Re: [clamav-users] ClamAV 0.105 release candidate

On Friday last week we opened it up to allow wget and curl to download the ClamAV release packages. I was told yesterday that Cloudflare blocked downloads after those changes were made, in order to protect against an alleged DoS event. I'll check in with our Cloudflare admins again tomorrow

Re: [clamav-users] ClamAV 1020 when pulling 104.2.tar.gz

Should clear automatically after awhile. — Sent from my  iPhone > On Mar 16, 2022, at 13:09, Schneider, Arthur (A.V.) via clamav-users > wrote: > > Hello, > >Looks like we’re getting a 1020 when our automation is pulling the > 104.2.tar.gz. We’re currently in the process of

Re: [clamav-users] human friendly signatures

On 16 March 2022 22:16:05 Eric Tykwinski wrote: Steve, I like the idea, but why the hex; hex? Sorry, should have been clearer... not just hex but Test;Engine:81-255,Target:0;(b0);0f0f0f*0b0b0b;0/blah*(?:[4-7]|[8003]\d)/ etc...>Just thinking about my recent issues with direct deposit

Re: [clamav-users] human friendly signatures

On 16 March 2022 22:16:05 Eric Tykwinski wrote: Steve, I like the idea, but why the hex; hex? Just thinking about my recent issues with direct deposit phishing emails from gmail.com and they are written probably by people, so I can’t really hash it, and have to regex it. On Mar 16,

Re: [clamav-users] human friendly signatures

Steve, I like the idea, but why the hex; hex? Just thinking about my recent issues with direct deposit phishing emails from gmail.com and they are written probably by people, so I can’t really hash it, and have to regex it. > On Mar 16, 2022, at 5:10 PM, Steve Basford > wrote: > > On 16

Re: [clamav-users] human friendly signatures

On 16 March 2022 20:29:19 "Micah Snyder \(micasnyd\) via clamav-users" wrote: yara rule loading logic works right now. (3) a way to specify that a rule is to match in (a) mail headers only or (b) mail body only or (c) both; Just a random early thought... could .ldb be extended...

Re: [clamav-users] ClamAV 0.105 release candidate

I think you vastly overestimate the size of the audience that has that problem. — Sent from my  iPad > On Mar 16, 2022, at 16:23, Bowie Bailey via clamav-users > wrote: > > On 3/16/2022 12:35 PM, G.W. Haywood via clamav-users wrote: >> Hi there, >> >>> On Wed, 16 Mar 2022, Bowie Bailey

Re: [clamav-users] human friendly signatures

> Well I can understand that features which are unique to ClamAV might > demand something more flexible than the Yara specification, although I > don't profess to have great insight into that. I wonder if this means > there's a case for "ClamAV *extensions* to the Yara language" or some >

Re: [clamav-users] ClamAV 0.105 release candidate

On 3/16/2022 12:35 PM, G.W. Haywood via clamav-users wrote: Hi there, On Wed, 16 Mar 2022, Bowie Bailey via clamav-users wrote: On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: On 16/03/2022 20:19, Christoph Moench-Tegeder via

Re: [clamav-users] human friendly signatures

Augh! Some hot-key combination just sent my email draft! Sorry! I was working on a list of the different distinct file formats we currently have, none of which are very easy to read. I'm hoping to illustrate that if we can consolidate this down to something user-friendly it will be a big

Re: [clamav-users] human friendly signatures

The goal for the new sig format would be to include all the existing signature features currently spread across the existing ClamAV-specific signature file formats. Right now we have different file formats for: * NDB * LDB * CDB * FTM * CRB * CFG * PDB,WDB, HDB, HSB,

Re: [clamav-users] ClamAV 0.105 release candidate

> On Mar 16, 2022, at 11:25 AM, Bowie Bailey via clamav-users > wrote: > > On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: >> >>> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: >>> >>> On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: ## Joel Esler

[clamav-users] ClamAV 1020 when pulling 104.2.tar.gz

Hello, Looks like we’re getting a 1020 when our automation is pulling the 104.2.tar.gz. We’re currently in the process of compiling and building for our environment and looks like we were auto banned. I was going a little build crazy with trying to get it working within our automation

Re: [clamav-users] ClamAV 0.105 release candidate

Hi there, On Wed, 16 Mar 2022, Bowie Bailey via clamav-users wrote: On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: ## Joel Esler via clamav-users

Re: [clamav-users] wget blocks - was Re: ClamAV 0.105 release candidate

> On Mar 16, 2022, at 10:55 AM, Andrew C Aitchison > wrote: > > On Wed, 16 Mar 2022, Joel Esler via clamav-users wrote: >>> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt >> > wrote: >>> >>> On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: ##

Re: [clamav-users] ClamAV 0.105 release candidate

On 3/16/2022 10:09 AM, Joel Esler via clamav-users wrote: On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: ## Joel Esler via clamav-users (clamav-users@lists.clamav.net): Can’t use wget. Looks like "can't use

Re: [clamav-users] ClamAV 0.105 release candidate

> On Mar 16, 2022, at 5:35 AM, Gary R. Schmidt wrote: > > On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: >> ## Joel Esler via clamav-users (clamav-users@lists.clamav.net): >>> Can’t use wget. >> Looks like "can't use anything which doesn't look like a web browser", >> as

Re: [clamav-users] ClamAV 0.105 release candidate

On 16/03/2022 20:19, Christoph Moench-Tegeder via clamav-users wrote: ## Joel Esler via clamav-users (clamav-users@lists.clamav.net): Can’t use wget. Looks like "can't use anything which doesn't look like a web browser", as BSD fetch hits the 403, too. That's a major PITA on the BSD side

Re: [clamav-users] ClamAV 0.105 release candidate

## Joel Esler via clamav-users (clamav-users@lists.clamav.net): > Can’t use wget. Looks like "can't use anything which doesn't look like a web browser", as BSD fetch hits the 403, too. That's a major PITA on the BSD side (just like openSuse), but it was working just fine at the time of the