Re: [clamav-users] Reporting malware/false negatives

k164-NZlttUtz.docx 281f596c2a5821ef52b9ed036d51d7c2 pbj5a57gw5-pMlSuWbYRjT1.docx 440f44ac9ca212b8ecf38e48faa9dfac g9kfak164-NZlttUtz.docx If you're reading this and would also like a sample of these, let me know. On Wed, Mar 22, 2017 at 9:50 AM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.c

Re: [clamav-users] Manual cdiff update procedure

Why would freshclam not be used? -- Sent from my iPhone > On Apr 6, 2017, at 07:36, venkat swaminathan wrote: > > Thanks Allan, > Mentioned below is my current progress. > all in /tmp/clam folder > > sigtool --unpack-current=daily (Unpacked Existing CVD from

Re: [clamav-users] Question about .cvd files

1. bytecode.cvd contains AV signatures written in our bytecode language. This allows us to have very advanced processing of files for detection. 2. Malware may not be specific to one OS. Or malware may be copied from OS to OS. 3. I don’t think you’d wan to do this, based upon what I just

Re: [clamav-users] Sporadic signature frequency

Yes — Since more and more content is being shipped, it’s taking longer and longer to build the daily.cvd. So if the build of a daily is locked when it comes around to build the next one, it doesn’t build the second one. Hence why they are coming more spaced out. Couple remedies for this,

Re: [clamav-users] Identify Threat Risk Level with ClamAV

Wouldn’t all malware be a large risk? -- Joel Esler | Talos: Manager | jes...@cisco.com On Apr 14, 2017, at 12:47 AM, crazy thinker > wrote: Hi ClamAV Developers,Users I know that ClamAV is a very powerful

Re: [clamav-users] Sporadic signature frequency

rote: Thanks Joel, that makes sense, what's is the issue with the current deletion strategy? On Apr 17, 2017, at 9:33 AM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: Yes — Since more and more content is being shipped, it’s taking longer and longer to build t

Re: [clamav-users] ClamAV for EnterPrise

Alright all — I think the conversation and arguing has gone on long enough and we’ve beat not only the topic to death, but the topics after the topic are now dead. I’ve received enough complaints at this point to call a truce. -- Joel Esler | Talos: Manager |

Re: [clamav-users] ClamAV for EnterPrise

9, 2017 8:20 AM >> To: ClamAV users ML <clamav-users@lists.clamav.net> >> Subject: Re: [clamav-users] ClamAV for EnterPrise >> >> @Joel >> >> That Sounds good but ClamAV is OpenSource.. how can we use it in >> Commercial Product ? >> >>>

Re: [clamav-users] ClamAV for EnterPrise

All -- ClamAV does not have any plans on making an enterprise version or management console. We make a commercial product for that, which also uses ClamAV in its engine. I think that settles the conversation. -- Sent from my iPhone > On Apr 19, 2017, at 04:08, Reindl Harald

Re: [clamav-users] Another possible FP?

Are they FPs? Or just alerts? -- Sent from my iPhone > On Apr 23, 2017, at 14:17, "ad...@web-envy.com" wrote: > > I can confirm that today I did not get any of these FPs, however I am > getting a bunch of these instead. A lot of them are on older email messages > that look

Re: [clamav-users] (no subject)

These come in spurts. When we suddenly get a rash of 50-100 new people on the list for whatever reason, we get one or two of these. Part of being a member of a community. It sucks that we have these every now and again, and it can be annoying, but we just guide them to the exit and call

Re: [clamav-users] Daily 23161 broke Clam

A new daily with the Sig dropped. Probably what we will do to prevent this from happening again, is to have 0.99.3 (the upcoming version) require pcre 7. How does that sound? -- Sent from my iPhone > On Mar 3, 2017, at 18:08, Chris Conn wrote: > > Hello, > > I hope you

Re: [clamav-users] Daily 23161 broke Clam

the future, or would it simply > disable pcre support in previous version of clamd that have not been upgraded? > > Thanks, > > Chris > >> On 3/3/2017 6:13 PM, Joel Esler (jesler) wrote: >> A new daily with the Sig dropped. >> >> Probably what we will do to

Re: [clamav-users] ClamAV for windows: GUI and chocolatey package

\ On Mar 5, 2017, at 6:01 PM, Benny Pedersen <m...@junc.eu<mailto:m...@junc.eu>> wrote: Joel Esler (jesler) skrev den 2017-03-05 13:42: We make Immunet. It combines a cloud based detection engine with the offline capability of clamav. It's extremely effective and free. windo

Re: [clamav-users] Daily 23161 broke Clam

. -- Sent from my iPhone > On Mar 5, 2017, at 22:29, Noel Jones <njo...@megan.vbhcs.org> wrote: > >> On 3/5/2017 6:51 AM, Joel Esler (jesler) wrote: >> The question here is, do we strive to make a package that is installable on >> more machines, (even ones that ar

Re: [clamav-users] Daily 23161 broke Clam

We cannot be tied to distribution support problems. -- Sent from my iPhone > On Mar 4, 2017, at 17:44, Benny Pedersen wrote: > > Leonardo Rodrigues skrev den 2017-03-04 23:12: >> is clamav a redhat product ?!?! I don't think so. That being said, i >> see absolutely no point at

Re: [clamav-users] Daily 23161 broke Clam

interested in people's feedback, as right now, this thread seems to be about 50/50 (in requiring pcre 7) -- Sent from my iPhone > On Mar 5, 2017, at 06:39, Ned Slider <n...@unixmail.co.uk> wrote: > >> On 04/03/17 22:54, Joel Esler (jesler) wrote: >> We cannot be tied

Re: [clamav-users] R: Re: ClamAV for windows: GUI and chocolatey package

We make Immunet. It combines a cloud based detection engine with the offline capability of clamav. It's extremely effective and free. -- Sent from my iPhone > On Mar 5, 2017, at 05:46, "erotavlas_tu...@libero.it" > wrote: > > Hi, > whenever it is possible, I

Re: [clamav-users] R: Re: R: Re: ClamAV for windows: GUI and chocolatey package

wever, since I have asked about AV for windows which is all except that > free > and user privacy friendly, I can take a look at immunet. > Can you tell me if immunet uses ads, adware and something similar? > > Thank you > > >> Messaggio originale >> Da:

Re: [clamav-users] Verify Integrity of ClamAV Sources: Unable to find Sourcefire VRT key

This should be fixed with the 99.3 release, which should be coming out soon. -- Joel Esler | Talos: Manager | jes...@cisco.com > On Jul 28, 2017, at 1:09 AM, Al Varnell wrote: > > See if this helps: GPG signature problem with

[clamav-users] ClamAV® blog: ClamAV 0.99.3 beta has been released!

http://blog.clamav.net/2017/08/clamav-0993-beta-has-been-released.html ClamAV 0.99.3 beta has been released! Join us as we welcome ClamAV 0.99.3 beta for testing! Be sure and grab the beta release on our official ClamAV download site. Welcome to ClamAV

Re: [clamav-users] Please remove me

Click on the "lists" link below, and you will find directions for how to do it yourself. -- Sent from my iPhone > On Jul 10, 2017, at 08:30, Walker, Jason T. wrote: > > Thanks! > ___ > clamav-users mailing list >

Re: [clamav-users] GPG signature problem with clamav-0.99.2.tar.gz

Jim, Thanks. This look like the vulndev key. The correct key is on the contact page of Talosintelligence.com. We'll take a look here. -- Sent from my iPhone > On Jun 30, 2017, at 13:46, Jim Michaud wrote: > > I just downloaded clamav-0.99.2.tar.gz from >

Re: [clamav-users] clamav-0.99.2 Installation

If you are simply looking for a free antivirus engine for Windows, but also includes ClamAV, we recommend another product we make called Immunet. It also contains ClamAV, so you get the best of both worlds, for free. -- Sent from my iPhone > On Jul 2, 2017, at 13:10, G.W. Haywood

Re: [clamav-users] clamav-0.99.2 Installation

We no longer host any of the official downloads on Sourceforge. In fact, all projects that we maintain are moving off of sourceforge. -- Sent from my iPhone > On Jul 2, 2017, at 12:14, Andy Schmidt wrote: > > Hi David, > >>> I recently installed ClamWin (ver

Re: [clamav-users] sanesecurity: Permission denied

Just for the record, I think it's fine that sanesecuirty posts are on this list. -- Sent from my iPhone > On Jul 3, 2017, at 07:23, Al Varnell wrote: > > None of these are ClamAV files, so you need to take this up with the >

Re: [clamav-users] New ClamAV update?

All the ones listed in that list are fixed if you are running the current version. -- Joel Esler | Talos: Manager | jes...@cisco.com On Jul 3, 2017, at 9:54 AM, Mark Foley > wrote: On Sun, 02 Jul 2017 11:25:34

Re: [clamav-users] New ClamAV update?

We are currently planning on 0.99.3 coming out near the end of July. -- Joel Esler | Talos: Manager | jes...@cisco.com On Jun 29, 2017, at 5:10 PM, Al Varnell > wrote: CVE-2012-6706 concerns a VMSF_DELTA memory

Re: [clamav-users] ClamAV for EnterPrise

a better position to answer these than a fellow user, but I'll give some of it a try. On Wed, Apr 19, 2017 at 08:05 PM, Benny Pedersen wrote: Joel Esler (jesler) skrev den 2017-04-20 01:40: Alright all — I think the conversation and arguing has gone on long enough and we’ve beat not only the topic to

Re: [clamav-users] Mirror problem

I’ve created a ticket for removal for our operations team. -- Joel Esler | Talos: Manager | jes...@cisco.com On Apr 20, 2017, at 2:48 PM, Ted Hatfield > wrote: On Thu, 20 Apr 2017, Kristen R. wrote: On 4/20/17 7:42 AM, Dennis

Re: [clamav-users] Mirror problem

Thanks Ted. -- Joel Esler | Talos: Manager | jes...@cisco.com On Apr 20, 2017, at 2:48 PM, Ted Hatfield > wrote: On Thu, 20 Apr 2017, Kristen R. wrote: On 4/20/17 7:42 AM, Dennis Peterson wrote: Anyone else seeing this?

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 beta has been released!

Copy and paste error! Good catch -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Aug 4, 2017, at 3:09 AM, Matus UHLAR - fantomas <uh...@fantomas.sk<mailto:uh...@fantomas.sk>> wrote: On 03.08.17 23:04, Joel Esler (jesler) wrote: * Depreca

Re: [clamav-users] Different results: Clamscan vs ClamWin

First thing I notice is that you are running two different versions of ClamAV. -- Sent from my iPhone > On May 2, 2017, at 20:08, Rafael Ferreira wrote: > > Can you tell us which virus you encountered? Also can you validate that the > file has the same checksum in both

Re: [clamav-users] Malware/ransomware and Yara signatures with clamav

ClamAV isn't only used for mail. Clamwin and Immunet client will catch this. -- Sent from my iPhone > On May 14, 2017, at 12:42, G.W. Haywood wrote: > > Hi there, > >> On Sun, 14 May 2017, Alex wrote: >> >> Are clamav users protected from this ransomware? > >

[clamav-users] ClamAV® blog: ClamAV will be publishing a new Main.cvd on Wednesday, June 7th, 2017

http://blog.clamav.net/2017/05/clamav-will-be-publishing-new-maincvd.html We are currently planning on cutting a new Main.cvd on Wednesday, June 7th, 2017. After the new Main.cvd is published the "daily" load on the mirrors and your networks should be much lighter. As always, this will

Re: [clamav-users] New Main.cvd coming

main.cvd will receive a cdiff. So, the size will be considerably smaller than a full “main” push. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On May 17, 2017, at 10:48 AM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> w

Re: [clamav-users] WannaCry Homeland Security yara script. False positives?

Yes. We strip attachments. However, are there samples that are not being caught by the ClamAV ruleset? -- Joel Esler | Talos: Manager | jes...@cisco.com On May 17, 2017, at 6:30 PM, Al Varnell > wrote: I'm pretty

Re: [clamav-users] Malware/ransomware and Yara signatures with clamav

: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf > Of Dennis Peterson > Sent: Tuesday, May 16, 2017 12:25 PM > To: ClamAV users ML > Subject: Re: [clamav-users] Malware/ransomware and Yara signatures with > clamav > > If not email what is the vector? >

Re: [clamav-users] New Main.cvd coming

I am sure I would get violent push back if I did that. -- Joel Esler | Talos: Manager | jes...@cisco.com On May 17, 2017, at 7:04 AM, Andreas Schulze > wrote: Am 17.05.2017 um 11:45 schrieb Mark Allan: I

Re: [clamav-users] New Main.cvd coming

I will talk to the team internally. I was going to to push the blog post out to the mirrors list and the users list, but I had people in and out of my office yesterday and didn’t get to it. -- Joel Esler | Talos: Manager | jes...@cisco.com On May 17, 2017, at 5:45

Re: [clamav-users] Malware/ransomware and Yara signatures with clamav

To be clear let me link to our blog post on the subject: http://blog.talosintelligence.com/2017/05/wannacry.html There has been No email vector seen in WannaCry to date. Almost everyone that has claimed this, has retracted it. Please read the above blog post for all the facts as we know them.

Re: [clamav-users] Question about ClamScan

It’s not that at all. They are working on ClamAV 99.3. I’ll call their attention to the devel list. -- Joel Esler | Talos: Manager | jes...@cisco.com On May 12, 2017, at 2:47 PM, Dennis Peterson > wrote: On

Re: [clamav-users] Automated Signature Production

Al, I believe this is caused by another issue that we are working to resolve, one of our sample indexes is undergoing maintenance. We use this particular index to look up hashes and sizes for sample conviction. This should be fixed soon. -- Joel Esler | Talos: Manager |

Re: [clamav-users] about signature matching process

ClamAV will match on multiple signature types. By default it will only alert on the first match, but you can configure this differently. -- Joel Esler | Talos: Manager | jes...@cisco.com On May 19, 2017, at 12:52 PM, Abdullah AL-Mutairy

Re: [clamav-users] Mail from Paypal wrongly identified as phishing by ClamAv

I assume G.W. means “using a URL that looks like something this”: src="https://102.112.2O7.net/b/ss/paypalglobal/1/G.4--NS/123456?pageName=system_email_PP1814” -- Joel Esler | Talos: Manager | jes...@cisco.com On May 18, 2017, at 1:15 PM, Reindl Harald

Re: [clamav-users] ClamAV® blog: ClamAV will be publishing a new Main.cvd on Wednesday, June 7th, 2017

We are still moving forward. But we are just waking up here in the US. -- Sent from my iPhone > On Jun 7, 2017, at 04:35, Andreas Schulze <andreas.schu...@datev.de> wrote: > >> Am 17.05.2017 um 16:56 schrieb Joel Esler (jesler): >> We are currently planning o

Re: [clamav-users] clamav-users Digest, Vol 150, Issue 19

I do agree that these features need to be decoupled. We’ve marked that as a feature we’d like to develop. -- Joel Esler | Talos: Manager | jes...@cisco.com On Jun 1, 2017, at 2:44 AM, Reindl Harald > wrote:

Re: [clamav-users] clamav-users Digest, Vol 150, Issue 19

So is it us that needs to adjust our software for something that PayPal is doing? Or should PayPal adjust what they are doing? -- Sent from my iPhone > On May 31, 2017, at 06:38, Al Varnell wrote: > > OK, I managed to clean it up enough and added a fake header so I could

Re: [clamav-users] Use on linux operating systems

Plus reports of those false positives would be fantastic. -- Sent from my iPhone > On Jun 13, 2017, at 06:53, Paul Moreno wrote: > > Thanks for the responses. As it stands now, the client get massive amounts > of false positives with seemingly no trigger. I’m working

Re: [clamav-users] Use on linux operating systems

Thanks Al, there's actually far more than that. Wonder how many signatures I have written that start with ELF or even APK. -- Sent from my iPhone > On Jun 13, 2017, at 06:10, Al Varnell wrote: > > Although ClamAV was originally introduced as mail scanner and does have

Re: [clamav-users] Use on linux operating systems

Cause you provide five examples? So we can see if it's one particular error? -- Sent from my iPhone > On Jun 13, 2017, at 07:02, Paul Moreno <p...@paulmoreno.net> wrote: > > There are so many it's proven difficult to recommend the use of ClamAV. > >> On 13 Jun 20

Re: [clamav-users] issues with mirror - 194.186.47.19

I got your post just fine. Maybe just that one recipient. -- Joel Esler | Talos: Manager | jes...@cisco.com On Jun 15, 2017, at 1:12 PM, Orrick, Diana > wrote: I don't know why my post failed fraud detection? I don't post

Re: [clamav-users] issues with mirror - 194.186.47.19

#1 Correct #2 Its in my backlog. But there are only so many hours in the day. -- Joel Esler | Talos: Manager | jes...@cisco.com On Jun 15, 2017, at 6:31 PM, Al Varnell > wrote: I am under the impression that the

Re: [clamav-users] No Signature updates for 30 hours?

Thanks all for this, it should be fixed now. -- Joel Esler | Talos: Manager | jes...@cisco.com On May 1, 2017, at 9:21 AM, Mark Allan > wrote: It looks like there's a problem with the DNS text record not updating

Re: [clamav-users] ClamAV UnOfficial Database

3rd party signatures distributed by us, are signed. -- Sent from my iPhone > On May 4, 2017, at 08:27, Benny Pedersen <m...@junc.eu> wrote: > > Joel Esler (jesler) skrev den 2017-05-04 14:19: >> We'd have to evaluate which feeds would be appropriate for the ClamAV >

Re: [clamav-users] ClamAV UnOfficial Database

We already distribute some third party feeds into the official database, we have a program for that which can be found on our website. We would love to incorporate Sanesecurity's feed, all they have to do is give us the okay to do it. -- Sent from my iPhone > On May 4, 2017, at 07:29,

Re: [clamav-users] LibClamAV Warning

I thought this was fixed. -- Sent from my iPhone > On May 6, 2017, at 14:01, Rudy Stebih wrote: > > I filed a bug report for this. Bug #11837 > > Cheers, > Rudy > > >> On Wed, May 3, 2017 at 1:25 PM, David Raynor wrote: >> >> Bump for

Re: [clamav-users] ClamAV UnOfficial Database

We'd have to evaluate which feeds would be appropriate for the ClamAV Db. The more coverage the better, with fewest false positives. -- Sent from my iPhone > On May 4, 2017, at 08:04, Benny Pedersen <m...@junc.eu> wrote: > > Joel Esler (jesler) skrev den 2017-05-04 13:52

Re: [clamav-users] ClamAV UnOfficial Database

We have some ideas here Benny, but nothing in the pipeline today. If we incorporated SaneSecurity’s sigs (we need permission to do so from Steve), then we could ingest them, and de-dupe any hash-based sigs that we have that other types of sigs alert on (we do this today for our own internal

[clamav-users] ClamAV® blog: ClamAV Customer Feedback Survey

ClamAV Customer Feedback Survey As we are ramping up the feature planning on the next version of ClamAV, and with the recent turmoil that we've overcome (for the most part) with the mirror system. We have a lot of fantastic ideas and goals ourselves on making ClamAV more reliable, easier to

Re: [clamav-users] OT: mailing list behaviours (Re: Part 2: Dynamic engine module for scanning media files (e.g., MP3, MP4, etc.)?)

On Sep 19, 2017, at 2:48 PM, Kris Deugau > wrote: Crystalslave wrote: Return-Path: harlequin...@gmail.com First off, my apologies for the confusion. This is my first time posting to a mailing list; I didn't really

Re: [clamav-users] OT: mailing list behaviours (Re: Part 2: Dynamic engine module for scanning media files (e.g., MP3, MP4, etc.)?)

port.google.com/mail/answer/22454?hl=en In short, I just think more could be done to make mailing list use a little more straightforward for those of us who have been spoiled by the click-and-post nature of forums. Just my two cents. :) On 9/19/17, Joel Esler (jesler) <jes...@cisco.com>

Re: [clamav-users] Unsubscribe not working

On Oct 5, 2017, at 7:38 AM, Matus UHLAR - fantomas > wrote: On 05.10.17 10:10, Bob Williams wrote: Apologies for generating noise. :-( I have visited the website several times and

Re: [clamav-users] Clamav log messge

On Oct 13, 2017, at 3:55 PM, Bhavin Patel > wrote: Hi I am seeing this in clamd.log WARNING: Control message truncated, no control data received, 9 bytes read(Is SELinux/AppArmor enabled, and blocking file descriptor passing?)

Re: [clamav-users] Signatures in md5sum not in sha256sum

We don’t have a slated date yet. We’ve had about 6000 downloads of the beta package and no reported bugs so far. So far, so good. -- Joel Esler | Talos: Manager | jes...@cisco.com On Sep 8, 2017, at 8:20 AM, Vijayakumar U

Re: [clamav-users] Mirror issues and what we are doing to fix it

On 8/30/17 6:15 AM, Gene Heskett wrote: On Wednesday 30 August 2017 08:48:42 Joel Esler (jesler) wrote: Gene, Thanks. I’ll give this to the ops team. I had a total failure at 18:00 EDT last night: = Tue Aug 29 18:02:04 2017 -> Received signal: wake up Tue Aug 29 18:02:04 2017 ->

Re: [clamav-users] Signatures in md5sum not in sha256sum

Reported them to bugzilla? Sent from my iPhone On Sep 11, 2017, at 5:35 AM, Mark Allan <markjal...@gmail.com<mailto:markjal...@gmail.com>> wrote: On 8 Sep 2017, at 5:32 pm, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: We don't have a sla

Re: [clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials

You want to submit some false positives to us via the website, followup here with the md5s of the files you submit, the malware team can take a look. -- Joel Esler | Talos: Manager | jes...@cisco.com On Sep 11, 2017, at 3:06 PM, Judd Grayzel

Re: [clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials

e that I submitted to the website:MD5 hash of file Standard Job1.xlsx: eb 28 c5 01 b2 14 91 5a 70 31 59 92 56 9e f6 10 From: Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> To: ClamAV users ML <clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>>

Re: [clamav-users] CVE-2017-11241 - Synology DIskStation AV Essentials

to:judd_gray...@yahoo.com>> wrote: Where do I get the MD5 for the file? Sent from my iPhone On Sep 11, 2017, at 1:42 PM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: You want to submit some false positives to us via the website, followup here with th

Re: [clamav-users] URL In Freshcalm

This site is permanently down. We are currently refactoring this. Sent from my iPhone On Sep 27, 2017, at 7:09 AM, Jerry > wrote: In the "freshclam.conf" file, there is a URL listed to collect "personal statistics". The URL is:

Re: [clamav-users] question about fale positives

Correct. Although we are currently working on a confirmation system for receipt of and resolution of, false positives. Sent from my iPhone On Sep 30, 2017, at 4:22 PM, Al Varnell > wrote: You won't receive a response unless you subscribe to the

Re: [clamav-users] Unable to download database

All — I sent a note earlier, but this should be fixed/recovering now. We are working on an idea that may prevent this kind of thing from happening in the future. Dennis — If you do a health check, and you find things that are… not matching up with our results… please let me know your failure

Re: [clamav-users] Freshclam failure - Still ongoing???

ailto:jes...@cisco.com> On Aug 25, 2017, at 2:04 PM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: I am discussing this with our team, about how to make this process not suck. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.c

Re: [clamav-users] Freshclam failure - Still ongoing???

On it Sent from my iPhone > On Aug 25, 2017, at 5:14 AM, Paul Dean wrote: > > Oh shoot ClamAV ppl, help please... > > -- > > > Thanks > > Paul Dean. > > "Life is not WHAT you make it, it's WHO you have in it..." > > > On Fri, 25 Aug 2017 10:47:23 +0200 > maxal

Re: [clamav-users] Freshclam failure - Still ongoing???

>> wrote: Am 25.08.2017 um 22:44 schrieb Joel Esler (jesler): We are working on ways to not only fix the on going mirror issues, but prevent them in the future, as well as bring back the Mirror page on ClamAV.net<http://ClamAV.net><http://ClamAV.net> at some point soon. Jo

[clamav-users] Mirror issues and what we are doing to fix it

ClamAV Community — For too long we’ve had a problem with mirrors and downloads. There are a bunch of really good excuses for this internally, but I can comfortably say that we are beyond the problems we had in the past, and now it’s time for us to go fix it. As of Friday, I assumed control

Re: [clamav-users] Mirror issues and what we are doing to fix it

| jes...@cisco.com<mailto:jes...@cisco.com> On Aug 28, 2017, at 9:33 AM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: ClamAV Community — For too long we’ve had a problem with mirrors and downloads. There are a bunch of really good excuses f

[clamav-users] CVD Download issues for August 23, 2017

http://blog.clamav.net/2017/08/cvd-download-issues-for-august-23-2017.html This morning, we became aware of an issue with our ClamAV mirror infrastructure that was causing some freshclam instances to fail when trying to download the current updates. This was a result of one of our mirror sync

Re: [clamav-users] Freshclam failure - Still ongoing???

On 8/25/17 4:00 AM, Joel Esler (jesler) wrote: On it Sent from my iPhone ___ clamav-users mailing list clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us buil

Re: [clamav-users] When and what version will next release be?

99.3 is out for beta. Should release September. Sent from my iPhone On Aug 31, 2017, at 6:13 PM, Scott Kitterman > wrote: Last I recall hearing about the schedule, Cisco said they planned to release in July. Not sure what the plan is now.

Re: [clamav-users] Mirror issues and what we are doing to fix it

Gene, Thanks. I’ll give this to the ops team. -- Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com> On Aug 28, 2017, at 2:07 PM, Gene Heskett <ghesk...@shentel.net<mailto:ghesk...@shentel.net>> wrote: On Monday 28 August 2017 13:48:32 Joel Es

Re: [clamav-users] DNS issue: there is a loop

Hans, We are aware of this issue, and I have opened a ticket with our operations team. -- Joel Esler | Talos: Manager | jes...@cisco.com On Aug 30, 2017, at 8:46 AM, MAYER Hans > wrote: Dear systems

Re: [clamav-users] When and what version will next release be?

We are currently planning the roadmap for 99.4 and 99.5. So if you have features for the engine itself we’d love to hear them! -- Joel Esler | Talos: Manager | jes...@cisco.com On Aug 31, 2017, at 3:00 PM, Al Varnell >

Re: [clamav-users] FP Ppt.Exploit.CVE_2017_0199-6336815-1

This signature was fixed this morning. Sent from my iPhone On Oct 5, 2017, at 5:03 PM, Al Varnell > wrote: Please don't include signatures that apply to all file types in your email to the list as the message gets marked as infected. I'm sure some

Re: [clamav-users] ClamAV - Open Source License

On Nov 29, 2017, at 1:21 PM, Peggy Anstett > wrote: Thanks Kevin! In the code itself there are about 10 different license files (Apache, BSD, etc) with no explanation as to whether they apply to certain parts of the library.

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 beta2 has been released!

te: Am 18.12.2017 um 18:06 schrieb Joel Esler (jesler): ClamAV 0.99.3 beta2 has been released! hello, I upgraded some lab servers from beta1 to beta2. Now I receive messages from cron containing the text "debug enabled" That happen on reloads where yara rules are active. I found the

Re: [clamav-users] ClamAV(R) blog: ClamAV 0.99.3 beta2 has been released!

Steve On Tue, Dec 19, 2017 at 10:59 AM, Joel Esler (jesler) <jes...@cisco.com<mailto:jes...@cisco.com>> wrote: Can you please open a ticket in bugzilla.clamav.net<http://bugzilla.clamav.net>http://bugzilla.clamav.net>>? -- Joel Esler | Talos: Manager | jes...@cis

[clamav-users] ClamAV® blog: ClamAV 0.99.3 beta2 has been released!

> ClamAV 0.99.3 beta2 has been released! > > http://blog.clamav.net/2017/12/clamav-0993-beta2-has-been-released.html > > Welcome to ClamAV 0.99.3's beta2 release. In this release, we have included > many code > submissions from the ClamAV community: > > • Interfaces to the Prelude SIEM

Re: [clamav-users] FreshClam - DNS issues since October 31st

Bill, We have taken some recent steps to resolve these issues. Please let us know if they persist. Sent from my iPhone On Nov 13, 2017, at 5:37 PM, Bill Maidment > wrote: I'm still getting a mixed bag of results on db.AU Sometimes it works and other

Re: [clamav-users] Virus Malvare not detected

Please submit malware samples to ClamAV.net Sent from my iPhone On Nov 14, 2017, at 6:36 AM, Emanuel > wrote: Hello, I received two docs files in a email with the Subject "Invoice". The attachment is a malware

Re: [clamav-users] Virus Malvare not detected

Doc.Dropper.Agent is automated. Sounds like someone submitted the file to Clamav.net or one my other automated systems that produces detection. -- Joel Esler | Talos: Manager | jes...@cisco.com On Nov 15, 2017, at 7:09 PM, Al Varnell

Re: [clamav-users] FreshClam Mirrors - daily.cld stuck at version: 24010, safebrowsing cdiff missing.

Andy, Thanks for writing in. I put out an email to the mirrors, but not to the user base, and that’s my fault. We are in the middle of replacing one of the servers that syncs the updates from the system we make them in, down to the mirrors (and the end users download from the mirrors), and

Re: [clamav-users] freshclam broken

We are in the middle of replacing one of the servers that syncs the updates from the system we make them in, down to the mirrors (and the end users download from the mirrors), and we’ve ran into a few speed bumps. We should have everything back up and running in the next hour or so, so please

Re: [clamav-users] fail updates

It would be helpful, if, starting now, deleting mirrors.dat and *then* telling us about failing mirrors…. Cause…. We’ve done many changes in the past month, it would be good to start from a clean slate. -- Joel Esler | Talos: Manager | jes...@cisco.com On Nov 6,

[clamav-users] Mirror Sync Outage for ClamAV updates

http://blog.clamav.net/2017/11/mirror-sync-outage-for-clamav-av-updates.html ClamAV Community -- ClamAV is currently experiencing an issue with one of our sync servers that provides updates from our infrastructure out to the ClamAV mirrors. Since end-users receive their updates from the ClamAV

Re: [clamav-users] Freshclam Fails

Looks like your machine can’t contact database.clamav.net Sent from my iPhone On Nov 9, 2017, at 11:24 PM, Krishnakumar Nair > wrote: Hi Guys, any idea on this, clamav running in aix box. WARNING: Can't get

Re: [clamav-users] FreshClam - DNS issues since October 31st

The team working on these issues is seeing these emails, so it’s good that you are writing in, if you are still experiencing issues. Sent from my iPad On Nov 8, 2017, at 9:05 AM, Simon Mousey Smith > wrote: Maybe not every day but

Re: [clamav-users] update mirror trouble?

This should be resolving itself as we speak. -- Joel Esler | Talos: Manager | jes...@cisco.com On Nov 6, 2017, at 4:47 AM, Simon Mousey Smith > wrote: Hi, Same here still having problems but slightly

Re: [clamav-users] freshclam broken

.net>> wrote: On Saturday 04 November 2017 13:31:59 Markus Egg wrote: Am 03/11/17 um 19:19 schrieb Joel Esler (jesler): We are in the middle of replacing one of the servers that syncs the updates from the system we make them in, down to the mirrors (and the end users download from the mirro

<    1   2   3   4   5   6   7   8   9   10   >