e the issue?
Regards,Marc
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
Hi all!
I'm seeing the same issue with ClamAV 0.103.7 on Debian Testing (Bookworm).
The freshclam.conf is as provided by the Debian package.
Any news on this issue?
Regards,
Alex___
Manage your clamav-users mailing list subscription / unsubscribe:
htt
> On Wed, Jul 29, 2020 at 1:43 PM Koch, Alexander wrote:
>> Hi clamav-users,
>>
>> I know that the proxy is bad and you can't imagine how much I hate
>> SSL-breaking 'enterprise' security gear, but I cannot do anything about
>> it. Is there a w
Hi clamav-users,
I just upgraded one of our Linux machines from Ubuntu 18.04 to 20.04. It
seems that the ClamAV package (although having the same version as in
18.04) has been built with stronger OpenSSL/cURL flags.
Freshclam is no longer able to fetch definition updates due to a weak
SSL cert
Hi all,
I was hoping someone might have some advice on debugging an IDSESSION command
when streaming content to the clamav daemon. I'm trying to understand why small
files (<=1 mb) are being processed appropriately but when I scale the file up
to 2 mb or so, it just spins until it times out. Th
u do end up doing some testing, it would be interesting to find
out what you learn.
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On Oct 29, 2018, at 3:32 PM, Wreschnig, Alexander Scott
mailto:as...@pitt.edu>> wrote:
I have what is hopefully a quick question regarding clam
I have what is hopefully a quick question regarding clamd. What's a good method
for determining ideal chunk sizes when streaming data to the daemon over a
socket connection? Or should I ignore chunking altogether and just stream one
big contiguous file?
The background: I've developed a very sim
ed to create a ign2 file, however
this doesn't fix the issue, it looks like the entry is processed regardless.
Is there another way to fix that other than waiting for the update?
Thanks. Alexander
--
Alexander Lehmann
https://about.me/alexlehm
Hi
I m trying to configure on access scan in my clamav ubuntu instalation
In clamd.conf i set the following
ScanOnAccess true
OnAccessIncludePath /home
When start clamd-daemon (sudo /etc/init.d/clamav-daemon start) in
/var/log/clamav/clamav.log appears the following
" ERROR: ScanOnAccess:
to share that knowledge so that others who may have
> the
> same experience can draw from yours?
>
> On Friday, 28 August 2015 05:22:16 PM Alexander Urcioli wrote:
> > I'm happy to report we located the bug which was not at all due to
> clamav.
> > However knowledge
I'm happy to report we located the bug which was not at all due to clamav.
However knowledge gained! Thanks everyone.
On Fri, Aug 28, 2015, 12:31 Shawn Webb wrote:
> On Thursday, 27 August 2015 01:48:00 PM Charles Swiger wrote:
> > On Aug 27, 2015, at 1:13 PM, Alexander Ur
27, 2015, at 1:13 PM, Alexander Urcioli wrote:
> > We were running into an issue where larger files were not able to be
> moved
> > after scanning with ClamAV. Our hypothesis was that perhaps the process
> has
> > not released access to the file and we were expe
We were running into an issue where larger files were not able to be moved
after scanning with ClamAV. Our hypothesis was that perhaps the process has
not released access to the file and we were experiencing a race condition.
Upon investigating I attempted to monitor the file we were scanning usin
Shawn,
v0.98.4-rc1 now compiled perfectly with the patch applied.
Thanks for the great support
Alexander
Am 20.05.2014 16:53, schrieb Shawn Webb:
On Mon, May 19, 2014 at 2:52 PM, MarkusGMX wrote:
Am 16/05/14 17:57, schrieb Alexander Tampermeier:
Sadly, the libxml2-error still persists
Sadly, the libxml2-error still persists in v0.98.4-rc1.
Hope, it can be fixed soon.
Regards
Alexander
Am 14.05.2014 01:19, schrieb MarkusGMX:
Am 08/05/14 22:52, schrieb Alexander Tampermeier:
Dave,
thank you for your detailed response. First, I tried to configure with
option "--disabl
config"
is executed, the multiarch-wrapper gets executed and decides to execute
either the 32bit or the 64bit binary depending on the contents of the
environment variable "USE_ARCH=32". If "USE_ARCH" holds "32" then the
32bit executable is run, otherwise the
v v0.98.1 and other packages still compile perfectly I suspect
that the issue has also something to do with changes in clamav v0.98.2
and 0.98.3 regarding the way clamav searches for needed libraries. Could
you verify such a conclusion?
Regards
Alexander
Am 08.05.2014 18:15, schrieb David Rayno
Alexander
Am 08.05.2014 09:29, schrieb Shawn Webb:
Did you add the --disable-silent-rules to your ./configure run? It looks
like step 3 is still producing friendly output.
On Thu, May 8, 2014 at 3:21 AM, Alexander Tampermeier <
alexan...@tampermeier.at> wrote:
Hello Shawn,
I executed '
Hello Shawn,
I executed 'make clean distclean'.
I pasted the output of command #2 (CC="gcc ${BUILD64}" ./configure ...)
at http://de.pastebin.de/124756
Output of command #3 (make) is pasted at http://de.pastebin.de/124757
Regards
Alexander
Am 08.05.2014 08:40, schrieb
ere 'echo ${BUILD64}' outputs:
-m64
I pasted the content of my config.log at http://de.pastebin.de/124754
Regards
Alexander
Am 08.05.2014 07:52, schrieb Shawn Webb:
What's the output of this command: file /usr/lib/libxml2.so
Can you paste (preferably to a pastebin service)
Does anybody know how to get around this? I already recompiled libxml2
(v2.9.1) but the error persists.
ClamAV v0.98.1 still compiles perfectly.
Regards
Alexander
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
y 29, 2012 6:55:08 PM PST
> To: ClamAV users ML
> Reply-To: ClamAV users ML
>
>
> Have you uploaded the files that are being incorrectly detected here:
> http://www.clamav.net/lang/en/sendvirus/submit-fp/
>
> ?
>
> Cheers,
> -matt
>
> On Sat, Jan 28, 2012
Hello,
ClamAV falsely detects a BC.Exploit.CVE_2010_0815 in a ".ppt" file. I ran the
file through VirusTotal and only ClamAV shows it as infected. I found a 2-year
old message related to this issue:
http://lurker.clamav.net/search/20380101.00.@ml:clamav-users,false,positive,bc.explo
Arnaud Jacques schrieb:
> At the moment, PUA should not be used in production environment.
> See FAQ (http://www.clamav.org/support/faq/) for details.
>
Thank you for this advice. I just wondered that this problem only
occured since the last main.cvd - update, but we can change this.
But I hav
Hello,
we use clamav to scan http - traffic. Since the main.cvd - update we
have many false - positives with widespread used js - libs.
For example:
http://www.cisco.com/swa/j/global.js
--> PUA.JS.Packed
http://i.dell.com/images/global/js/lib/jquery-1.2.2.js
--> PUA.JS.Packed
http://www.hp.com
/
cp scam.ndb.gz /var/lib/clamav/
cd /var/lib/clamav
gunzip -f phish.ndb.gz
gunzip -f scam.ndb.gz
chown vscan:vscan phish.ndb
chown vscan:vscan scam.ndb
rcclamd restart
Run by root via crontab.
Regards,
Alexander
___
Help us build a comprehensive ClamAV
ppear with
future updates. Version 0.9 only transfers the difference between CVDs
instead of the files in full."
Regards,
Alexander
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
[EMAIL PROTECTED] <> schrieb am :
> On 2006-09-27 14:27, Alexander Hagenah wrote:
>> But they are as different speedy, I never expected.
>
> You're loading and unpacking the virus database each time.
> You see the same difference between "clamscan" and &qu
http://xmailserver.org
--
With kind regards,
Alexander Hagenah
int vCheckClamAv() {
int ret;
unsigned intsigs = 0;
unsigned long int blocks = 0;
struct cl_node *root = NULL;
s
Pierluigi Di Lorenzo wrote:
Following command:
$ cat clam-error.rar | clamscan --unrar -
try:
$cat clam-error.rar | xargs clamscan --unrar
And have You tried it yourself?
Probably You mean:
echo clam-error.rar | xargs clamscan --unrar
But the problem is that clamscan cannot check rar archives from
Alexander Lelyakin wrote:
I have just encountered a problem:
clamscan --unrar
works good only if archive has extension .rar
Following command:
$ cat clam-error.rar | clamscan --unrar -
also does not catch viruses
___
http://lurker.clamav.net/list/clamav
I have just encountered a problem:
clamscan --unrar
works good only if archive has extension .rar
This behavior was found on Debian sarge and on SUSE9.0:
here follows some example:
$ clamscan --unrar clam-error.rar
/home/lel/tmp/clam-error.rar: RAR module failure
UNRAR 3.30 freeware Copyright
Greetings,
Clamd works correctly in foreground.
/var/log/clamd.log
...
+++ Started at Thu Mar 17 22:56:17 2005
clamd daemon 0.83 (OS: linux-gnu, ARCH: i386, CPU: i686)
Log file size limited to 10485760 bytes.
Verbose logging activated.
Reading databases from /var/lib/clamav
Protecting against 31635
Hi, i have sendmail server, the clamav-milter is running on a remote
host. In sendmail.cf server i have clamav configured like this:
Xclamav, S=inet:[EMAIL PROTECTED], T=C:1m;S:30s;R:30s;E:5m
On the clamserver calamav-milter runs with following flags:
-x 1 --external --config-file=/etc/clam/c
On Sun, 30 Jan 2005, Nigel Horne wrote:
> On Sunday 30 Jan 2005 16:47, Alexander Piavka wrote:
>
> > Does someone know a way to skip the sendmail.cf check
>
> Update to clamav-milter 0.81e
The latest cvs version is 0.81d on the site (which i tried with no success
), o
On Sun, 30 Jan 2005, Nigel Horne wrote:
> On Sunday 30 Jan 2005 14:19, Alexander Piavka wrote:
> >
> > Hi, i've upgraded to clamav-0.81 but the clamav-milter complains that:
> > clamav-milter: socket-addr (inet:[EMAIL PROTECTED]) doesn't agree with
> &g
Hi, i've upgraded to clamav-0.81 but the clamav-milter complains that:
clamav-milter: socket-addr (inet:[EMAIL PROTECTED]) doesn't agree with
sendmail.cf
and does not start.
How can i disable this check??
My sendmail server is running on another hosts and connects to clamav-milter on
132.72
Hi, i've upgraded to clamav-0.81 but the clamav-milter complains that:
clamav-milter: socket-addr (inet:[EMAIL PROTECTED]) doesn't agree with
sendmail.cf
and does not start.
How can i disable this check??
My sendmail server is running on another hosts and connects to clamav-milter on
132.72
On Sunday 30 January 2005 12:15 am, Marco van den Bovenkamp wrote:
> Stephen Gran wrote:
> > This is indeed your problem. Probably the problem is that your DNS is
> > not returning the text record, but returning host not found.
>
> Correct. The 'DNS server' (such as it is) in an Alcatel Speedtouch
done the trick. It built and installed. After I correctly
edited freshclam.conf and clamd.conf all seems to be working properly. My
configure line was:
./configure --disable-pthreads --without-libcurl
Thanks much, Nigel.
John Alexander
---
Quoting Trog <[EMAIL PROTECTED]>:
> >
> > I'm running OpenBSD 3.1
> > ./configure --without-libcurl
> >
>
> Thats quite an old version. I don't have any OpenBSD. Looks like
> something is wrong with the build process, it't not trying to link in
> pthread support or a bunch of other libraries.
>
>
Quoting Trog <[EMAIL PROTECTED]>:
> On Thu, 2005-01-20 at 16:18, John Alexander wrote:
>
> >
> > well.. different issues now. I ran it with --disable-libcurl and got the
> same
> > error. I ran it with --without-libcurl and got this .. please pardon the
>
> On Thursday 20 Jan 2005 04:58, John Alexander wrote:
> > Hi,
>
> > gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I./zziplib -I./mspack -g -O2 -c
> > mbox.c -Wp,-MD,.deps/mbox.TPlo -o mbox.o
> > mbox.c:568: curl/curl.h: No such file or directory
> > *** Erro
than upgrading the OS)?
John Alexander
Quoting "C. Bensend" <[EMAIL PROTECTED]>:
>
> > I'm running OpenBSD 3.1 and have ClamAV 0.60 - should have upgraded long
> > ago...
>
> Yes. Both ClamAV _and_ the OS. They're working on 3.7 now. ;)
>
> >
80 (line 216 of Makefile).
Curl is installed in /usr/local/include/curl
Any thoughts or resolutions?
--
John Alexander
This message was sent using IMP, the Internet Messaging Program.
_
Am Mon, Nov 08, 2004 at 05:32:10PM +0100 schrieb Alexander Stielau:
>
> Is it possible to use something like ClamukoScanOnWrite, or is there a
> logical mistake by myself?
I asked by the dazuko-developers, and it is *not* possible at this time
to use ON_CLOSE-Events with 2.6.X-kerne
my setup:
Debian/sid
vendor-kernel 2.6.8-1-k7
dazuko-module 2.0.4 (vanilla, debian-package is very old)
clamv 0.80
(vanilla, because of the debian-package clamav-daemon 0.80-2
seems not to use the clamuk/dazuko-interface:
Nov 8 16:59:47 taurus2 clamd[2814]: Clamuko is no
look into these issues soon.
Thanks for any help!
Cheers,
Alexander
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Hi,
I am trying to update the definitions, but i always
get the error.
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
I have installed the gmp-devel package but still the
error...
Any ideas?
Alex
On Wed, 2004-06-16 at 12:57, Alch wrote:
> > Hi All,
> >
> > As promised, the virus stats page is almost ready to go.
> > I'll clean up
> > the code tomorrow or Thursday and release it GPL.
> >
> > http://mail.limelyte.net/admin/virus/ for a preview.
> >
> > Suggestions, critique, etc are welco
hi,
trying to install clamav on a ppc running debian woody and I
am running into problems.
Configure gives me the following error: “Please
install zlib and zlib-devel packages.”
zlib is installed.
I also tried apt-get and installed clamav but there is no
clamd deamon prese
Hi all
After the last update, Sober.G isn't being detected anymore. Everything
is still ok - this could be good, maybe Sober.G has stopped! Or
something has broke
Has anyone else seen this occuring?
regards
John Alexander
---
Hi,
clamav-milter work ok excpet one thing
the virus notifications are not sent but stay in /var/spool/mqueue
and i've to send them manually by '/usr/sbin/sendmail -qI'
then i go back to clamav-0.70 it work ok.
the flags are:
CLAMAV_FLAGS="--config-file=/etc/clam/clamav.conf
--quarantine-dir=/
why each time clamd start the clamd.socket is created with the following
permitions, and how can i change this behaviour?
srwxrwxrwx1 clamav clamav 0 Feb 8 18:53 clamd.socket=
Thanks
---
The SF.Net email is sponsored by Ecli
This is what i get in the syslog
Feb 5 09:59:21 indigo spamass-milter[26602]: SpamAssassin: accept()
returned invalid socket (Too many open files), try again
Feb 5 09:59:21 indigo spamass-milter[26602]: pipe error: Too many open
files
Feb 5 09:59:21 indigo spamass-milter[26602]: pipe error: T
>
> Hi, the clamav-milter does not want to send a virus message to the
> recipient, or any kind of notification inspite of that i tell
> it not to block virus emails and deliver them to user.
>
> I use the flags
>
> CLAMAV_FLAGS="--config-file=/etc/clam/clamav.conf
> --quarantine-dir=/var/lib/cla
Hi, the clamav-milter does not want to send a virus message to the
recipient, or any kind of notification inspite of that i tell
it not to block virus emails and deliver them to user.
I use the flags
CLAMAV_FLAGS="--config-file=/etc/clam/clamav.conf
--quarantine-dir=/var/lib/clamav/viruses --m
Hi, i'm running mandrake9.1 and have the following rpms installed
libclamav1-0.66-0.20031204.1mdk
clamav-0.66-0.20031204.1mdk
clamd-0.66-0.20031204.1mdk
clamav-db-0.66-0.20031204.1mdk
libclamav1-devel-0.66-0.20031204.1mdk
clamav-milter-0.66-0.20031204.1mdk
today i found that over just one night
Hi,
I've been successfully running a clamav devel-20031128 snapshot
on my OpenBSD 3.3 box to scan mail via smtp-vilter for quite
some time now (it's a bit low-end hardware, K6/233).
I tried twice to upgrade to newer snapshots (specifically,
clamav-devel-20031204 and clamav-devel-20040127), but
59 matches
Mail list logo