukoScanOnAccess ClamukoScanOnOpen ClamukoScanOnExec I used a test virus, and Clamuko didn't pick it up. I tried running clamd just for the heck of it, and it shows ERROR: Clamuko: Can't register with Dazuko in the log file. Any ideas? Thanks in advance for any help you can give me. Scott ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Have you looked at the clamav doc? Located here: http://www.clamav.net/doc/0.85.1/clamdoc.pdf Read 4.1.1 and 5.3 (if you have the time read it all!) Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] I had the same problem :-), looking at the log /var/log/clamav/clamd.log I found that Dazuko was being loaded after clamd. To start Dazuko and reload clamd I added this to /etc/rc.local #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd (maybe not the best way, I am new to this!) The VirusEvent line in clamd.conf does not work with Clamuko (As clamd uses that config file not Clamuko) I use this in my crontab to email me when Clamuko finds a virus... #Does a scan with clamav @ 2am, sends email if there is a problem 0 2 * * * /usr/local/bin/clamscan --no-summary --infected -i -r / || mail -s A virus has been found on the Office Server [EMAIL PROTECTED] Hope this helps, Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Scott Woodford wrote: Either way, when I run a scan using clamscan or clamdscan, or Clamuko simply finds a virus, I get no message that a virus was found, except in the log. All I get was something like error accessing file. I want both myself (root) and users to get a message saying virus found if either Clamuko picks it up, or a manual scan. I'm not concerned with emailing right now. These are standalone systems. Any ideas on that? What are the contents of the Virusevent line? Clamscan will not use that parameter, BTW. Matt ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
By the way Tim, adding the following lines to /etc/rc.local did not help. #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd When I try to run the example program, it says error: failed to register with Dazuko. As soon as I enter the command /sbin/insmod ./dazuko.o, the example program starts working again. I tried that command in the rc.local file, but that didn't work. Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 2:26 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 19:13 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Thanks Tim. I have read (and practically memorized) the entire clamdoc.pdf file. I am very familiar with 4.1.1 and 5.3. Anyway, I was able to figure out my problem, but I have another. My problem was that dazuko was not initializing after I restarted the machine. I have no idea why. Any idea on how to change that? Also, I cannot get the VirusEvent line in clamd.conf to work properly. Onacess is working great, because it finds my test virus, but I get no notification such as Virus found. I have uncommented the VirusEvent line and it's still not working. Any ideas? Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 1:58 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Hi all, I'm having trouble getting Clamuko working. My system is RedHat 9.0. I installed Dazuko just fine, and was able to run the example program with no problems. I also got ClamAV installed fine, and tested it without fail. I edited clamd.conf, and enabled the following: ClamukoScanOnAccess ClamukoScanOnOpen ClamukoScanOnExec I used a test virus, and Clamuko didn't pick it up. I tried running clamd just for the heck of it, and it shows ERROR: Clamuko: Can't register with Dazuko in the log file. Any ideas? Thanks in advance for any help you can give me. Scott ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Have you looked at the clamav doc? Located here: http://www.clamav.net/doc/0.85.1/clamdoc.pdf Read 4.1.1 and 5.3 (if you have the time read it all!) Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] I had the same problem :-), looking at the log /var/log/clamav/clamd.log I found that Dazuko was being loaded after clamd. To start Dazuko and reload clamd I added this to /etc/rc.local #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd (maybe not the best way, I am new to this!) The VirusEvent line in clamd.conf does not work with Clamuko (As clamd uses that config file not Clamuko) I use this in my crontab to email me when Clamuko finds a virus... #Does a scan with clamav @ 2am, sends email if there is a problem 0 2 * * * /usr/local/bin/clamscan --no-summary --infected -i -r / || mail -s A virus has been found on the Office Server [EMAIL PROTECTED] Hope this helps, Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
-Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Matt Fretwell Sent: 08 June 2005 20:27 To: ClamAV users ML Subject: Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Scott Woodford wrote: Either way, when I run a scan using clamscan or clamdscan, or Clamuko simply finds a virus, I get no message that a virus was found, except in the log. All I get was something like error accessing file. I want both myself (root) and users to get a message saying virus found if either Clamuko picks it up, or a manual scan. I'm not concerned with emailing right now. These are standalone systems. Any ideas on that? What are the contents of the Virusevent line? Clamscan will not use that parameter, BTW. Matt ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Scott, im so sorry - im getting myself confused (been a long day) Clamscan does not use clamd.conf, which is why I use that entry in my crontab. Clamuko dose use that log file, so after the Virusevent line you need to enter something that will print to the screen a virus has been found, below is what I have... VirusEvent echo %v | mail -s A virus has been found on the Office Server [EMAIL PROTECTED] /var/log/clamav/clamd.log ... that sends me an email, you need to replace it with your own code. Sorry for my mistake :-( ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
The contents of my VirusEvent line are the default (except for the fact that I uncommented the line): VirusEvent /usr/local/bin/send_sms 123456789 VIRUS ALERT: %v I understand that clamscan will not use that parameter, but then Clamuko should right?. Otherwise, what's the point of that parameter? Like I said, I've tried it with clamscan, clamdscan, and Clamuko, and it does not give me a notification message when it finds a virus using any of those types of scans. All it gives me is a file access error, and logs that it found a virus in the clamd.log Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Fretwell Sent: Wednesday, June 08, 2005 3:27 PM To: ClamAV users ML Subject: Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Scott Woodford wrote: Either way, when I run a scan using clamscan or clamdscan, or Clamuko simply finds a virus, I get no message that a virus was found, except in the log. All I get was something like error accessing file. I want both myself (root) and users to get a message saying virus found if either Clamuko picks it up, or a manual scan. I'm not concerned with emailing right now. These are standalone systems. Any ideas on that? What are the contents of the Virusevent line? Clamscan will not use that parameter, BTW. Matt ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Sorry for the stupid question... After adding that line to /etc/rc.local, did you reboot your system? The above may not be the best way, it is just what worked for me. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 20:42 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko By the way Tim, adding the following lines to /etc/rc.local did not help. #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd When I try to run the example program, it says error: failed to register with Dazuko. As soon as I enter the command /sbin/insmod ./dazuko.o, the example program starts working again. I tried that command in the rc.local file, but that didn't work. Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 2:26 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 19:13 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Thanks Tim. I have read (and practically memorized) the entire clamdoc.pdf file. I am very familiar with 4.1.1 and 5.3. Anyway, I was able to figure out my problem, but I have another. My problem was that dazuko was not initializing after I restarted the machine. I have no idea why. Any idea on how to change that? Also, I cannot get the VirusEvent line in clamd.conf to work properly. Onacess is working great, because it finds my test virus, but I get no notification such as Virus found. I have uncommented the VirusEvent line and it's still not working. Any ideas? Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 1:58 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Hi all, I'm having trouble getting Clamuko working. My system is RedHat 9.0. I installed Dazuko just fine, and was able to run the example program with no problems. I also got ClamAV installed fine, and tested it without fail. I edited clamd.conf, and enabled the following: ClamukoScanOnAccess ClamukoScanOnOpen ClamukoScanOnExec I used a test virus, and Clamuko didn't pick it up. I tried running clamd just for the heck of it, and it shows ERROR: Clamuko: Can't register with Dazuko in the log file. Any ideas? Thanks in advance for any help you can give me. Scott ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Have you looked at the clamav doc? Located here: http://www.clamav.net/doc/0.85.1/clamdoc.pdf Read 4.1.1 and 5.3 (if you have the time read it all!) Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] I had the same problem :-), looking at the log /var/log/clamav/clamd.log I found that Dazuko was being loaded after clamd. To start Dazuko and reload clamd I added this to /etc/rc.local #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd (maybe not the best way, I am new to this!) The VirusEvent line in clamd.conf does not work with Clamuko (As clamd uses that config file not Clamuko) I use this in my crontab to email me when Clamuko finds a virus... #Does a scan with clamav @ 2am, sends email if there is a problem 0 2 * * * /usr/local/bin/clamscan --no-summary --infected -i -r / || mail -s A virus has been found on the Office Server [EMAIL PROTECTED] Hope this helps, Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
-Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 20:48 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko The contents of my VirusEvent line are the default (except for the fact that I uncommented the line): VirusEvent /usr/local/bin/send_sms 123456789 VIRUS ALERT: %v I understand that clamscan will not use that parameter, but then Clamuko should right?. Otherwise, what's the point of that parameter? Like I said, I've tried it with clamscan, clamdscan, and Clamuko, and it does not give me a notification message when it finds a virus using any of those types of scans. All it gives me is a file access error, and logs that it found a virus in the clamd.log Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Fretwell Sent: Wednesday, June 08, 2005 3:27 PM To: ClamAV users ML Subject: Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Scott Woodford wrote: Either way, when I run a scan using clamscan or clamdscan, or Clamuko simply finds a virus, I get no message that a virus was found, except in the log. All I get was something like error accessing file. I want both myself (root) and users to get a message saying virus found if either Clamuko picks it up, or a manual scan. I'm not concerned with emailing right now. These are standalone systems. Any ideas on that? What are the contents of the Virusevent line? Clamscan will not use that parameter, BTW. Matt ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Scott, my fault. Clamuko does use that file, clamscan does not (as correctly said by Matt). You need to replace /usr/local/bin/send_sms 123456789 VIRUS ALERT: %v with something that will print a warning to the screen - how to do that I am not sure. Tim ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Tim, not a problem. Been a long day for me too, so I know how ya feel. I'd love to just replace that code and use it, but that doesn't seem to work for me. All I want is a message box popping up, telling the user that a virus was found. I've even tried VirusEvent echo %v, which is a pretty simple, but that's not working either. I hate being a newbie. Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 3:46 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Matt Fretwell Sent: 08 June 2005 20:27 To: ClamAV users ML Subject: Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Scott Woodford wrote: Either way, when I run a scan using clamscan or clamdscan, or Clamuko simply finds a virus, I get no message that a virus was found, except in the log. All I get was something like error accessing file. I want both myself (root) and users to get a message saying virus found if either Clamuko picks it up, or a manual scan. I'm not concerned with emailing right now. These are standalone systems. Any ideas on that? What are the contents of the Virusevent line? Clamscan will not use that parameter, BTW. Matt ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Scott, im so sorry - im getting myself confused (been a long day) Clamscan does not use clamd.conf, which is why I use that entry in my crontab. Clamuko dose use that log file, so after the Virusevent line you need to enter something that will print to the screen a virus has been found, below is what I have... VirusEvent echo %v | mail -s A virus has been found on the Office Server [EMAIL PROTECTED] /var/log/clamav/clamd.log . that sends me an email, you need to replace it with your own code. Sorry for my mistake :-( ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Yup, I rebooted and that didn't help. Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 3:48 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Sorry for the stupid question... After adding that line to /etc/rc.local, did you reboot your system? The above may not be the best way, it is just what worked for me. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 20:42 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko By the way Tim, adding the following lines to /etc/rc.local did not help. #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd When I try to run the example program, it says error: failed to register with Dazuko. As soon as I enter the command /sbin/insmod ./dazuko.o, the example program starts working again. I tried that command in the rc.local file, but that didn't work. Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 2:26 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 19:13 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Thanks Tim. I have read (and practically memorized) the entire clamdoc.pdf file. I am very familiar with 4.1.1 and 5.3. Anyway, I was able to figure out my problem, but I have another. My problem was that dazuko was not initializing after I restarted the machine. I have no idea why. Any idea on how to change that? Also, I cannot get the VirusEvent line in clamd.conf to work properly. Onacess is working great, because it finds my test virus, but I get no notification such as Virus found. I have uncommented the VirusEvent line and it's still not working. Any ideas? Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 1:58 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Hi all, I'm having trouble getting Clamuko working. My system is RedHat 9.0. I installed Dazuko just fine, and was able to run the example program with no problems. I also got ClamAV installed fine, and tested it without fail. I edited clamd.conf, and enabled the following: ClamukoScanOnAccess ClamukoScanOnOpen ClamukoScanOnExec I used a test virus, and Clamuko didn't pick it up. I tried running clamd just for the heck of it, and it shows ERROR: Clamuko: Can't register with Dazuko in the log file. Any ideas? Thanks in advance for any help you can give me. Scott ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Have you looked at the clamav doc? Located here: http://www.clamav.net/doc/0.85.1/clamdoc.pdf Read 4.1.1 and 5.3 (if you have the time read it all!) Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] I had the same problem :-), looking at the log /var/log/clamav/clamd.log I found that Dazuko was being loaded after clamd. To start Dazuko and reload clamd I added this to /etc/rc.local #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd (maybe not the best way, I am new to this!) The VirusEvent line in clamd.conf does not work with Clamuko (As clamd uses that config file not Clamuko) I use this in my crontab to email me when Clamuko finds a virus... #Does a scan with clamav @ 2am, sends email if there is a problem 0 2 * * * /usr/local/bin/clamscan --no-summary --infected -i -r / || mail -s A virus has been found on the Office Server [EMAIL PROTECTED] Hope this helps, Tim ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html ___ http
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
-Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 20:55 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Tim, not a problem. Been a long day for me too, so I know how ya feel. I'd love to just replace that code and use it, but that doesn't seem to work for me. All I want is a message box popping up, telling the user that a virus was found. I've even tried VirusEvent echo %v, which is a pretty simple, but that's not working either. I hate being a newbie. Scott J. Woodford Information Systems Security Manager Modern Technology Solutions, Inc. (703) 212-8870 Ext. 146 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Timothy Omer Sent: Wednesday, June 08, 2005 3:46 PM To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Matt Fretwell Sent: 08 June 2005 20:27 To: ClamAV users ML Subject: Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Scott Woodford wrote: Either way, when I run a scan using clamscan or clamdscan, or Clamuko simply finds a virus, I get no message that a virus was found, except in the log. All I get was something like error accessing file. I want both myself (root) and users to get a message saying virus found if either Clamuko picks it up, or a manual scan. I'm not concerned with emailing right now. These are standalone systems. Any ideas on that? What are the contents of the Virusevent line? Clamscan will not use that parameter, BTW. Matt ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Scott, im so sorry - im getting myself confused (been a long day) Clamscan does not use clamd.conf, which is why I use that entry in my crontab. Clamuko dose use that log file, so after the Virusevent line you need to enter something that will print to the screen a virus has been found, below is what I have... VirusEvent echo %v | mail -s A virus has been found on the Office Server [EMAIL PROTECTED] /var/log/clamav/clamd.log . that sends me an email, you need to replace it with your own code. Sorry for my mistake :-( ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] No prob Scott, it took me 2 weeks to get Clamuko working a couple of month's ago - I am also new to Linux What you need to do is create a script that will display a message box on the screen that a virus has been found. Then on the Virusevent line just put the path to that script. Two bad things about that... 1. Not sure how you can tell the script the name or location of the virus 2. A hacker could change the script to do something bad and that could be executed by Clamuko (unlikely, but could happen) Like I have said, I am new - so if anyone else has any better ideas please say :-) ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
By the way Tim, adding the following lines to /etc/rc.local did not help. #Inserts Dazuko as a module modprobe dazuko #Starts clamd /usr/sbin/clamd When I try to run the example program, it says error: failed to register with Dazuko. As soon as I enter the command /sbin/insmod ./dazuko.o, the example program starts working again. I tried that command in the rc.local file, but that didn't work. -Original Message- From: [EMAIL PROTECTED] [mailto:clamav-users- [EMAIL PROTECTED] On Behalf Of Scott Woodford Sent: 08 June 2005 20:57 To: 'ClamAV users ML' Subject: RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Yup, I rebooted and that didn't help. ___ http://lurker.clamav.net/list/clamav-users.html [Timothy Omer] Hmmm, not sure. You need to load dazuko and load / reload clamd at system start-up. Im sure what I have done is not the best way, it just worked for me. Does anyone else have a better idea? (If you put your comments at the bottom of the thread it makes it easier to read) ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Timothy Omer wrote: VirusEvent echo Virus found: %v Then: vi /usr/src/sys/boot/forth/loader.conf or man rc.conf Those show you options for loading modules at boot time. rc.conf for modules, not rc.local. Matt ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Fretwell Sent: Wednesday, June 08, 2005 4:47 PM To: ClamAV users ML Subject: Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko Timothy Omer wrote: VirusEvent echo Virus found: %v Then: vi /usr/src/sys/boot/forth/loader.conf or man rc.conf Those show you options for loading modules at boot time. rc.conf for modules, not rc.local. Matt ___ http://lurker.clamav.net/list/clamav-users.html Matt, My system doesn't have the loader.conf or the rc.conf files. I searched for them and did not find anything. I don't even have a /usr/src/sys/boot/forth directory. There was no manual entry for rc.conf either. My system is RedHat 9.0. Any ideas where else to look? Thanks. ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Scott Woodford wrote: My system doesn't have the loader.conf or the rc.conf files. I searched for them and did not find anything. I don't even have a /usr/src/sys/boot/forth directory. There was no manual entry for rc.conf either. My system is RedHat 9.0. Any ideas where else to look? Apologies. Could have sworn you said you were on *BSD. One of the other list members may be able to help you with regards to Linux startups. I personally have no idea. With regards to the virusevent, you will also need to restart clamd after changing clamd.conf. Matt ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ERROR: Clamuko: Can't register with Dazuko
Thanks Tomasz, Do you know if is there any scheduled date for 0.66? Regards, --Claudio Tomasz Kojm [EMAIL PROTECTED] wrote: On Fri, 30 Jan 2004 14:29:02 -0300 (ART)Claudio Alonso <[EMAIL PROTECTED]>wrote: So my questions are the following: - Must clamd be run as root user in order to enable real-time protection?It must. - Is it normal that my computer became so slow? Can this be solved? How?Please limit the protection to selected -critical- directories. Andeventually limit the file size to be scanned (in clamav.conf). - Do you have any suggestion? I need real-time protection enabled.Be careful - there are known problems with clamd + dazuko. Better waitfor 0.66.Best regards,Tomasz Kojm-- oo . [EMAIL PROTECTED] www.ClamAV.net(\/)\. http://www.clamav.net/gpg/tkojm.gpg\..._ 0DCA5A08407D5288279DB43454822DC8985A444B//\ /\ Sat Jan 31 10:33:37 CET 2004 ATTACHMENT part 2 application/pgp-signature ¿Buscás un auto? Encontralo en Yahoo! Autos¡Más de 4000 clasificados todos los días! Usados - 0 km - Vendé el tuyo
