Hi, i use clamav in AWS ec2 instances c5.large. When I run the clamscan
command /home/user/testfile the cpu usage is triggered and the instance
stops responding.
Here my config:
clamd --version
ClamAV 0.103.6/26606/Tue Jul 19 04:57:30 2022
LocalSocket /var/run/clamav/clamd.ctl
Hello,
I read this document
https://blog.clamav.net/2016/06/create-your-own-anti-virus-signatures.html
I need add a signature to database:
# cat 30012019_term_4373.doc | sigtool –hex-dump | head -c 2048 > customsig.ndb
# clamdscan -d customsig.ndb 30012019_term_4373.doc
WARNING: Ignoring
Hello?
El 28/02/18 a las 08:38, Emanuel escribió:
Hello,
a client sends a file with a .cmbx extension and the antivirus blocks it.
it is possible to create a rule within the whitelist for the cmbx
extension files??
Is unsafe to add the signature Sanesecurity.Foxhole.Zip_cmd
ttp://www.envialosimple.com>
Emanuel Gonzalez
IT / Departamento Emails
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com>
by donweb <http://www.envialosimple.com>
Nota de confidencialidad: Este mensaje y archiv
eindl Harald"
<clamav-users-boun...@lists.clamav.net on behalf of
h.rei...@thelounge.net> wrote:
Am 27.02.2018 um 12:32 schrieb Emanuel:
> Hello, when I try to update clamav in Centos 7, dependencies I
do not
> know appear.
what is your pr
of the server side?
Regards,
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
IT / Departamento Emails
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com>
by donweb <http://www.envial
/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
IT / Departamento Emails
emanuel.gonza...@donw
what would be the correct way to execute the rsync command?
*--files-from=filelist.txt???*
Regards.!
El 12/12/17 a las 11:48, Reindl Harald escribió:
Am 12.12.2017 um 15:44 schrieb Emanuel:
it's possible import only the foxhole database from
http://sanesecurity.com/usage/linux-scripts
Hello,
it's possible import only the foxhole database from
http://sanesecurity.com/usage/linux-scripts/??
how??
Regards, Emanuel.
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
IT / Departamento Emails
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@d
you have a host table entry for clamav.clamavsrv.tk ?
On 12/7/17 3:27 AM, Emanuel wrote:
Hello,
Here the config:
# client server
DatabaseDirectory /var/lib/clamav
snip
___
clamav-users mailing list
clamav-users@lists.clamav.net
http
asons.
El 07/12/17 a las 08:27, Emanuel escribió:
Hello,
Here the config:
# client server
DatabaseDirectory /var/lib/clamav
UpdateLogFile /var/log/freshclam.log
LogTime yes
LogVerbose yes
LogSyslog yes
LogRotate yes
PidFile /var/run/freshclam.pid
DatabaseOwner clamupdate
AllowSupplemen
port 80 y 53 TCP is OPEN.
Any help please.!!?
Regards,
El 06/12/17 a las 16:51, Yuri escribió:
What is the in freshclam.conf?
06.12.2017 23:36, Emanuel пишет:
through wget the download works
wget clamav.clamavsrv/main.cvd
--2017-12-06 13:35:28-- http://clamav.clamavsrv.tk/main.cvd
daily.cvd from clamav.clamavsrv
Giving up on clamav.clamavsrv.tk...
Update failed. Your network may be down or none of the mirrors listed in
/etc/freshclam.conf is working. Check
http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
El 06/12/17 a las 13:30, Emanuel escribió:
No error
No error in the apache logs
should I open some other port besides 80?
El 06/12/17 a las 12:51, Yuri escribió:
Apache's error.log?
06.12.2017 21:23, Emanuel пишет:
Hello.!!
i configure a local mirror, but the server client not download the
daily.cvd.
Apache Local Mirror config
any helps?
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
IT / Departamento Emails
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com>
by donweb <http://www.envialosimple.com>
Nota de confide
Other virus not detected
https://www.virustotal.com/#/file/6b7b11077b2bcdbce94eff73722a4f78103d2e87bd4331654bc65c0daeb176dd/detection
El 14/11/17 a las 09:52, Emanuel escribió:
Scan the attachment, clamav not detect this file.
El 14/11/17 a las 09:51, Al Varnell escribió:
You mentioned two
.
-Al-
On Tue, Nov 14, 2017 at 04:36 AM, Emanuel wrote:
the first scan is with kaspersky online
El 14/11/17 a las 09:31, Al Varnell escribió:
That's not the same file you showed before. The SHA256 is different.
-Al-
On Tue, Nov 14, 2017 at 04:23 AM, Emanuel wrote:
Please see
https
the first scan is with kaspersky online
El 14/11/17 a las 09:31, Al Varnell escribió:
That's not the same file you showed before. The SHA256 is different.
-Al-
On Tue, Nov 14, 2017 at 04:23 AM, Emanuel wrote:
Please see
https://www.virustotal.com/es-ar/file
/en/file/142a177f214671f7abd22f9e545595bf56a8116763bb7e9de7368aa1b2d381bf/analysis/
<https://www.virustotal.com/en/file/142a177f214671f7abd22f9e545595bf56a8116763bb7e9de7368aa1b2d381bf/analysis/>>
but go ahead and try to submit it anyway.
-Al-
On Tue, Nov 14, 2017 at 03:33 AM, Emanuel w
v database?
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
Deliverability Specialist
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com>
by donweb <http://www.envialosimple.com>
Nota de confide
is not the partition cleaned?
Thanks for any hints or help in advance.
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
Deliverability Specialist
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com&g
Hello community!, I need front-end or a Web-interface for clamav in my
server for monitoring , how to do it.
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
Deliverability Specialist
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envia
27.10.2017 um 17:28 schrieb Emanuel:
Oh man.! the service is not running:
"well, yes, install clamd, start clamd and configure the milter to use
the clamd socket you defined or the clamd instance over TCP" should
have been pretty clear
# clamdscan --reload
ERROR: Could not lookup
ttp://www.envialosimple.com>
Emanuel Gonzalez
Deliverability Specialist
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com>
by donweb <http://www.envialosimple.com>
Nota de confidencialidad: Este mensaje y archiv
for your help.
Regards,
El 27/10/17 a las 09:45, Reindl Harald escribió:
Am 27.10.2017 um 14:16 schrieb Emanuel:
Hello,
i solved this problem, but i see this error:
Oct 27 09:15:39 vps-1388337-x clamav-milter: WARNING: No clamd server
appears to be available
Oct 27 09:16:38 vps-1388337-x
: No clamd server
appears to be available
any ideas?
El 26/10/17 a las 15:23, Emanuel escribió:
Hello,
i try to install clamav-milter but i received this error
why?
Oct 26 15:24:31 vps-1388337-x systemd: clamav-milter.service holdoff
time over, scheduling restart.
Oct 26 15:24:31 vps-1388337
, emanuel.
--
envialosimple.com <http://www.envialosimple.com>
Emanuel Gonzalez
Deliverability Specialist
emanuel.gonza...@donweb.com <mailto:emanuel.gonza...@donweb.com>
www.envialosimple.com <http://www.envialosimple.com>
by donweb <http://www.envialosimple.com>
Nota de confid
rc_status -v
;;
/snip
and that's where it hangs.
Anyone have had the same/similar problems and would happen to be able
to shed some light on this issue?
Can I provide more information, so this problem can be examined further?
Thanks in Advance
Emanuel
light on this, is
to have ptrace invoked when starting clamav in the boot sequence, this
might help in debugging things.
Thanks and Regards
Emanuel Nacht
___
http://lurker.clamav.net/list/clamav-users.html
USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND
806 clamav25 0 16560 16m 692 R 96.7 1.6 0:04.05 ls
I will keep an eye on this, and post a follow-up if this problem persists.
Regards
Emanuel
___
http://lurker.clamav.net
that information.
thanks in advance for any answers
emanuel
---
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE
31 matches
Mail list logo