: 1196, f-level: 2, builder:
trog)
However when I run:
sigtool -l | grep -i sasser
I get nothing. Shouldn't Worm.Sasser.A, Worm.Sasser.D and Worm.Sasser.B all
show up using this?
Lynn Duerksen
Technical Manager
Futureware Distributing, Inc
|Subject: [Clamav-users] Sasser Worm Virus not shown with sigtool
|
|Freshclam reports:
|
|RELAY:root[sbin] freshclam
|ClamAV update process started at Wed May 5 10:07:25 2004
|Reading CVD header (main.cvd): OK main.cvd is up to date
|(version: 22, sigs: 20229, f-level: 1, builder:
|tkojm)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Helmut Schneider
Sent: Wednesday, March 17, 2004 2:40 AM
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] OpenBSD clamav Port (0.67-1) RAR Files
INFECTED (Worm.Bagle.Gen-rarpwd)
Lynn Duerksen
Fajar A. Nugraha wrote:
Helmut Schneider wrote:
seems that the clamav Port (0.67-1) has problems with RAR Files
(e.g.
Bagle.N):
To avoid missunderstandings, I know the file is pwd, but
clamav does
not recognize the virus within the archive (maybe a DB problem)...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Ted Cabeen
Yep. Some scanners are now able to detect the virus like
this, but they have to scan the entire message in order to do
so. I've written a two line patch that copies the email.txt
Just update a system running .65 to .67-1
/usr/libexec/ld.so: Undefined symbol _deny_severity in
clamd:/usr/lib/libwrap.so.3.0
I tried the OpenBSD port as well as the stable code. Same results
Any suggestions?
Lynn Duerksen
Technical Manager
Futureware Distributing, Inc
OpenBSD 3.3
Amavisd
I went back to .66 since .67-1 is having trouble on OpenBSD 3.3 right
now but now I get the following when running freshclam
ERROR: You must specify at least one database mirror.
The command I used is:
/usr/local/bin/freshclam -l /var/amavisd/var/log/clam-update.log
On Wed, 18 Feb 2004, Lynn Duerksen wrote:
Just update a system running .65 to .67-1
/usr/libexec/ld.so: Undefined symbol _deny_severity in
clamd:/usr/lib/libwrap.so.3.0
I tried the OpenBSD port as well as the stable code. Same results
Any suggestions?
Lynn Duerksen
Technical
(0x40059000)
-lpthread.1 = /usr/lib/libpthread.so.1.0 (0x40083000)
-lc.29 = /usr/lib/libc.so.29.0 (0x4009a000)
-Igor
On Wed, 18 Feb 2004, Lynn Duerksen wrote:
I'm not using milter. Why does this affect an install with postfix
Well, but why run freshclam all the time?
I suppose that I could have run a cron job. But in dealing
Am I wrong in thinking this way? That:
You are wasting your bandwidth running freshclam (well, at
some point the virus db files are up to date so no data is
tx-ed to
Subject: Re: [Clamav-users] Autochecking script for clamd
At 08:50 PM 11/27/2003, Brian Bruns wrote:
Well, I should have put this in the last message.
I guess the one I threw together doesn't require anything special
(doesn't need daemontools), and only needs bash. I have a habit of
Installed latest stable version at 9:00 CSt 11/14 and has run without
problems.
L. A. Duerksen
Technical Manager
Futureware Distributing, Inc
OpenBSD 3.3
amavisd-new-20030616-p2
spamassassin 2.55
postfix-2.0.10
ClamAV version 20030829
---
4 days without a problem...Knock on wood!! No restarts no stale
sockets.
Things are looking good.
Amavisd-new running chroot as user amavisd in directory /var/amavisd
Installed clamav as follows
First: run configure with shown options
./configure --disable-clamav --enable-dependency-tracking
I had two separate system getting hit pretty hard with SOBIG.G. One a
wholesale distributor and one a trucking company. Both running
Amavisd-new - Postfix - Clamd - OpenBSD 3.3. I noticed that most of the
traffic was from less than a couple dozen IP addresses. I set my packet
filters to reject
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Of Tomasz Kojm
Sent: Tuesday, September 16, 2003 10:23 AM
To: [EMAIL PROTECTED]
Subject: Re: [Clamav-users] clamd dies
I have not seen anyone with a solution so far for my
This port looks like it has solved my problem with clamd bombing on me.
I would like to summarize how I did the setup and install for others
running Postfix, Amavisd-new, and Spamassassin on OpenBSD 3.3 in chroot
jail that have reported similar problem. Is there an ftp or http site
were the
I'd like to do some statistics about scanned emails.
I use postfix + amavisd + clamav + cyrus.
Search the list archives. There are so many solutions like
this posted there long ago.
long ago solutions are not searchable since the move to sourceforge.
There are only 213 archived
I finally got a ktrace trap as well.
13403 clamdGIO fd 6 read 16 bytes
17433d48097703e9
13403 clamdRET read 8192/0x2000
13403 clamdPSIG SIGSEGV SIG_DFL code 2 addr=0x38383263 trapno=2
13403 clamdPSIG SIGSEGV SIG_DFL code 0 addr=0x0 trapno=0
13403 clamdNAMI
Tomasz Kojm asked for core file :-) .
I assume the list does not want a 12MB core dump file so I will forward
it directly to Tomasz.
It took me some time to figure out where the file was stored. It ended
up in the root of chroot jail not the clamd working directory.
PS. Please, respond
From: [EMAIL PROTECTED]
Oh, seems that you already tried to mail it to me and of
course my server rejected it. Lynn, if you haven't an easy
way of placing it on the WWW, drop me a note and I'll
increase the message size limit temporarily.
Your wish is my command.
I have placed the
How well does freshclam work in this release, if clamd is run with
amavisd-new in chroot and the following clamav.conf settings
- - - - - - - - - - - - - - - - - - -
# Path to the local socket. The daemon doesn't change the mode of the
# created file (portability reasons). You may want to create
Tomasz Kojm [EMAIL PROTECTED] wrote ..
I'm experiencing the same trouble running a similar setup: OpenBSD3.3,
Postfix, amavisd-new-20030314-p2 (running chrooted), spamassassin, clamd
What I noticed is that the problem occurs after a db update via
freshclam.
I notice that it always
22 matches
Mail list logo