Hello Al,
Just wondering if the status page http://www.clamav.net/mirrors.html
should show two entries for clamav.akxnet.de since it represents two IP
addresses; 46.4.61.241 88.198.67.125. It seems to me that you would not
get an accurate reading on the actual mirror status the way it is.
On Sun, 18 Sep 2011 17:55:02 +0200 Radoan rad...@gmx.de wrote:
Hello I use linux debian lenny on my server. I put the adress deb
http://volatile.debian.org/debian-volatile lenny/volatile main contrib
non-free in my /etc/apt/sources.list
After apt-get update and apt-get install clamav
On Sat, 17 Sep 2011 10:25:50 -0400 Dan dantear...@gmail.com wrote:
At 1:33 PM +0200 9/16/2011, Tomasz Kojm wrote:
On Thu, 15 Sep 2011 12:28:50 -0400 Dan dantear...@gmail.com wrote:
At 10:43 AM +0200 9/15/2011, Tomasz Kojm wrote:
OK, now please post the output of 'freshclam --list-mirrors'
Hi there,
On Mon, 19 Sep 2011 Michael Orlitzky wrote:
On 09/16/11 11:53, G.W. Haywood wrote:
Is this one for Mr. Basford, or does it have wider implications?
...
An IP address is a number between 0 and 2^32 (more or less).
There are plenty of ways to represent them.
Unless it's an IPV6
On Monday 19 September 2011 04:20:57 am Tomasz Kojm wrote:
Please open a bug report at bugs.clamav.net
my clamav comes from debian volatile and it starts fine...
I guest its an error in clamav-daemon script..
--
Salu2
Ulinx
Administrador de redes
Ministerio de
On Sunday 18 September 2011 11:55:02 am Radoan wrote:
In my /var/log/clamav/clamav.log is :
Sun Sep 18 17:47:31 2011 - +++ Started at Sun Sep 18 17:47:31 2011
Sun Sep 18 17:47:31 2011 - clamd daemon 0.97.2 (OS: linux-gnu, ARCH:
mips, CPU: mipsel)
Sun Sep 18 17:47:31 2011 - Log file size
A hostname cannot be all digits and except when the IP is used there
will be a TLD, so if you see a pattern such as
http:// 123456789/ cgi-bin/innocent_code.pl
(Ignore the spaces they are there to let this post slip by most antispam
detection) then you can surmise it is an attempt at
On 09/19/11 08:18, G.W. Haywood wrote:
Nah, after thirty-odd years I can do it in my head with dotted quads. :)
Yeah but I'll bet you imagine the bits still =)
But the point remains, this is a pretty obvious and easy target for
any scanner which is looking for malicious activity, so
On 9/19/2011 11:46 AM, Michael Orlitzky wrote:
A hostname cannot be all digits and except when the IP is used there
will be a TLD, so if you see a pattern such as
http:// 123456789/ cgi-bin/innocent_code.pl
(Ignore the spaces they are there to let this post slip by most antispam
On 09/19/11 12:04, Bowie Bailey wrote:
He is not trying to match the IP address. He is trying to match an
unusual way of presenting the IP address that seems to occur primarily
in spam.
Whether this is something that should be done in ClamAV or would be
better done by something like
On 9/19/2011 12:16 PM, Michael Orlitzky wrote:
On 09/19/11 12:04, Bowie Bailey wrote:
He is not trying to match the IP address. He is trying to match an
unusual way of presenting the IP address that seems to occur primarily
in spam.
Whether this is something that should be done in ClamAV or
On Sep 19, 2011, at 12:04 PM, Bowie Bailey wrote:
On 9/19/2011 11:46 AM, Michael Orlitzky wrote:
A hostname cannot be all digits and except when the IP is used there
will be a TLD, so if you see a pattern such as
http:// 123456789/ cgi-bin/innocent_code.pl
(Ignore the spaces they are
On Mon, 2011-09-19 at 12:40 -0400, Bowie Bailey wrote:
On 9/19/2011 12:16 PM, Michael Orlitzky wrote:
On 09/19/11 12:04, Bowie Bailey wrote:
He is not trying to match the IP address. He is trying to match an
unusual way of presenting the IP address that seems to occur primarily
in spam.
On Mon, Sep 19, 2011 at 6:46 PM, Bernd Petrovitsch
be...@petrovitsch.priv.at wrote:
That's the whole problem as both are legal and correct (as in
RFC-compliant) form.
And you want to flag it as spam?
Regardless of form I would call it spam since I've never seen legit
numeric links. I've had my
On 9/19/2011 12:46 PM, Bernd Petrovitsch wrote:
On Mon, 2011-09-19 at 12:40 -0400, Bowie Bailey wrote:
On 9/19/2011 12:16 PM, Michael Orlitzky wrote:
On 09/19/11 12:04, Bowie Bailey wrote:
He is not trying to match the IP address. He is trying to match an
unusual way of presenting the IP
On Sep 19, 2011, at 19:04, Bowie Bailey bowie_bai...@buc.com wrote:
On 9/19/2011 11:46 AM, Michael Orlitzky wrote:
A hostname cannot be all digits and except when the IP is used there
will be a TLD, so if you see a pattern such as
http:// 123456789/ cgi-bin/innocent_code.pl
(Ignore
On 9/19/11 8:46 AM, Michael Orlitzky wrote:
A hostname cannot be all digits and except when the IP is used there
will be a TLD, so if you see a pattern such as
http:// 123456789/ cgi-bin/innocent_code.pl
(Ignore the spaces they are there to let this post slip by most antispam
detection)
On 9/19/2011 2:33 PM, Török Edwin wrote:
Try adding this to a local.pdb file in your dbdir (untested):
R:[0-9]{1,10}(\.[0-9]{1,10}){0,2}:.+
Of course you can improve the regex to detect hexadecimal encoded numbers,
etc.
My IP v4 v6 regex from the CCEE patchset.
18 matches
Mail list logo