Re: [Clamav-devel] Fedora unbootable after scanning

That’s almost impossible in that clamav only reports infected files, it doesn’t modify them and doesn’t delete them by default. I have crashed a system into an unbootable state by fuzzing clamav which resulted in a filled hard drive and no inodes left. Sent from my iPhone > On Jul 17, 2019,

Re: [Clamav-devel] Question have an about LibClamAV.dll

> On Apr 10, 2017, at 1:50 PM, Shanmugam, Suresh (Conduent) > <suresh.shanmu...@conduent.com> wrote: > > Hi Brandon Perry, > > Okay. If you don't mind. Do you have any samples of implementation using > stream?. If you have please share to me. I do not, but this sh

Re: [Clamav-devel] Question have an about LibClamAV.dll

> On Apr 10, 2017, at 11:58 AM, Shanmugam, Suresh (Conduent) > <suresh.shanmu...@conduent.com> wrote: > > Hi Brandon Perry, > > You are correct Perry. I am implementing the LibClamAV Library into C# > application. So I need to get the File descriptor from the S

Re: [Clamav-devel] Question have an about LibClamAV.dll

> On Apr 10, 2017, at 9:00 AM, Shanmugam, Suresh (Conduent) > wrote: > > Hi Developers, > > I've an query about doing the scan using byte[] help of LibClamAV.dll(win32). > If anyone know the methods to pass the byte[] provide the details?. > > Note: > I able

Re: [Clamav-devel] CalmAV In-Memory Scan

> On Apr 5, 2017, at 2:27 PM, Michael Engstler wrote: > > Hi, > I noticed that when using the INSTREAM command and sending it a memory > buffer of a file, clamd takes the memory buffer and saves it to > the TemporaryDirectory (as defined in the config file). > > This is

[Clamav-devel] Compiling with -m32 on OS X

Hi, I am attempting to compile ClamAV 0.99 on OS X, but I need a 32-bit library. I have downloaded and compiled OpenSSL for 32-bit, but am running into an issue that I am not sure how to resolve. Configuring and making with: $ CFLAGS="-m32" ./configure

Re: [Clamav-devel] Multipart form data virus file detection

Comments in line: On Tue, Aug 18, 2015 at 1:24 PM, P K pkopen...@gmail.com wrote: Hi Guys, I see when a virus file is uploaded as multipart/formdata its not detected properly by ClamAv. If its not multipart/formdata it works properly. I see few windows servers uploads file using

Re: [Clamav-devel] ClamAV scanning

, but this should not happen with Zeus. EICAR was only included as a test case i.e. to make sure that static signatures are being checked... Andrew On 7 November 2014 17:06, Brandon Perry bperry.volat...@gmail.com wrote: EICAR should only ever be detected as is. It is specially

Re: [Clamav-devel] ClamAV scanning

EICAR should only ever be detected as is. It is specially made for testing AV, and AV has no use for detecting variations of it. On Fri, Nov 7, 2014 at 11:02 AM, Andrew Camilleri andrew.camill...@gmail.com wrote: Hi! I am totally new to ClamAV, so please excuse my ignorance. I am looking at

Re: [Clamav-devel] enabling DMG and XAR support

up with to resolve the issue will be considered for inclusion upstream. On Thu, Mar 27, 2014 at 9:39 AM, Brandon Perry bperry.volat...@gmail.comwrote: I have found a friend with an old G5 PPC that he is willing to lend for a couple days. When I get it probably this weekend I will be able

Re: [Clamav-devel] enabling DMG and XAR support

in those cases by using ./configure --enable-llvm=no On Wed, Mar 26, 2014 at 3:06 PM, Brandon Perry bperry.volat...@gmail.comwrote: FWIW i am currently asking friends if they have a PPC that i can try this one. Sent from a computer On Mar 26, 2014, at 1:37 PM, Brandon Perry

Re: [Clamav-devel] enabling DMG and XAR support

--with-user=clamav --with-group=clamav --with-dbdir=/var/clamav --disable-clamav make fails with ./llvm/lib/VMCore/TypesContext.h:311: error: invalid conversion from 'const llvm::Type*' to 'long int' -- Dale On Mar 25, 2014, at 18:29 PM, Brandon Perry wrote: Thanks, I don't have a PPC here

Re: [Clamav-devel] enabling DMG and XAR support

amongst different environments?? -- Dale On Mar 26, 2014, at 09:06 AM, Brandon Perry wrote: I don't use MacPorts or any other non-standard build environment... Your entire build system is non-standard if you maintain in the way you say you do. This is very likely

Re: [Clamav-devel] enabling DMG and XAR support

FWIW i am currently asking friends if they have a PPC that i can try this one. Sent from a computer On Mar 26, 2014, at 1:37 PM, Brandon Perry bperry.volat...@gmail.com wrote: You must not have read my email. I was not saying it is your build tool. I said it was your architecture causing

Re: [Clamav-devel] enabling DMG and XAR support

--enable-llvm=no On Wed, Mar 26, 2014 at 3:06 PM, Brandon Perry bperry.volat...@gmail.comwrote: FWIW i am currently asking friends if they have a PPC that i can try this one. Sent from a computer On Mar 26, 2014, at 1:37 PM, Brandon Perry bperry.volat...@gmail.com wrote: You must

Re: [Clamav-devel] enabling DMG and XAR support

it. -- Dale On Mar 24, 2014, at 18:57 PM, Brandon Perry wrote: Dale, Not that it *should* matter, but what is your architecture? On 03/24/2014 05:33 PM, Shawn Webb wrote: On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try to recreate the problem in my spare time

Re: [Clamav-devel] enabling DMG and XAR support

with no choice but to abandon it. -- Dale On Mar 24, 2014, at 18:57 PM, Brandon Perry wrote: Dale, Not that it *should* matter, but what is your architecture? On 03/24/2014 05:33 PM, Shawn Webb wrote: On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try to recreate

Re: [Clamav-devel] enabling DMG and XAR support

FOR A PARTICULAR PURPOSE. [root@localhost clamav-0.98.1]# On 03/25/2014 05:54 PM, Brandon Perry wrote: 'CCFLAGS=-O0 ./configure make' [root@localhost clamav-0.98.1]# clamscan/clamscan --version ClamAV 0.98.1 [root@localhost clamav-0.98.1]# uname -a Linux localhost.localdomain 2.6.11-1.1369_FC4 #1 Thu

Re: [Clamav-devel] enabling DMG and XAR support

Looks like fedora 3 and 4 shipped with 4.0. On 03/24/2014 05:33 PM, Shawn Webb wrote: On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try to recreate the problem in my spare time for you. On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh d...@daleenterprise.com wrote: When

Re: [Clamav-devel] enabling DMG and XAR support

Dale, Not that it *should* matter, but what is your architecture? On 03/24/2014 05:33 PM, Shawn Webb wrote: On what up-to-date OSs can I find gcc 4.0 in active use? I'll briefly try to recreate the problem in my spare time for you. On Mon, Mar 24, 2014 at 6:22 PM, Dale Walsh

Re: [Clamav-devel] 0.98.1 not compiling on OS/X Mavericks

I believe that is actually clang, not gcc. Not sure if clang is supported. On Mon, Mar 17, 2014 at 8:38 PM, zck900 zck...@comcast.net wrote: Hello, The build is broken for 0.98.1 when compiling on OS/X 10.9.2 and Xcode 5. Below are the errors... BTW I also did a fresh git clone from the

Re: [Clamav-devel] Introducing OpenSSL as a dependency to ClamAV

Hi, The blog post doesn't mention what would now be SSL-ified. Would the dependency be added to enable support for SSL enabled streams using the clams protocol? On Wed, Feb 26, 2014 at 6:23 PM, Brandon Perry bperry.volat...@gmail.comwrote: Will we see changes to the clamd protocol to support

Re: [Clamav-devel] Introducing OpenSSL as a dependency to ClamAV

Will we see changes to the clamd protocol to support SSL in the near future? On 02/26/2014 10:08 AM, Joel Esler (jesler) wrote: On Friday last week I put a blog post up about introducing OpenSSL into the ClamAV ecosystem. I wanted to make sure everyone saw it, so please have a look at the

Re: [Clamav-devel] Possible bypass via gz?

Hey guys, Is this going to need a CVE? I can forward the info onto oss-sec list and get a CVE assigned. On 02/17/2014 08:12 AM, Matt Olney wrote: Thanks, Bradon. We'll review this. On Sun, Feb 16, 2014 at 7:29 PM, Brandon Perry bperry.volat...@gmail.comwrote: Hi, Not sure

Re: [Clamav-devel] Basics of ClamAV: developing for Win8 and dist thru app store

I would also like to mention that i have written C# bindings for both libclamav and clamd over tcp if that helps IRT windows. https://github.com/brandonprry/clam-sharp Sent from a computer On Feb 18, 2014, at 2:20 PM, Steven Morgan smor...@sourcefire.com wrote: James, Some comments

[Clamav-devel] Possible bypass via gz?

Hi, Not sure if this person is using an old version of ClamAV and I haven't attempted this, but he alleges he has found a way to bypass gzip'ed tarballs by modifying a specific byte within the headers. http://www.exploit-db.com/wp-content/themes/exploit/docs/31685.pdf Hope this is the correct

Re: [Clamav-devel] libclamav and INSTREAM

Why would you *have* to write to the disk? No difference between a file handle to something in memory and to a file on the FS. That being said, i actually used a ramdisk when building my clamav bindings (https://github.com/brandonprry/clam-sharp/). Sent from a computer On Nov 20, 2013, at

Re: [Clamav-devel] ClamAV for Android - what does it take and who could do it?

You would not port the cli. You would compile libclamav for arm and wrap it, no? Sent from a computer On Nov 4, 2013, at 13:54, Nomendo S. nomen...@yahoo.com wrote: What would it take to port ClamAV command line to Android JB/KK/.. and who would be best to do this or elaborate what does it

Re: [Clamav-devel] ClamAV effectiveness

Antivirus is a cop out anyway since it is essentially a reactive solution. It is simple to write custom payloads to be sent that aren't detected by AV. AV catches the low hanging fruit. On Fri, Oct 11, 2013 at 9:41 AM, Nick Johnson npjoh...@cs.princeton.eduwrote: I should mention that I am

Re: [Clamav-devel] ClamAV Blog is back!

This is great news. I was pestering the guys in IRC about it every so often. :) On Fri, Jan 7, 2011 at 3:53 PM, Joel Esler jes...@sourcefire.com wrote: All -- Just wanted to give you all a quick update.  The ClamAV blog, after a two year hiatus, is now back. http://blog.clamav.net We'll

Re: [Clamav-devel] Supporting Emulators

I think if a discussion were to take place on this, Bochs should certainly be an option. http://bochs.sourceforge.net/ It is very mature and used in great projects like qemu. On Sat, Oct 23, 2010 at 6:11 PM, Amr Thabet amr.tha...@student.alx.edu.eg wrote: Hello everyone First I want to say

Re: [Clamav-devel] Virus DB Repo

I agree that this would be neat as long as the current way is still available. I don't want to have to install git or svn on the servers just to be able to update my clam sigs. On Tue, May 18, 2010 at 7:13 AM, David F. Skoll d...@roaringpenguin.comwrote: From: Mohammed Al-Saleh

Re: [Clamav-devel] Do I really have to upgrade to 0.95 ?...

I can understand that on some legacy production systems, it would be easier to work around than upgrade. I have run into FC3 production machines, and just compiling clamav or such wouldn't just work. Limor, can you give us a reason why it's an issue? 2010/3/2 Török Edwin edwinto...@gmail.com

[Clamav-devel] VX Heavens Virus Collection vs ClamAV

I downloaded the virus collection offered by VX Heavens (http://vx.netlux.org/faq.php#whole) which is just over 66,000 viruses, spyware, worms, etc... With the latest updates from ClamAV, just under half of the viruses were detected. The guy who puts this collection together uses Kaspersky to

Re: [Clamav-devel] Virus Signatures

That's nice, have you tried running freshclam to update your database? On Sat, 2008-02-09 at 14:50 +0530, mudit vaidya wrote: I need virus signatures to expand my virus database. Regards Mudit Vaidya ___