> > Let me ask you this: Do you know of any resource that gives enough detail
> > that Declude could check for such an exploit?
> >
>
>Can't say I've looked very hard, that's what I have you for.
>
>Don't take this as any sort of a complaint, just thinking out loud. Some of
>the others are catc
> Has anyone ever noticed that Frisk F-Prot failed the Virus Bulletin
rating?
>
> http://www.virusbtn.com/vb100/archives/tests.xml?200206
Is that announcement bulletins or definition updates?
Sheldon
Sheldon Koehler, Owner/Partnerhttp://www.tenforward.com
Ten Forward Communications
Thanks...I needed that to go with yesterday! Oh well...
Jim Rooth
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Jonathan
Sent: Wednesday, June 12, 2002 2:12 PM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] F-Prot Virus Bulletin Rating
Has anyone e
- Original Message -
From: "Jonathan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 12, 2002 3:12 PM
Subject: [Declude.Virus] F-Prot Virus Bulletin Rating
> Has anyone ever noticed that Frisk F-Prot failed the Virus Bulletin
rating?
>
> http://www.virusbtn.com/vb100/a
>Has anyone ever noticed that Frisk F-Prot failed the Virus Bulletin rating?
>
>http://www.virusbtn.com/vb100/archives/tests.xml?200206
That's quite common (Trend Micro, Panda, McAfee, Kaspersky, and Grisoft
failed, too). Typically AV companies brag when they get the 100% for any
given month.
Has anyone ever noticed that Frisk F-Prot failed the Virus Bulletin rating?
http://www.virusbtn.com/vb100/archives/tests.xml?200206
Jonathan
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
This E-mail came from the Declude.Virus mailing list. To
unsubscrib
Thanks,
I do have it working with inocucmd.exe, I jsut have to
work out updating the signature files. I was hoping ot use inocmd32.exe so that
they would update automatically.
Thanks
Don
- Original Message -
From:
Stan
Buck
To: [EMAIL PROTECTED]
Sent: Wednesday,
There was a thread about this last month.
The statement I got from CA support about
inocmd32.exe:
"The scan from the DOS mode will not able to
report the virus name, even thesummary will display about the infection and
will take necessary action, theonly way to find out is using scan f
Is anyone running declude and InoculteIT 6.0 and able to receive the virus
name in the message. I am close but wasn't sure if anyone has had any luck
getting this to work. If so could you please send your command line
I am trying to use inocmd32.exe to do the scanning.
Thanks
Don Hickey
--
At 12:24 PM 6/12/2002, Thomas E. Hall wrote:
I was wondering does F-Prot have
daily downloadable virus updates? If not
what virus software do you recommend if you want to schedule jobs to run
to
make sure that we have the latest updates. Or should we use 2
virus
checkers.
I don't remember who or
Original Message -
From: "Thomas E. Hall" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 12, 2002 1:11 PM
Subject: RE: [Declude.Virus] W32/Frethem-Fam
> We are using scripts to update F-Prot. Does the windows F-Prot update run
> as a service or do you have to leave t
> Does the windows updater work for you? I should say reliably? I have
> found it does don't seem to work at all. I do use the scripts for the
> server and that works. F-Prot 3.12a
I have had no problems with the Windows updater at all. We purchased the
site license and I have found it to be mor
- Original Message -
From: "R. Scott Perry" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 12, 2002 11:39 AM
Subject: Re: [Declude.Virus] W32/Frethem-Fam
>
> >It seems to also use the MIME header exploit. This is such a
> >common virus element, maybe Declude should hav
We are using scripts to update F-Prot. Does the windows F-Prot update run
as a service or do you have to leave the server logged in for it to run?
-Thomas
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Paul Ingram
Sent: Wednesday, June 12, 2002 12:11 P
Sheldon,
Does the windows updater work for you? I should say reliably? I have
found it does don't seem to work at all. I do use the scripts for the
server and that works. F-Prot 3.12a
~Paul~
> If you are using the DOS version, there are scripts available to check
and
> download automatically.
> I was wondering does F-Prot have daily downloadable virus updates? If not
> what virus software do you recommend if you want to schedule jobs to run
to
> make sure that we have the latest updates. Or should we use 2 virus
> checkers.
If you are using the DOS version, there are scripts availab
I was wondering does F-Prot have daily downloadable virus updates? If not
what virus software do you recommend if you want to schedule jobs to run to
make sure that we have the latest updates. Or should we use 2 virus
checkers.
Thank you,
Thomas Hall, Internet Coordinator
Madison County Gover
>It seems to also use the MIME header exploit. This is such a common virus
>virus element, maybe Declude should have an option to handle it.
Let me ask you this: Do you know of any resource that gives enough detail
that Declude could check for such an exploit?
We have samples of viruses that
- Original Message -
From: "R. Scott Perry" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 12, 2002 10:22 AM
Subject: Re: [Declude.Virus] W32/Frethem-Fam
> Very interesting, since McAfee never sent out an alert about it. However,
> McAfee seems to use their E-mail vir
Once again my hat is off to you Scott. I had a major problem when I got
home last night from a day on the road. Panic was the order of the day.
After trying for three hours and talking with a couple of members from
this list, I decided to go to the manual you have on the web. All the
answers we
Thanks all
-Original Message-
From: Dustin Freeman [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 10:25 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [Declude.Virus] BANEXT notify
Can I downoload the BANnotify.eml template from somewhere?
-Original Message-
From: Don Hicke
>Can I downoload the BANnotify.eml template from somewhere?
Yes, you can download it from
http://www.declude.com/release/154/bannotify.eml . Further details on
banning file extensions can be found at
http://www.declude.com/virus/manual.htm in the "Banning files based on
extension" section.
Here is the text of the notice I use:
From: postmaster@%LOCALHOST%
To: %MAILFROM%,%ALLRECIPS%,postmaster@%LOCALHOST%
Subject: Delivery of e-mail with an attachment has failed!
Delivery Failed: %ALLRECIPS%
The mail server for %LOCALHOST% does not accept E-mail with attachments
that contain the %
> Can I downoload the BANnotify.eml template from somewhere?
I just wrote the following:
From: postmaster@%LOCALHOST%
To: %MAILFROM%,[EMAIL PROTECTED]
Subject: WARNING: File attachment banned
It appears you sent a file attachment that had either exe, pif or scr as an
extension. For security rea
Can I downoload the BANnotify.eml template from somewhere?
-Original Message-
From: Don Hickey [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 10:18 AM
To: [EMAIL PROTECTED]
Subject: [Declude.Virus] BANEXT notify
I have the BANEXT and the notify working fine. My question is th
>I have the BANEXT and the notify working fine. My question is there a way to
>send the notify email to the postmaster (me) also to let me know that
>someone tried to send a banned extension?
You can have:
To: %MAILFROM%,[EMAIL PROTECTED]
in the \IMail\Declude\BANnotify.eml file, whic
>It got by F-Prot 3.12a/Declude 1.53 and when I did a Google search on the
>name, McAffee was the only response and it was dated the 7th. I find this
>interesting!
Very interesting, since McAfee never sent out an alert about it. However,
McAfee seems to use their E-mail virus alert system most
I was notified today by Computer Associates eNews same info as already
posted.
http://support.ca.com/techbases/ilnt/virusalert2.html
Dustin
-Original Message-
From: R. Scott Perry [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, June 12, 2002 8:52 AM
To: [EMAIL PROTECTED]
Subject: [Declude.V
I have the BANEXT and the notify working fine. My question is there a way to
send the notify email to the postmaster (me) also to let me know that
someone tried to send a banned extension?
Thanks
Don Hickey
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
Thi
> One more reason to have a banned extension policy in place.
I do now! I had avoided it as there are legitimate reasons to send certain
files. But the good of the many...
It got by F-Prot 3.12a/Declude 1.53 and when I did a Google search on the
name, McAffee was the only response and it was dat
>FYI, there is a new virus out, that Sophos has alerted us to
I received the same Sophos alert this morning. I just ran Spam Review and
selected the Virus option and what do you know, one of these was there
waiting for me--it was actually sent to my e-mail address. But thanks to
Declude's BANEXT
One more reason to have a banned extension policy in place.
Thanks for the heads up Scott.
John Tolmachoff
IT Manager, Network Engineer
RelianceSoft, Inc.
Fullerton, CA 92835
www.reliancesoft.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of R. Scot
FYI, there is a new virus out, that Sophos has alerted us to, called
W32/Fretham-Fam (no other AV companies that was get alerts from, including
McAfee, have sent out alerts yet). This may be become widespread because
of the "social engineering" aspect of it -- it pretends to have a Special
Pa
That was the only thing I did check...I never dreamed it would change
the name of the mail server. As of right now I have over 5000 post
about Declude catching a virus. I have stopped smtp and deleted the
postmaster account in hopes of getting rid of the excess post. Also I
have stopped notific
Also make sure that it didn't change your mail relay settings.
Craig.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Jim Rooth
Sent: Tuesday, June 11, 2002 9:32 PM
To: [EMAIL PROTECTED]
Subject: RE: Re[2]: KITHRUP:RE: [Declude.Virus] Declude Virus v1.54
35 matches
Mail list logo