On Tue, Apr 13, 2004 at 03:50:48PM -0400, Jim Maul said:
> > I also have the same problem. Apparently, I have two locations
> > where the updates are stored. ClamAV was using
> > /usr/local/share/clamav and freshclam was storing updates in
> > /var/lib/clamav. So I made clamav.conf point to /var/l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I had this same problem with 0.70-rc; I was finding that the virus got missed
when it was in email but could be detected in a stand-alone file. I picked up
each day's snapshot until it started to be detected: this was ClamAV version
devel-20040327.
I actually did check both config files and
made sure both point to the same database
directory. The only weird part is that when
I do sigtool --list, it still looks at the
old database path.
What I did to fix it is just remove the old
directory, and made a link to the correct
path so that sigtool
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Henry
> Harvey
> Sent: Tuesday, April 13, 2004 2:14 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] Netsky P not being blocked, using 0.70-rc
>
>
> I also have the
On Apr 13, 2004, at 11:13 AM, Henry Harvey wrote:
I restarted clamd, amavisd and all went ok.
But when I run sigtool --list it tells me
ERROR: Can't open directory /usr/local/share/clamav
How can I make it point to the new location
of the database files? And how can I make sure
that my clamd is now
I also have the same problem.
Apparently, I have two locations
where the updates are stored. ClamAV
was using /usr/local/share/clamav
and freshclam was storing updates in
/var/lib/clamav. So I made clamav.conf
point to /var/lib/clamav also.
And just to make sure that nothing is using
/usr/local/sh
I finally blocked Somefool.P/Netsky.P with clamav:
copy of message from Amavisd-new
A virus was found in an email from:
<[EMAIL PROTECTED]>
The message was addressed to:
-> <[EMAIL PROTECTED]>
The message has been quaran
On Apr 10, 2004, at 5:44 PM, Bill Randle wrote:
On Sat, 2004-04-10 at 16:49, Jeff Ramsey wrote:
On Apr 10, 2004, at 9:27 AM, Colin A. Bartlett wrote:
Jeff Ramsey Sent: Friday, April 09, 2004 4:23 PM
I have done some further testing, and I am blocking Somefool and
Somefool.B, but I am not blockin
On Sat, 2004-04-10 at 16:49, Jeff Ramsey wrote:
> On Apr 10, 2004, at 9:27 AM, Colin A. Bartlett wrote:
>
> > Jeff Ramsey Sent: Friday, April 09, 2004 4:23 PM
> >
> >> I have done some further testing, and I am blocking Somefool and
> >> Somefool.B, but I am not blocking variant P.
> >
> > FWIW, t
On Sat, 10 Apr 2004 16:49:52 -0700
Jeff Ramsey <[EMAIL PROTECTED]> wrote:
>
> On Apr 10, 2004, at 9:27 AM, Colin A. Bartlett wrote:
>
> > Jeff Ramsey Sent: Friday, April 09, 2004 4:23 PM
> >
> >> I have done some further testing, and I am blocking Somefool and
> >> Somefool.B, but I am not block
On Apr 10, 2004, at 9:27 AM, Colin A. Bartlett wrote:
Jeff Ramsey Sent: Friday, April 09, 2004 4:23 PM
I have done some further testing, and I am blocking Somefool and
Somefool.B, but I am not blocking variant P.
FWIW, this same thing happened to me when I upgraded from Clam .60 to
the
latest ve
Jeff Ramsey Sent: Friday, April 09, 2004 4:23 PM
> I have done some further testing, and I am blocking Somefool and
> Somefool.B, but I am not blocking variant P.
FWIW, this same thing happened to me when I upgraded from Clam .60 to the
latest version. Apparently I installed it in a different pla
I have done some further testing, and I am blocking Somefool and
Somefool.B, but I am not blocking variant P. My Sophos is picking it up
as Netsky P. Both Sophos and clamav are being called by Amavisd-new via
sendmail milter. Is there some sort of binary on my box that I have
forgotten to give
On Wed, 7 Apr 2004 20:22:07 +0100, "Antony Stone"
<[EMAIL PROTECTED]> said:
> On Wednesday 07 April 2004 7:59 pm, Jeff Ramsey wrote:
>
> I'm picking up Worm.SomeFool.P (aka Worm/NetSky.P according to Antivir,
> W32/[EMAIL PROTECTED] according to F-Prot, W32/[EMAIL PROTECTED] according to
> McAfe
On Wednesday 07 April 2004 7:59 pm, Jeff Ramsey wrote:
> Do I have to use a CVS version to get this one to be detected? Sophos
> detects it fine on this machine.
No.
I'm picking up Worm.SomeFool.P (aka Worm/NetSky.P according to Antivir,
W32/[EMAIL PROTECTED] according to F-Prot, W32/[EMAIL PRO
15 matches
Mail list logo
