That's exactly what I wanted to know, and a rapid reply at that. Thanks so much.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, August 28, 2008 5:00 AM To: clamav-users@lists.clamav.net Subject: clamav-users Digest, Vol 47, Issue 24 Send clamav-users mailing list submissions to clamav-users@lists.clamav.net To subscribe or unsubscribe via the World Wide Web, visit http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of clamav-users digest..." Today's Topics: 1. State of Clamuko support (Bastian Friedrich) 2. Malware Scanning and blocking (Sain, David J.) 3. Re: Malware Scanning and blocking (Brandon Perry) 4. Re: Malware Scanning and blocking (Sarocet) 5. maliciout javascript in WWW pages (Matus UHLAR - fantomas) ---------------------------------------------------------------------- Message: 1 Date: Wed, 27 Aug 2008 16:16:57 +0200 From: Bastian Friedrich <[EMAIL PROTECTED]> Subject: [Clamav-users] State of Clamuko support To: clamav-users@lists.clamav.net Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" Hi, sorry for cross-posting. I was unsure which list to address. I have just tried to get ClamAV 0.94rc1 running and noticed that clamuko currently is not available. I have not tried to re-enable the code in clamd (which is more or less commented out), but suppose there is some reason for the "do { ... } while (0);" :) Will the final release of ClamAV 0.94 include dazuko support? Is there any commitment as of which kinds and versions of dazuko will be supported? Dazuko development has changed recently quite a lot, as the conventional dazuko will probably sooner or later be substitued by the more modern "dazukofs" approach (although there seem to be quite active discussions currently). Thx & best regards Bastian -- Bastian Friedrich [EMAIL PROTECTED] Address & Fon available on my HP http://www.bastian-friedrich.de/ \~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\ \ "The heart has its reasons which reason knows nothing of." \ Blaise Pascal -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. Url : http://lists.clamav.net/pipermail/clamav-users/attachments/20080827/5fe1 e4f7/attachment.pgp ------------------------------ Message: 2 Date: Wed, 27 Aug 2008 11:41:44 -0500 From: "Sain, David J." <[EMAIL PROTECTED]> Subject: [Clamav-users] Malware Scanning and blocking To: <clamav-users@lists.clamav.net> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="US-ASCII" I want to setup a linux box with smoothwall, ipcop or some other opensource internet security application (preferably linux based) at home, but don't know how ClamAV might handle things like Antivirus 2008 that make fraudulent claims and are considered malware. I searched archives, but don't come up with hits on [ malware "antivirus 2008" ] which is a specific thing we deal with at work on a regular basis (I'm a consultant. One firm we have a Sonicwall tz190 which blocks malware and virus' quite well, but sometimes at the expense of other things, like lunix updates) http://officialantiviruslab.com/?gclid=COu1jrK5rpUCFQ0MIgodJHujbw http://onlineantivirus2009.com/?gclid=COCnhYG5rpUCFRKAxgodpF7KbA Any thoughts? Thank you, David ------------------------------ Message: 3 Date: Wed, 27 Aug 2008 12:02:11 -0500 From: "Brandon Perry" <[EMAIL PROTECTED]> Subject: Re: [Clamav-users] Malware Scanning and blocking To: "ClamAV users ML" <clamav-users@lists.clamav.net> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1 Best way to find out is to just scan it. But, just a forewarning, ClamAV is for viruses, not spyware (while there are some spyware defs). If you want, you can grab an MD5 of the installer and make your own definitions. On Wed, Aug 27, 2008 at 11:41 AM, Sain, David J. <[EMAIL PROTECTED]>wrote: > I want to setup a linux box with smoothwall, ipcop or some other > opensource internet security application (preferably linux based) at > home, but don't know how ClamAV might handle things like Antivirus 2008 > that make fraudulent claims and are considered malware. > > > > I searched archives, but don't come up with hits on [ malware "antivirus > 2008" ] which is a specific thing we deal with at work on a regular > basis (I'm a consultant. One firm we have a Sonicwall tz190 which > blocks malware and virus' quite well, but sometimes at the expense of > other things, like lunix updates) > > > > http://officialantiviruslab.com/?gclid=COu1jrK5rpUCFQ0MIgodJHujbw > > http://onlineantivirus2009.com/?gclid=COCnhYG5rpUCFRKAxgodpF7KbA > > > > Any thoughts? > > > > Thank you, > > David > > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml > -- http://www.volatileminds.net ------------------------------ Message: 4 Date: Wed, 27 Aug 2008 19:47:12 +0200 From: Sarocet <[EMAIL PROTECTED]> Subject: Re: [Clamav-users] Malware Scanning and blocking To: ClamAV users ML <clamav-users@lists.clamav.net> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Sain, David J. wrote: > I want to setup a linux box with smoothwall, ipcop or some other > opensource internet security application (preferably linux based) at > home, but don't know how ClamAV might handle things like Antivirus 2008 > that make fraudulent claims and are considered malware. > > I searched archives, but don't come up with hits on [ malware "antivirus > 2008" ] which is a specific thing we deal with at work on a regular > basis (I'm a consultant. One firm we have a Sonicwall tz190 which > blocks malware and virus' quite well, but sometimes at the expense of > other things, like lunix updates) > > http://officialantiviruslab.com/?gclid=COu1jrK5rpUCFQ0MIgodJHujbw > http://onlineantivirus2009.com/?gclid=COCnhYG5rpUCFRKAxgodpF7KbA > > > Any thoughts? > > > Thank you, > > David > See the 'Sanesecurity: new database' recent thread http://lurker.clamav.net/thread/20080818.151714.69360cff.en.html It annunces the addition of http://sanesecurity.co.uk/clamav/rogue.htm signatures for "known Rogue Anti-Virus software and also contains known Fake Videos/Codecs." Given the reference about fake news, I think 'antivirus 2008' will be listed there. ------------------------------ Message: 5 Date: Thu, 28 Aug 2008 11:38:51 +0200 From: Matus UHLAR - fantomas <[EMAIL PROTECTED]> Subject: [Clamav-users] maliciout javascript in WWW pages To: clamav-users@lists.clamav.net Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii Hello, Some our customers are ocasionally having problems with their (or other) webpages containing malicious javascript (containing or downloading trojans etc). We are currently scanning files uploaded via FTP by clamav (using mod_clamav for ProFTPD). We are also planning to integrate virus scanner to out proxy server (squid) so the malware would not get to our clients even from other websites. However, clamav currently does NOT detecty such malicious code. Therefore I would like to ask if I should just submit such code or is there anything other that must be done to be able to detect malicious javascript? Also, is there a possibility for (optional) curing such files? (The malicious code was a few times only appended by the malware, so its removing should not make any harm, especially on proxy) I can provide some examples if you need... -- Matus UHLAR - fantomas, [EMAIL PROTECTED] ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. My mind is like a steel trap - rusty and illegal in 37 states. ------------------------------ _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users End of clamav-users Digest, Vol 47, Issue 24 ******************************************** Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. Meckler Bulger Tilson Marick & Pearson LLP _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
