On Wed, 12 May 2010, Fred-145 wrote:
I couldn't find a recent comparison that came from a neutral source, ie. not
marketing material from a vendor or ad-based site. Does someone have a link?
I don't have anything current, and I lost the link a while back, but I
recall an interesting statistic
On Wed, 12 May 2010, Fred-145 wrote:
Unfortunately, I don't have the time and skills for this, so I'd like to
read an unbiased and recent comparison.
Google is your friend. The buzzword you need to remember is 'benchmark'.
I googled for 'antivirus benchmark' and the top result had a nice
long l
I don't see a command line option to force freshclam to use
a specific (non-local) mirror for updates. I want it to go
to a different mirror than the mone that keeps failing.
Do I have to do this in the config?
How do I 'blacklist' the bad mirror?
- C
___
On Wed, 5 May 2010, Paul Whelan wrote:
Is there a problem with this mirror?
Yes, as I read http://www.clamav.net/mirrors.html
paul
Okay, I can see on that page the problem with the Canadian mirror
clamav.gossamer-threads.com, just as I asked about last week.
But does this logging of problem
Hello!
I get the error below from my crond freshclam job a couple of times a day,
BUT it is NOT consistent. The database is usualy updated successfully on the
next hourly run
I can't tell if a different IP is used for the successful update.
Could someone please check on this? See if we ha
On Tue, 16 Jun 2009, Matus UHLAR - fantomas wrote:
> You apparently don't have "SafeBrowsing yes" in freshclam.conf.
Had a look at the relevant FAQ's
I like the idea, but naturally I'm a bit worried about potential
false positives. What has the track-record of this add-on been like?
Can I safe
On Tue, 16 Jun 2009, Robert wrote:
> Freshclam 0.95.2 running from cron on an Linux FC8 system.
> Getting no further than..
> Downloading safebrowsing-4551.cdiff [100%]
I have NOT experienced this problem.
1) I am still on 0.95.1 not .2 (on Centos 4.5 system).
2) I use the db.ca.clamav.net mir
On Tue, 12 May 2009, Török Edwin wrote:
That, and because I'm only on text-based linux, it's a hassle
to get the file pasted into the form. Is there a submission
mechanism that can be accessed via lynx/shell?
You don't paste the file into the form, you attach the file, its like:
/Attach raw mess
On Tue, 12 May 2009, Tom Shaw wrote:
> At 10:04 AM -0400 5/12/09, Charles Gregory wrote:
>> Received the following e-mail that looks like a phishing attempt,
>> http://www.hwcn.org/~cgregory/virus/MTCN_INVOICE.zip
> Charles,
>
> Its a Zbot Trojan. You c
On Tue, 12 May 2009, Steve Basford wrote:
>> Received the following e-mail that looks like a phishing attempt,
>> with an attached zipped .exe file ...
> It's been out since yesterday lunchtime... bit more info here:
> http://www.calendarofupdates.com/updates/index.php?showtopic=19142
> Blocked yes
On Tue, 12 May 2009, aCaB wrote:
> The right place for malware and suspected malware submissions is:
> http://www.clamav.net/sendvirus/
At this point, I don't *know* if it's malware. Didn't want to waste
the maintainer's time if this was just a social engineered phish.
That, and because I'm only
Greetings!
Received the following e-mail that looks like a phishing attempt,
with an attached zipped .exe file ...
I've saved the file to:
http://www.hwcn.org/~cgregory/virus/MTCN_INVOICE.zip
I don't have the facilities to test anything, but just the fact
that it is an attached exe in an ob
On Thu, 2 Apr 2009, Dennis Peterson wrote:
> At Google.com, enter this search pattern:
> changelog site:clamav.net
Another sidenote: I first attempted to search using the search box on the
main page, and it could find no references to '--log-verbose'. So either
the documentation is outside the s
On Thu, 2 Apr 2009, aCaB wrote:
>> Oh, and FTR, I could not find a "change log" or "version notes" on the
>> main clamav website, or I could have answered this question myself
>> A link in the left-side menu would be nice. :)
>
> It's not that hard...
> http://svn.clamav.net/svn/clamav-devel/tr
On Thu, 2 Apr 2009, Tomasz Kojm wrote:
> --log-verbose was inactive since at least 0.87, and was now dropped
> during the 0.95 cleanup. Please use LogVerbose in freshclam.conf
Does the command line option "--verbose" do the same thing? I changed
the command line in the cron job to that and it seem
Started getting these with my Centos4 package freshclam today:
/etc/cron.hourly/freshclam:
/usr/bin/freshclam: unrecognized option `--log-verbose'
ERROR: Unknown option passed
ERROR: Can't parse command line options
The cron job is unchanged since installation.
Did the above option get deprecate
Greetings ClamAV.net webmaster!
The link on page
http://www.clamav.net/download/packages/packages-win32
points to the outdated
http://win32.clamav.net,
which says that it is "no longer supported". Had me scared for a
second there, then I remembered that the live site for ClamWin i
On Mon, 23 Feb 2009, Noel Jones wrote:
> Charles Gregory wrote:
>> If the issue is FreshClam conflicting with another script/process which
>> is updating 'unofficial' configuration files, why not put the onus onto
>> that other script/process? You must be running so
>> You can do it with cron; there's no point in reinventing the wheel and
>> implementing a scheduler within freshclam
> Obviously; however, that adds a different level of complexity. IMHO,
> having the ability to configure it from within the freshclam.conf file
> seems easier.
If the issue is Fre
On Fri, 20 Feb 2009, Dennis Peterson wrote:
> jim.me...@co.hennepin.mn.us wrote:
>> And some people's email systems, which are moronically locked down by
>> management and admins do NOT let you do anything other than top post. Even
>> though they can.
> In nearly 30 years of running mail systems I
Veselin@ wrote:
> I'm running Debian in a production environment,
> I cannot afford using the "volatile" repository,
On Wed, 15 Oct 2008, Bowie Bailey wrote:
> Either install it from "volatile", build it from source, or find a 3rd
> party package that you can install. An antivirus tool is one thin
On Tue, 7 Oct 2008, David F. Skoll wrote:
> Yet you, as a non-ClamAV-developer, are ranting about sysadmin incompetence
> and completely ignoring the real issue. The change DOES NOT AFFECT YOU in
> the slightest. So what the HECK is your problem?
Well, now that you make me think about it, there
On Tue, 7 Oct 2008, Dennis Peterson wrote:
> > However, it has missed the basic premise. The Question and Issue is that
> > ClamAV is failing without warning.
> So does Oracle, Apache, Python, Perl, MySQL, and a zillion other
> products. Dead processes are widely accepted to not be chatty.
You
On Tue, 7 Oct 2008, Dennis Peterson wrote:
> > I disagree. I think this would be VERY useful. Not for the people who
> > don't want to RTFM, but for the people who would rather not have to wade
> > through the docs and changelog to figure out if there are config changes.
> Let me help avoid preve
On Tue, 7 Oct 2008, John Smith wrote:
> I must say that for the disadvantaged, this has been a great debate.
> However, it has missed the basic premise. The Question and Issue is that
> ClamAV is failing without warning.
To which the 'advantaged' respond that the warnings are in 'documentation'
Firstly, apologies for failing to remove my spam tags ([0.0]) in some
e-mails. I know it messes up threading. I try to remember. Sorry.
On 2008/10/07 12:05 AM Jerry wrote:
> Just out of morbid curiosity, who is holding a gun to your head...
Money. The 'gun' is money. Or, more precisely stated, t
On Mon, 6 Oct 2008, David F. Skoll wrote:
> 1) Issue security updates that *only* fix security problems and
> nothing else. This is something that (for example) Red Hat Enterprise
> ...
I use CentOS and notice that it auto-updates to the latest ClamAV.
And strictly speaking, that is a good thing.
On Mon, 6 Oct 2008, Bernd Petrovitsch wrote:
> What could be more obvious than simply stopping to work?
Why do they have an 'oil light' in cars? When your oil gets too low, the
vehicle doesn't stop running. It keeps going, even though it is tearing
the insides of the engine apart from lack of lubr
On Mon, 6 Oct 2008, Jerry wrote:
> I find it hard to believe that ClamAV could be down for *weeks* and
> nobody has notice.
Well, in my case, it was a couple of days, but again, it was quite
disturbing that the first indication of 'trouble' was that I noticed
'error code 3' being returned in heade
On Sat, 4 Oct 2008, Bernd Petrovitsch wrote:
> Well, it's probably better to not update in Friday in the first place.
H. Now that you mention it Yeah, I should set my cron jobs to
only update packages Monday through Thursday. (smile) Thanks!
(and people said this was a useless thread!) :)
On Sat, 4 Oct 2008, Eric Rostetter wrote:
> > But when a mail filter 'fails', mail goes through UNFILTERED,
> > and UNNOTICED. This is just WRONG. Sorry, it is.
> The OP was complaining that it did cause the mailer (exim) to stop.
Well, I feel sorry for him if this happens on a weekend when h
On Sat, 4 Oct 2008, Dennis Peterson wrote:
> Hopefully they're not running mail servers on the Internet elsewise they
> could easily be considered derelict in their responsibilities.
Ah. Yes, I must be 'derelict' because there is only ONE sysadmin (me) and
I go home on weekends?
Heck, I'm not ev
On Sat, 4 Oct 2008, Eric Rostetter wrote:
> > The principle of least surprise says
> But it is a big surprise when the action that old line was supposed to take
> is no longer taken...
But NOT as big a surprise as NO FILTERING AT ALL. That's the sticking
point here. Unless we are all expected
On Fri, 3 Oct 2008, David F. Skoll wrote:
> That's not Clam's fault. On our product, if Clam dies, then mail is
> tempfailed.
I suppose you have 24/7 tech support. We go home on weekends. I don't need
to tempfail all mail until Monday for a config deprecation. So with
respect, this is one case w
CONCRETE SUGGESTION FOR CLAMAV DEVELOPERS (and anyone else with
minimal script writing skills):
CLAMWATCH service.
Either as cron job, or constantly running monitor daemon.
- Checks if clamd service is running (if enabled in startup files)
- Tests clamdscan with simple clean file an
On Mon, 22 Sep 2008, SM wrote:
> At 09:59 22-09-2008, Roberto Ullfig wrote:
> >Somewhat off topic but does someone here know if there's a standard file
> >extension that represents a null program.
> File associations is a Microsoft concept. There are a few reserved
> names for devices but no stan
On Sat, 23 Aug 2008, Anthony Kamau wrote:
> Yeah - I'm smiling too - 72MB for an entire month for ~100 machines on a
> network - that's just bloody cool bananas!
> I don't see any other AV package coming anywhere close!
(sarcasm on)
Hey! The big yellow-label AV does that kind of numbers.
It's ea
On Thu, 21 Aug 2008, Michael Grant wrote:
> Before automating something to post thousands of viruses to that web
> page, you might want to warn a real human first.
Begging pardon, but exactly how is it that this one person has
hundreds (?) of viruses that have not been detected anywhere else?
If
On Wed, 20 Aug 2008, Dennis Peterson wrote:
> > Minor correction: RICH Americans (and Canadians) don't appreciate this
> > dilemma. All the POOR people still using dial-up internet are the victims
> It will be a bad day for all when poor people set the standards of
> quality and functionality for
On Wed, 20 Aug 2008, Spiro Harvey, Knossos Networks Ltd wrote:
> > Bandwidth costs money. How big will the database have to grow before
> > the ClamAV team starts to take notice? Fifty megabytes? A hundred?
> Americans don't understand this dilemma. To them traffic is free...
Minor correction:
On Mon, 11 Aug 2008, Dennis Peterson wrote:
> . A problem I've seen with greylisting is the round-robin MTA pool.
> Each is told in turn to come back later and if the pool is large it can
> take a long time to cycle through all of them.
I don't suppose anyone has a list of these available for
On Mon, 11 Aug 2008, rick pim wrote:
> > > prime advantages of greylisting -- the fact that it will never
> > > block 'real' mail -- turns out, um, not to be true. there are so many
> > > standards-noncompliant MTAs out there
> .. some of the offenders are high profile, fortune-500 compa
On Fri, 8 Aug 2008 [EMAIL PROTECTED] wrote:
> I have been at the other end of backscatter and it is by no means fun
> but when it happens I am fully capable of taking measures against as I
> would any other spam/virus source. This is where RBLs come in handy.
How would an RBL help? Backscatter co
On Fri, 8 Aug 2008 [EMAIL PROTECTED] wrote:
> > telnet isps-server 25 ... HELO bogus ... MAIL FROM:<[EMAIL PROTECTED]>
> > telnet victims-server 25 ... HELO isps-server ... MAIL FROM
> > If victim's SMTP server fails the DATA with a 5xx code, then
> > backscatter goes [EMAIL PROTECTED]
> i
Apologies for mangled subject line on previous post.
I have to remember to remove my markup.
Anyways, I just tested freshclam, and the DNS errors are gone.
So is this an intermittent, recurring problem?
Is there a setting I could 'fix' to prevent it?
Thanks to whoever got it working again!
-
On Wed, 30 Jul 2008, Ventsyslav Vassilev wrote:
> First, you may want to upgrade your BIND version!
> This one is vulnerable to cache poisoning!
Charles quietly represses the urge to post his opinion of a certain
crimson headgear company that introduced a wonderful stable #9 version of
their OS an
On Wed, 30 Jul 2008, Charles Gregory wrote:
> So what caused this to start happening. There have been no changes to
> my DNS. And I'm pretty sure this error did not stop with the 0.93.3
> upgrade
COFFEE FAILURE: #001 user has attempted posting before first morning cup
of coffee
Okay, this DNS error is happening for me now too.
When I first tried freshclam it failed to find .cvd files.
Then it worked so I have my updates, but there
should still be some resolution to the DNS issue?
ClamAV update process started at Wed Jul 30 11:14:41 2008
WARNING: DNS record is older
On Mon, 14 Jul 2008, Tomasz Kojm wrote:
> The logs prove that this was (is?) a problem with your clamav installation.
> Most likely, freshclam was updating files in another directory.
(nod) Ah, right. Somewhere around 0.93.1 (mid Feb.) when the (RH9)
packages were downloaded, I reviewed the new co
On Wed, 18 Jun 2008, Todd Lyons wrote:
> I have repeatedly been getting failures downloading cdiffs from one
> particular mirror:
> WARNING: getpatch: Can't download daily-7359.cdiff from db.us.clamav.net
> WARNING: getfile: daily-7359.cdiff not found on remote server (IP:
> 155.98.64.86)
As I rec
Is there a "load issue" on the mirrors? See comments below
On Fri, 13 Jun 2008, Wolfgang Cernohorsky wrote:
> > But when i run freshclam manually i have following messages.
> > ERROR: Can't download daily.cvd from database.clamav.net
> > Giving up on database.clamav.net...
> > Update failed
Apologies to list. I keep forgetting to remove the spam scores
from my subject. Messes up threading. Sorry.
- Charles
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
Hiyo!
Any time I hit a bug like this with an archive the fault is usually
with a malformed message in the archive. I notice if I search for a blank
string or the single letter "a" or "b" I get the same 'empty page', but
if I search for "c" I get search results. So I am presuming that somehow
when
On Tue, 10 Jun 2008, Luca Gibelli wrote:
> > http://packages.sw.be/clamav/
> > Could the maintainers of 'www.clamav.net' please update their
> > pages to point to this new location? Thanks!
> updated.
> Best regards
Thanks. Did a quick review, and realized I was unclear.
The new location I ci
Second question about RPM locations has been answered, thanks.
http://packages.sw.be/clamav/
Could the maintainers of 'www.clamav.net' please update their
pages to point to this new location? Thanks!
If this list is intended to have an archive, then could someone
please check out the malfunc
Where can I visit the list archives to check to see if a question has
already been answered? I click the link and get a blank page (though
perhaps I need to be subscribed and this has not yet been processed?)
And seeing how I am here, could someone please provide the link
to the latest Redha
Apologies if this is a duplicate. I sent the first one before
my subscription was properly activated (the e-mail response method didn't
seem to work, so I used the web interface)..
Where can I view the list archives to check to see if a question has
already been answered? All the links I can
57 matches
Mail list logo
