Hi all,
I use the clamdmon utility for monitoring the health of my clamd daemon.
Since receiving the new main, daily, and bytecode this evening my
clamdmon is no longer working.
I found the source code for clamdmon which shows the issue. The code is
looking for a "Eicar-Test-Signature" strin
Hopefully this is just a bug as the eicar test file isn't really a "win" test;
it's just a text file. I imagine many people will have scripts and test
routines set up which expect the name "Eicar-Test-Signature" - I know I do!
Is there any way this can be changed back or does everyone have to u
The signature has been updated this morning to:
PHP.Exploit.CVE_2011_4153-2:0:*:3c3f{-512}646566696e6528{-20}7374725f72657065617428{-20}2461726776
Please update your signatures to Daily CVD 15471 or later.
Thanks,
- Alain
___
Help us build a comprehen
Hello,
i'm seeing the same issue on bunch of linux servers(centos5, ubuntu-10.04).
For example, it found PHP.Exploit.CVE_2011_4153-2 in freepbx tar.gz archive
http://mirror.freepbx.org/freepbx-2.8.0.tar.gz
but if i untar tar.gz and scan the content of archive it can not find anything.
Thank you
I'm getting the same alerts on multiple Linux servers. Mostly on tar.gz
files which have been created a long time ago and have not been changed
since (no tripwire alerts).
When I unpack the tarballs and scan the content I don't get any alter.
Al Varnell wrote:
> Daily 15462 today contained the
Daily 15462 today contained the following:
Submission-ID: 53018933
Sender: Anonymous
Added: PHP.Exploit.CVE_2011_4153-2
A ClamXav user reported that a scan of his hard drive reported the following
file to be infected:
/usr/lib/php/install-pear-nozlib.phar
This file appears to be a shell script
Hello Tom,
> Link to 0.95.3 on http://www.clamav.net/download/sources/ actually goes
> to 0.96rc1
indeed, I just updated it. Thanks for reporting the problem.
Best regards
--
Luca Gibelli (luca _at_ clamav.net) ClamAV, a GPL anti-virus toolkit
[Tel] +39 0187 1851862 [Fax] +39 0187 1852
Link to 0.95.3 on http://www.clamav.net/download/sources/ actually
goes to 0.96rc1
Tom
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
FYI
Just found this:
http://www.sanesecurity.com/
They have shutdown temporarily because of a DDoS problem.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
The rsync mirrors at msrbl.com are not in sync and may create some
confusion in your dl scripts.
dp
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
Hello Nepenthes,
Friday, May 12, 2006, 4:34:58 PM, you wrote:
> We still *have* that good intention, and these stats were written as
> some advertising for nepenthes, not as a 100% reliable source for
> comparisions between different scanners.
You and I are aware of this - but as you can see @
Hi,
On 5/12/06, Christoph Cordes <[EMAIL PROTECTED]> wrote:
> Maybe it is of interest:
> http://nepenthes.mwcollect.org/stats:scannertest
Not really. You have to take the results with a grain of salt for several
reasons:
The test is 6 months old (even if heise.de still sells it as "News")
W
Hello Didi,
Friday, May 12, 2006, 3:44:19 PM, you wrote:
> Maybe it is of interest:
> http://nepenthes.mwcollect.org/stats:scannertest
Not really. You have to take the results with a grain of salt for several
reasons:
The test is 6 months old (even if heise.de still sells it as "News")
Man
Maybe it is of interest:
http://nepenthes.mwcollect.org/stats:scannertest
Didi
--
-
Didi Rieder
[EMAIL PROTECTED]
PGPKey ID: 3431D0B0
-
--
-
Didi Rieder
[EMAIL PROTECTED]
PGPKey ID: 3431D0B0
-
pgp
Because of a security problem there's a new drop for sendmail - now at
version 8.13.6. Details at http://sendmail.org/
dp
___
http://lurker.clamav.net/list/clamav-users.html
I won't make a habit of posting these, but I wanted to brag on our
first month of running clamav live at the University of Texas Pan American.
These are all the viruses stopped at the edge of campus by a filter
in the SMTP stream in the month of September.
(A small number of the reported names ar
Tomasz Papszun wrote:
built.473.daily.db.clamav.or.id text "31 Aug 2004 21-27 +0200"
newcount.473.daily.db.clamav.or.id text "0"
Why 0? There were 1 signature added (in new file malware.hdb contained
in daily.cvd).
Because I only check the unpacked viruses.db2, not the hdb (yet).
It still m
Hello,
> > OT, is there a possibility of moving this list to google groups?
> > Archiving and search features there is really nice :)
>
> We are planning moving the MLs this month (though not to Google :-) ).
There is a online archive of this ML at
http://marc.theaimsgroup.com/
with kind regard
On Wed, 01 Sep 2004 at 14:02:07 +0700, Fajar A. Nugraha wrote:
> FYI, this is the time and number of new virus added to daily.cvd in
> the last 11 days.
[...]
> built.473.daily.db.clamav.or.id text "31 Aug 2004 21-27 +0200"
> newcount.473.daily.db.clamav.or.id text "0"
Why 0? There were 1 signatur
FYI, this is the time and number of new virus added to daily.cvd in
the last 11 days.
The numbers are pretty impressive. The details, including virus names,
is available on clamav-virusdb archive.
[EMAIL PROTECTED] fajar]$ for file in 461 462 463 464 465 466 467 468 469
470 471 472 473 474 475;do
on 8/18/04 2:36 PM, OpenMacNews at
[EMAIL PROTECTED] wrote:
> hi,
>
> for those interested, here are my unadorned, somewhat dusty, 'from scratch'
> install notes for clamav.
>
> for me, works great on OSX 10.3.5.
>
> richard
>
>
> (EDITOR)
hi,
for those interested, here are my unadorned, somewhat dusty, 'from scratch' install
notes for clamav.
for me, works great on OSX 10.3.5.
richard
gmp -- GNU Multiple Precision Arithmetic Library
# http://www.swox.c
On Mon, 24 May 2004 10:05:23 -0400
Jesse Guardiani <[EMAIL PROTECTED]> wrote:
> FYI:
>
> This problem has existed since somewhere between clamd-0.70-rc
> and clamd-0.70 (stable). I'm working around it by running a
> UNIX socket check via monit every 30 seconds or so. clamd hangs
> between 5 and 8
FYI:
This problem has existed since somewhere between clamd-0.70-rc
and clamd-0.70 (stable). I'm working around it by running a
UNIX socket check via monit every 30 seconds or so. clamd hangs
between 5 and 8 times a day at this point. The number of hangs
seems to be proportional to load.
I seem t
On Tue, 02 Mar 2004 12:58:57 +0700
"Fajar A. Nugraha" <[EMAIL PROTECTED]> wrote:
> Sure enough, I found these files on source tarball:
> ./clamd/dazukoio.o
> ./clamd/dazukoio_compat12.o
>
> Deleted these files, and clamav compiles OK.
Fixed, thanks.
--
oo. Tomasz Kojm <[EMAI
Hi,
building the latest snapshot on Solaris gives this error :
ld: fatal: file dazukoio_compat12.o: wrong ELF machine type: EM_386
ld: fatal: File processing errors. No output written to .libs/clamd
collect2: ld returned 1 exit status
make[2]: *** [clamd] Error 1
make[2]: Leaving directory
`/opt/
On Friday 23 Jan 2004 5:05 pm, OpenMacNews wrote:
> i can't say i agree with the suggestion that the developers spend their
> time supporting OSX 10.1.x -- which is no longer supported by Apple
> but, of course, to each their own =)
As I have already said, it has nothing to do with "to each thei
On Fri, 23 Jan 2004 16:12:10 -0800
Mark Edwards <[EMAIL PROTECTED]> wrote:
> Well, despite my better judgement I decided to go ahead and install
> clamav-devel-20040110 on my OSX 10.1.5 machine. Seems to work well,
> as far as I can tell. Tests run fine.
>
> The only issues I've had are freshc
hi,
given the flurry of discussion re: clamav on OSX, i though i'd just offer as an fyi, 0.65 builds/runs flawlessly for me
on OSX 10.2.x & 10.3.x on a variety of stock & upgraded boxes.
i can't say i agree with the suggestion that the developers spend their time supporting OSX 10.1.x -- which i
Well, despite my better judgement I decided to go ahead and install
clamav-devel-20040110 on my OSX 10.1.5 machine. Seems to work well, as
far as I can tell. Tests run fine.
The only issues I've had are freshclam's -c flag seems broken:
[dina:/var/log/clamav] engineer% sudo freshclam -d -c 2
Well, despite my better judgement I decided to go ahead and install
clamav-devel-20040110 on my OSX 10.1.5 machine. Seems to work well, as
far as I can tell. Tests run fine.
The only issues I've had are freshclam's -c flag seems broken:
[dina:/var/log/clamav] engineer% sudo freshclam -d -c 2
On Jan 23, 2004, at 10:28 AM, OpenMacNews wrote:
given the flurry of discussion re: clamav on OSX, i though i'd just
offer as an fyi, 0.65 builds/runs flawlessly for me
on OSX 10.2.x & 10.3.x on a variety of stock & upgraded boxes.
I can confirm that it builds find on 10.3.
i can't say i agree w
> > given the flurry of discussion re: clamav on OSX, i though i'd just
> > offer as an fyi, 0.65 builds/runs flawlessly for me
> > on OSX 10.2.x & 10.3.x on a variety of stock & upgraded boxes.
>
> I can confirm that it builds fine on 10.3.
As I understand it, Apple fully supported pthreads as of
I got bizarre errors with my last two posts, so here goes again. Sorry
if this double-posts...
On Jan 23, 2004, at 10:28 AM, OpenMacNews wrote:
given the flurry of discussion re: clamav on OSX, i though i'd just
offer as an fyi, 0.65 builds/runs flawlessly for me
on OSX 10.2.x & 10.3.x on a va
hi,
given the flurry of discussion re: clamav on OSX, i though i'd just offer as an fyi,
0.65 builds/runs flawlessly for me
on OSX 10.2.x & 10.3.x on a variety of stock & upgraded boxes.
i can't say i agree with the suggestion that the developers spend their time
supporting OSX 10.1.x -- which i
On Tue, 28 Oct 2003 13:38:08 -0600
"Lynn Duerksen" <[EMAIL PROTECTED]> wrote:
> 4 days without a problem...Knock on wood!! No restarts no stale
> sockets.
>
> Things are looking good.
Lynn,
thanks for the good news ! I may confirm that all major (and most minor)
problems with clamd have been f
4 days without a problem...Knock on wood!! No restarts no stale
sockets.
Things are looking good.
Amavisd-new running chroot as user amavisd in directory /var/amavisd
Installed clamav as follows
First: run "configure" with shown options
./configure --disable-clamav --enable-dependency-trackin
37 matches
Mail list logo