Re: [clamav-users] Error while compiling ClamAV

2016-10-19 Thread ANANT S ATHAVALE
Hi, But, the error which I am getting is not w.r.t openssl right now (with github source download). I am currently getting error for libmspack. Please see my original post. regards, anant. - Message from Reindl Harald - Date: Wed, 19 Oct 2016

Re: [clamav-users] swift.doc Doc.Dropper.Agent-1776597

2016-10-19 Thread Joel Esler (jesler)
Yup, that’s one of mine. Glad to see my system is working ;) As far as why it didn’t work, I’ll have to defer this to Steve on the dev team. -- Joel Esler | Talos: Manager| jes...@cisco.com On Oct 19, 2016, at 10:16 AM, Steve Basford

Re: [clamav-users] Error while compiling ClamAV

2016-10-19 Thread Reindl Harald
Am 19.10.2016 um 15:45 schrieb crazy thinker: Can you Please Specify which linux derivative are you using? On 19 October 2016 at 10:07, ANANT S ATHAVALE wrote: Hi, I tried compiling Clamav 0.99.2 with OpenSSL 1.1.0 and was getting error OpenSSL installation is

Re: [clamav-users] Error while compiling ClamAV

2016-10-19 Thread ANANT SHRIPADRAO ATHAVALE
Hi, I am compiling on AIX 6.1. regards, anant. >Can you Please Specify which linux derivative are you using? > >On 19 October 2016 at 10:07, ANANT S ATHAVALE >a...@isac.gov.in> wrote: > >> Hi, >> >> I tried compiling Clamav 0.99.2 with OpenSSL 1.1.0 and was getting error >> OpenSSL

Re: [clamav-users] swift.doc Doc.Dropper.Agent-1776597

2016-10-19 Thread Steve Basford
On Wed, October 19, 2016 3:12 pm, Joel Esler (jesler) wrote: > Heino, > > > Can you clarify which sig caught it? > > > Doc.Dropper.Agent-177659 is not an actual sig number. Damn cut and paste... it's: Doc.Dropper.Agent-1776597 (a hash) -- Cheers, Steve Twitter: @sanesecurity

Re: [clamav-users] swift.doc Doc.Dropper.Agent-1776597

2016-10-19 Thread Joel Esler (jesler)
Heino, Can you clarify which sig caught it? Doc.Dropper.Agent-177659 is not an actual sig number. -- Joel Esler | Talos: Manager| jes...@cisco.com On Oct 19, 2016, at 10:08 AM, Steve Basford >

Re: [clamav-users] swift.doc Doc.Dropper.Agent-1776597

2016-10-19 Thread Steve Basford
On Wed, October 19, 2016 3:05 pm, Joel Esler (jesler) wrote: > So to be clear, it is not detected or it is detected? I think here's saying... * It *should* have been blocked with OLE2BlockMacros yes option but *wasn't* * It is now detected as Doc.Dropper.Agent-177659 -- Cheers, Steve

Re: [clamav-users] Encrypted Word doc/phishing attack

2016-10-19 Thread Joel Esler (jesler)
Seems logical. bugzilla.clamav.net would be a good place to submit the feature request. -- Joel Esler | Talos: Manager| jes...@cisco.com On Oct 19, 2016, at 9:57 AM, Heino Backhaus

Re: [clamav-users] Encrypted Word doc/phishing attack

2016-10-19 Thread Heino Backhaus
Hallo, i would like to make a featurerequest out of this. We've allso received mails with password protected office documents. It would be a nice feature to filter them with an option like the "OLE2BlockMacros yes" option. Lets call it OLE2BlockEncryption yes|no. :) Mit freundlichen Gruessen

[clamav-users] swift.doc Doc.Dropper.Agent-1776597

2016-10-19 Thread Heino Backhaus
Hello List, we've received totay early in the morning mails with a word document containing a malicius macro, which was not detected by clamav. It is now detected as Doc.Dropper.Agent-177659. I've set up clamd with the OLE2BlockMacros yes option which normaly works fine, but not with this file.

Re: [clamav-users] Error while compiling ClamAV

2016-10-19 Thread crazy thinker
Can you Please Specify which linux derivative are you using? On 19 October 2016 at 10:07, ANANT S ATHAVALE wrote: > Hi, > > I tried compiling Clamav 0.99.2 with OpenSSL 1.1.0 and was getting error > OpenSSL installation is misconfigured or missing. > > After googling found