On Thursday 12 April 2007 06:53 pm, Dennis Peterson wrote:
And just an fyi, be cautious of the MSRBL-Images file. Rechecking it
while I was typing this shows that with it in place it will cause the
clamd cpu to rise to 90% and stay there. At 11M it may be too big to be
practical.
I think that
Freddie Cash wrote:
On Thursday 12 April 2007 06:53 pm, Dennis Peterson wrote:
And just an fyi, be cautious of the MSRBL-Images file. Rechecking it
while I was typing this shows that with it in place it will cause the
clamd cpu to rise to 90% and stay there. At 11M it may be too big to be
Freddie Cash wrote the following on 4/13/2007 12:43 PM -0800:
I'm running dual proc Sun Sparc systems, and the cpu usage from clamd
appears to be an unhealthy kind of cpu usage. It sits at 95%, and
running truss does not return anything - just an empty screen. I can't
tell what it's doing, but
On Friday 13 April 2007 01:35 pm, Bill Landry wrote:
Freddie Cash wrote the following on 4/13/2007 12:43 PM -0800:
I'm running dual proc Sun Sparc systems, and the cpu usage from
clamd appears to be an unhealthy kind of cpu usage. It sits at 95%,
and running truss does not return anything -
On Friday 13 April 2007 09:25 am, Dennis Peterson wrote:
Freddie Cash wrote:
On Thursday 12 April 2007 06:53 pm, Dennis Peterson wrote:
And just an fyi, be cautious of the MSRBL-Images file. Rechecking it
while I was typing this shows that with it in place it will cause
the clamd cpu to
On Friday 13 April 2007 09:25 am, Dennis Peterson wrote:
Freddie Cash wrote:
Heh, lucky you. =A0:)
Out of the 4199 messages blocked as infected so far this month, 289 of =
them were marked as MSRBL-Images/* by amavisd-new and clamav. =A0
$ tail -5000 /var/j*/*virus |grep -c MSRBL
106
Hi
clamd died again
from clamd.log
SelfCheck: Database modification detected. Forcing reload.
Reading databases from /var/lib/clamav
ERROR: reload db failed: Broken or not a CVD file
Terminating because of a fatal error.Socket file removed.
Pid file removed.
--- Stopped at Thu Apr 12 04:25:08
: jueves, 12 de abril de 2007 9:09
Para: ClamAV users ML
Asunto: [Clamav-users] *.cvd again!
Hi
clamd died again
from clamd.log
SelfCheck: Database modification detected. Forcing reload.
Reading databases from /var/lib/clamav
ERROR: reload db failed: Broken or not a CVD file
Terminating because
On Thu, 12 Apr 2007 11:57:12 +0200
Guillermo Gómez Valcárcel [EMAIL PROTECTED] wrote:
I have the same symptoms.
I wrote my symptoms in another post with subject:
ERROR: reload db failed: Broken or not a CVD file
http://lurker.clamav.net/message/20070411.175950.b7329d9f.en.html
--
oo
On Thu, 12 Apr 2007 12:20:17 +0200, Tomasz Kojm wrote
On Thu, 12 Apr 2007 11:57:12 +0200
Guillermo Gómez Valcárcel [EMAIL PROTECTED] wrote:
I have the same symptoms.
I wrote my symptoms in another post with subject:
ERROR: reload db failed: Broken or not a CVD file
On Thu, 12 Apr 2007 12:20:17 +0200, Tomasz Kojm wrote
On Thu, 12 Apr 2007 11:57:12 +0200
Guillermo Gómez Valcárcel [EMAIL PROTECTED] wrote:
I have the same symptoms.
I wrote my symptoms in another post with subject:
ERROR: reload db failed: Broken or not a CVD file
Asunto: Re: [Clamav-users] *.cvd again! attachment fixed
On Thu, 12 Apr 2007 12:20:17 +0200, Tomasz Kojm wrote
On Thu, 12 Apr 2007 11:57:12 +0200
Guillermo Gómez Valcárcel [EMAIL PROTECTED] wrote:
I have the same symptoms.
I wrote my symptoms in another post with subject:
ERROR
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Obantec Support wrote:
Hi
clamd died again
from clamd.log
SelfCheck: Database modification detected. Forcing reload.
Reading databases from /var/lib/clamav
ERROR: reload db failed: Broken or not a CVD file
Terminating because of a fatal
On Thu, 12 Apr 2007 09:46:39 -0400
James Kosin [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Obantec Support wrote:
Hi
clamd died again
from clamd.log
SelfCheck: Database modification detected. Forcing reload.
Reading databases from /var/lib/clamav
Hello, Tomasz.
You wrote on Thursday, April 12, 2007, 5:49:04 PM:
(2) ClamAV needs to change to fix the issue of a 0-byte CVD file
causing it to CRASH.
I _doesn't_ crash. It reports a critical error and terminates.
Why it can't work with old bases in this situation?
If it possible it will
On Thu, 12 Apr 2007 18:06:51 +0400
Anton Yuzhaninov [EMAIL PROTECTED] wrote:
Hello, Tomasz.
You wrote on Thursday, April 12, 2007, 5:49:04 PM:
(2) ClamAV needs to change to fix the issue of a 0-byte CVD file
causing it to CRASH.
I _doesn't_ crash. It reports a critical error and
On Thu, 12 Apr 2007, Tomasz Kojm wrote:
On Thu, 12 Apr 2007 18:06:51 +0400
Why it can't work with old bases in this situation?
If it possible it will be more better than stop working.
freshclam already takes care to not install broken data and in this case
the broken db (i.e. the empty CVD
On Thursday April 12, 2007 at 12:21:32 (PM) James Bourne wrote:
This brings a question to my mind.
Is there any need for the old .cvd files now that clamd uses the incremental
files?
I took this approach to the problem (freebsd)
I shutdown clamav and freshclam.
Deleted all of the files in
Tomasz Kojm wrote:
On Thu, 12 Apr 2007 18:06:51 +0400
Anton Yuzhaninov [EMAIL PROTECTED] wrote:
Hello, Tomasz.
You wrote on Thursday, April 12, 2007, 5:49:04 PM:
(2) ClamAV needs to change to fix the issue of a 0-byte CVD file
causing it to CRASH.
I _doesn't_ crash. It reports a
On Thu, 12 Apr 2007 13:17:12 -0400
JamesDR [EMAIL PROTECTED] wrote:
Tomasz Kojm wrote:
On Thu, 12 Apr 2007 18:06:51 +0400
Anton Yuzhaninov [EMAIL PROTECTED] wrote:
Hello, Tomasz.
You wrote on Thursday, April 12, 2007, 5:49:04 PM:
(2) ClamAV needs to change to fix the issue of
Same problem here... I had to update clamd server and the database then the
problem was resolved.
Steve
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
To who is experiencing the *.cvd problem due to the 3rd party scripts in
the RPM packages maintained by Petr Kristof , available on
http://crash.fce.vutbr.cz/crash-hat/5/ :
Petr just released an upddated version of his packages, including the
patches to the script I suggested on the list. Now the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Luigi Iotti wrote:
To who is experiencing the *.cvd problem due to the 3rd party
scripts in the RPM packages maintained by Petr Kristof , available
on http://crash.fce.vutbr.cz/crash-hat/5/ :
Petr just released an upddated version of his
On Thu, 12 Apr 2007 18:08:06 -0400
James Kosin [EMAIL PROTECTED] wrote:
I just tested and clamd will try to read any file with the extension
of .cvd in the /var/lib/clamav directory.
My simple question is:
Could this pose a security or virus scanning problem if someone
managed to place an
On Fri, 13 Apr 2007, Tomasz Kojm wrote:
On Thu, 12 Apr 2007 18:08:06 -0400
James Kosin [EMAIL PROTECTED] wrote:
I just tested and clamd will try to read any file with the extension
of .cvd in the /var/lib/clamav directory.
My simple question is:
Could this pose a security or virus
On Thu, 12 Apr 2007 16:22:51 -0600 (MDT)
James Bourne [EMAIL PROTECTED] wrote:
On Fri, 13 Apr 2007, Tomasz Kojm wrote:
On Thu, 12 Apr 2007 18:08:06 -0400
James Kosin [EMAIL PROTECTED] wrote:
I just tested and clamd will try to read any file with the extension
of .cvd in the
On Fri, 13 Apr 2007, Tomasz Kojm wrote:
On Thu, 12 Apr 2007 16:22:51 -0600 (MDT)
James Bourne [EMAIL PROTECTED] wrote:
On Fri, 13 Apr 2007, Tomasz Kojm wrote:
On Thu, 12 Apr 2007 18:08:06 -0400
James Kosin [EMAIL PROTECTED] wrote:
I just tested and clamd will try to read any file with
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomasz Kojm wrote:
--snip--
This can be solved using file permissions as well, eg. by running
clamd with only read privileges to the database directory.
I was thinking about the possible VIRUS or TROJAN being able to gain
root access by some
On Thu, 12 Apr 2007 16:42:07 -0600 (MDT)
James Bourne [EMAIL PROTECTED] wrote:
Yes it may be possible, but that's still no excuse for clamd to bail when
presented with two sets of data files, one invalid and one valid.
There's no perfect solution to this problem. The only good one I could
On Thu, 12 Apr 2007 18:54:30 -0400
James Kosin [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomasz Kojm wrote:
--snip--
This can be solved using file permissions as well, eg. by running
clamd with only read privileges to the database directory.
I was
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomasz Kojm wrote:
On Thu, 12 Apr 2007 16:42:07 -0600 (MDT) James Bourne
[EMAIL PROTECTED] wrote:
Yes it may be possible, but that's still no excuse for clamd to
bail when presented with two sets of data files, one invalid and
one valid.
On Thu, 12 Apr 2007 19:03:09 -0400
James Kosin [EMAIL PROTECTED] wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomasz Kojm wrote:
On Thu, 12 Apr 2007 16:42:07 -0600 (MDT) James Bourne
[EMAIL PROTECTED] wrote:
Yes it may be possible, but that's still no excuse for clamd to
On Apr 12, 2007, at 3:55 PM, Tomasz Kojm wrote:
On Thu, 12 Apr 2007 16:42:07 -0600 (MDT)
James Bourne [EMAIL PROTECTED] wrote:
Yes it may be possible, but that's still no excuse for clamd to
bail when
presented with two sets of data files, one invalid and one valid.
There's no perfect
Tomasz Kojm wrote:
for 3rd party databases this can be managed with a simple script, no need for
adding a keyring manager to ClamAV
I swear it was just 8 weeks ago or so when we last had this discussion
and all manner of fine ideas and scripts came out of it. Me thinks some
folks need to
On Apr 12, 2007, at 5:02 PM, Dennis Peterson wrote:
Tomasz Kojm [EMAIL PROTECTED] wrote:
for 3rd party databases this can be managed with a simple script,
no need for
adding a keyring manager to ClamAV
I swear it was just 8 weeks ago or so when we last had this discussion
and all manner
Chuck Swiger wrote:
On Apr 12, 2007, at 5:02 PM, Dennis Peterson wrote:
Tomasz Kojm [EMAIL PROTECTED] wrote:
for 3rd party databases this can be managed with a simple script,
no need for
adding a keyring manager to ClamAV
I swear it was just 8 weeks ago or so when we last had this
36 matches
Mail list logo