I lied.
The DNS server order in resolv.cfg was wrong. The external DNS servers were
supposed to be first.
Sorry for wasting time.
- Original Message
From: Sean McGlynn <[EMAIL PROTECTED]>
To: clamav-users@lists.clamav.net
Sent: Tuesday, October 30, 2007 10:01:17 AM
Subject: [
Hello,
After changing our DNS services from Netware to OES Linux/BIND, freshclam
stopped getting updates.
When we run freshclam we get:
WARNING: Can't query current.cvd.clamav.net and
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Connecting via Our_proxy_server_IP
Reading CVD header
It appears that if clamuko is configured to scan a particular directory on
access, then clamscan does not actually identify the file as an infected file.
The results of the clamscan show Infected files: 0, even though the directory
has an infected file (in this case, eicar for testing). In add
Tilman,
Thank you for your reply.
Everything is being done as root.
Sean
- Original Message
From: Tilman Schmidt <[EMAIL PROTECTED]>
To: ClamAV users ML
Sent: Wednesday, October 17, 2007 9:30:23 AM
Subject: Re: [Clamav-users] eicar Identified But Not Moved
Sean McGlynn s
bject: Re: [Clamav-users] eicar Identified But Not Moved
Hey,
I don't know if clamuko should deny access to this file. If you are
running Clamuko then disable it please ;-) or show us ls -al
/home/justlgn/test/eicar.com
/rl
Sean McGlynn wrote:
> The following is what appears in the trace
r Identified But Not Moved
On 10/16/07, Sean McGlynn <[EMAIL PROTECTED]> wrote:
> Just to be certain (It's not my first day with Linux, but I'm still
> relatively new to it), you mean NFS as in Network File System, as in mounting
> a remote file system on the Linux s
root 232 Oct 17 06:56 ..
-rw-r--r-- 1 justlgn users 69 Oct 16 10:56 eicar.com
Thanks again.
- Original Message
From: Török Edvin <[EMAIL PROTECTED]>
To: ClamAV users ML
Sent: Tuesday, October 16, 2007 3:18:43 PM
Subject: Re: [Clamav-users] eicar Identified But Not Moved
On 10/
--
From: Török Edvin <[EMAIL PROTECTED]>
To: ClamAV users ML
Sent: Tuesday, October 16, 2007 3:18:43 PM
Subject: Re: [Clamav-users] eicar Identified But Not Moved
On 10/16/07, Sean McGlynn <[EMAIL PROTECTED]> wrote:
> Just to be certain (It's not my first day with Linux, but I'
u can remove the infection and if
necessary reinstall or rebuild the application anew.
On Oct 16, 2007, at 1:43 PM, Sean McGlynn wrote:
> I read in another post that the only way to quarantine an infected
> file that is discovered during an on access scan (i.e. via Clamuko)
> it to
estination directory for
quarantine files on on the root filesystem, local to the machine.
- Original Message
From: Dennis Peterson <[EMAIL PROTECTED]>
To: ClamAV users ML
Sent: Tuesday, October 16, 2007 2:40:32 PM
Subject: Re: [Clamav-users] eicar Identified But Not Moved
Se
:09 PM
Subject: Re: [Clamav-users] eicar Identified But Not Moved
Dennis Peterson wrote:
> Sean McGlynn wrote:
>> Dennis,
>>
>> Thank you for taking the time to reply.
>>
>> Yes, I am running the scan as root.
>>
>> Sean
>>
>>
>
> I
Dennis,
Thank you for taking the time to reply.
Yes, I am running the scan as root.
Sean
- Original Message
From: Dennis Peterson <[EMAIL PROTECTED]>
To: ClamAV users ML
Sent: Tuesday, October 16, 2007 2:17:38 PM
Subject: Re: [Clamav-users] eicar Identified But Not Moved
Hello,
I am testing clamscan, and running the following command:
clamscan -r --move=/var/log/clam/infected -l /var/log/clam/dailyclamscanSPM
/home/justlgn/test/eicar.com
The results indicate "can't open file," and that no infected files were found.
The clam log file shows that the file was id
I read in another post that the only way to quarantine an infected file that is
discovered during an on access scan (i.e. via Clamuko) it to write a script
that would parse the log file for the location of the infected file and then
move it or delete it as desired. Is this correct? If not, wha
Hello,
I am looking for better information when notified by ClamAV that a virus has
been detected. Thus far I have VirusEvent /bin/echo "VIRUS ALERT: ClamAV found
%v." | /bin/mail -s "ClamAV Virus Detection" -r ClamAV [EMAIL PROTECTED], which
basically tells me that a particular virus was dete
15 matches
Mail list logo
