date:20031216

Re: [Clamav-users] virus FOUND stats

2003-12-16 Thread Fisher

I use mrtg to record the traffic of the viruses and spam. Have not 
tested yet but looks working.

Internet Helpdesk wrote:

Does someone already have a script that tallies up the viri found according
to the clamd log file & prints the number found during a time period & also
reports the top 5 or top 10 for that time period?
I'll come up with one myself, if needed of course, but no sense in
re-inventing the wheel, right?
-Troy



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
 





---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] Clamd with Clamuko - Segmentation fault

2003-12-16 Thread Anders Herbjørnsen

Reply to the message of Monday December 15, 2003 21:57 +0100
-
On Mon, 15 Dec 2003 21:57:00 +0100
Tomasz Kojm <[EMAIL PROTECTED]> wrote:

>>From the clamd debug output:

>Do you have some logs for this crash ?

Sorry, it went to the /tmp directory and was lost in a reboot...

Anders


---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] clamav-milter - runaway process problem

2003-12-16 Thread Mike Brodbelt

Michael Dankov wrote:
> Hi!
> 
> Look, two minutes before SelfCheck there is milter thread 8880 started, and
> I do not see when it finishes. Is something wrong with it?

I have no log entry of that one ever finishing.

> At the moment I have no ideas what is going wrong in your case, following is
> my clamav.conf, try to change your to be as close to it as possible, and
> recheck if you had installed libclamav after last rebuild.
> 
> === clamav.conf ===
> LogFile /tmp/clamd.log
> LogFileMaxSize 2M
> LogTime
> LogSyslog
> PidFile /var/run/clamd.pid
> LocalSocket /var/run/clamav/clamd
> FixStaleSocket
> StreamSaveToDisk
> ThreadTimeout 7200
> MaxDirectoryRecursion 15
> User clamav
> ScanMail
> === clamav.conf ===


This is my clamav.conf:-


LocalSocket /var/run/clamd.ctl
ScanMail
ScanArchive
StreamSaveToDisk
StreamMaxLength 35M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
ArchiveMaxFileSize 15M
ThreadTimeout 180
MaxThreads 5
MaxConnectionQueueLength 15
LogSyslog
PidFile /var/run/clamd.pid
DataDirectory /var/lib/clamav/
SelfCheck 3600
===

I'll play with your options and see if they make any difference.

>   It may be helpful if you try to run clamdscan on a file when milter
> begin to block and look if clamdscan hangs too. Don't forget that clamdscan
> can check only files accessible by user running clamd, not clamdscan.

That appears to work - it fell over again this morning, and clamdscan
was still seemingly OK.

> MB>It then accumulated processes until I notice, and kill and restart it.
> 
> Do you need to restart both clamav-milter and clamdscan, or only one of
> them?

I restart both clamd and clamav-milter.

> MB>Something appears to have improved recently, beacuse with the 09122003
> MB>CVS, although I still get the huge max-children numbers in the logs, I
> MB>don't actually seem to have hundreds of processes any more.
> 
> I had switched that limit off for clamav-milter because at some point with
> 0.60 it seemed it was not working properly.

Yes - I think it is working better now, though still not 100%

> MB>So, I think that the self-check is actually where it starts to go wrong,
> MB>and that clamd falls over somehow, which causes the milter to block and
> MB>time-out, and also means that it doesn't always exit cleanly (leading to
> MB>the not NULL errors).
> 
>   At the moment I do not see any way for self-check to break things...
> 
>   May be, switching to process based scanning would help? Try UseProcesses
> option in clamav.conf.

Will have a play, and let you know.

Mike.

P.S. This is a dual processor box - any remote possibility of that
leading to a  race condition somewhere? I'd have thought not, but
figured mentioning it can't do any harm.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

[Clamav-users] Qmail-toaster and Clamav

2003-12-16 Thread RL...

Hi all,
I´m new here and i hope to can help you too.

How can i use the clamav with qmail-toaster???

I am using redhat 9 with qmail-toaster (vpopmail, mysql - for user
database - spamassassin, horde-toaster - webmail -)

The clam is installed on my box and clamscan is working fine!
But the messages sent with attachment (those attachments that came with clam
under /test) steel going to end user. It is not blocked.

My clamd need to be started as a service?

When I change the file /var/spool/qmailscan/quarantine-attachments.txt and
add *.zip as a not allowed attachment the message is blocked and the message
administrative is sent.

And about the anti-virus...
How to certify that this service is working fine???


Thanks.


RL...




---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] virus FOUND stats

2003-12-16 Thread Sancho2k.net Lists

Fisher wrote:

I use mrtg to record the traffic of the viruses and spam. Have not 
tested yet but looks working.
Do you have scripts you could share?

For that matter, does anybody?

DS

Internet Helpdesk wrote:

Does someone already have a script that tallies up the viri found 
according
to the clamd log file & prints the number found during a time period & 
also
reports the top 5 or top 10 for that time period?

I'll come up with one myself, if needed of course, but no sense in
re-inventing the wheel, right?
-Troy



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users
 





---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users


---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] virus FOUND stats

2003-12-16 Thread Daniel J McDonald

On Tue, 2003-12-16 at 07:25, Sancho2k.net Lists wrote:
> Fisher wrote:
> 
> > I use mrtg to record the traffic of the viruses and spam. Have not 
> > tested yet but looks working.
> 
> Do you have scripts you could share?
> 
> For that matter, does anybody?
I use the following  cron job to keep track of viruses caught by Clamav
using amavis-new:
0 12 * * 1-5 grep -o -P 'INFECTED.+?\)' /var/log/mail/info | sort | uniq
-c | /bin/mail -s "`uname -n` weekly virus counts" 

I have not yet written anything to pull those stats into mrtg.

What I'd really like would be the stats that I get from pflogsum tossed
into mrtg.  If anyone has a relatively fast way of doing those sorts of
stats, please let me know.
> 
> DS
> 
> > 
> > Internet Helpdesk wrote:
> > 
> >> Does someone already have a script that tallies up the viri found 
> >> according
> >> to the clamd log file & prints the number found during a time period & 
> >> also
> >> reports the top 5 or top 10 for that time period?
> >>
> >> I'll come up with one myself, if needed of course, but no sense in
> >> re-inventing the wheel, right?
> >>
> >> -Troy
> >>
> >>
> >>
> >> ---
> >> This SF.net email is sponsored by: IBM Linux Tutorials.
> >> Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
> >> Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
> >> Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
> >> ___
> >> Clamav-users mailing list
> >> [EMAIL PROTECTED]
> >> https://lists.sourceforge.net/lists/listinfo/clamav-users
> >>  
> >>
> > 
> > 
> > 
> > 
> > ---
> > This SF.net email is sponsored by: IBM Linux Tutorials.
> > Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
> > Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
> > Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
> > ___
> > Clamav-users mailing list
> > [EMAIL PROTECTED]
> > https://lists.sourceforge.net/lists/listinfo/clamav-users
> 
> 
> ---
> This SF.net email is sponsored by: IBM Linux Tutorials.
> Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
> Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
> Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
> ___
> Clamav-users mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/clamav-users
-- 
Daniel J McDonald <[EMAIL PROTECTED]>
Austin Energy



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] virus FOUND stats

2003-12-16 Thread Fisher


I use mrtg to record the traffic of the viruses and spam. Have not 
tested yet but looks working.


Do you have scripts you could share? 
see http://fisher.hu/vcount/ for the script & config. Please update me 
if someone has a better solution.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] virus FOUND stats

2003-12-16 Thread Tomasz Kojm

Begin forwarded message:

Date: Wed, 10 Dec 2003 13:40:15 +0100
From: Søren Schimkat <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: [Clamav-users] Clamav and logwatch


Hi guys

Now the clamav logwatch scripts also displays log from the clamd daemon,

and not just clamav-milter log.

If you want a copy, you may download the clamav-logwatch scripts from
here:

http://www.schimkat.dk/clamav/


Regards Søren





Sample logwatch output:

- Clamav Begin 

Viruses detected:
W95/Hybris.PI.003 - 1 Time(s)
Worm.BugBear.B - 1 Time(s)
Worm.Ganda-A - 1 Time(s)
Worm.Gibe.F - 2 Time(s)
Worm.Gibe.F.UPX.2 - 1 Time(s)
Worm/Klez.H - 1 Time(s)

Daemon check list:
Database modification detected. Forcing reload.  - 2 Time(s)
Database status OK.  - 24 Time(s)

Virus database reloads:
Now protecting against 10795 viruses - 2 Time(s)

  -- Clamav End -


  - Clamav-milter Begin 

Clean messages: 371 Message(s)

Infected messages: 20 Message(s)

Virus list:
W95/Hybris.PI.003 - 3 Time(s)
Worm.BugBear.B - 3 Time(s)
Worm.Ganda-A - 3 Time(s)
Worm.Gibe.F - 4 Time(s)
Worm.Gibe.F.UPX.2 - 3 Time(s)
Worm/Klez.H - 3 Time(s)

  -- Clamav-milter End -



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for
IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys
admin.
Click now! http://ads.osdn.com/?ad_id78&alloc_id371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users


Best regards,
Tomasz Kojm
-- 
  oo.   [EMAIL PROTECTED] www.ClamAV.net
 (\/)\. http://www.clamav.net/gpg/tkojm.gpg
\..._   0DCA5A08407D5288279DB43454822DC8985A444B
  //\   /\  Tue Dec 16 16:13:38 CET 2003


pgp0.pgp
Description: PGP signature

[Clamav-users] Re: [Clamav-virusdb] Update (daily: 56)

2003-12-16 Thread Tomasz Kojm

On Tue, 16 Dec 2003 10:41:33 +
Tony Gale <[EMAIL PROTECTED]> wrote:

> > Added: Riot.Moonlite.380
> > Added: Riot.Overdoze.596
> > 
> 
> This update appears to have been lost somewhere.

Thank you. I forgot to include the signatures from the submission 271
and will fix it in my next update (this case is not critical).

BTW: Please ask clamav-virusdb@ related questions on [EMAIL PROTECTED]

Best regards,
Tomasz Kojm
-- 
  oo.   [EMAIL PROTECTED] www.ClamAV.net
 (\/)\. http://www.clamav.net/gpg/tkojm.gpg
\..._   0DCA5A08407D5288279DB43454822DC8985A444B
  //\   /\  Tue Dec 16 15:00:15 CET 2003




pgp0.pgp
Description: PGP signature

Re: [Clamav-users] clamav-milter - runaway process problem

2003-12-16 Thread Michael Dankov

hi!

On Tue, 16 Dec 2003, Mike Brodbelt wrote:

MB>> Do you need to restart both clamav-milter and clamdscan, or only one of
MB>> them?
MB>
MB>I restart both clamd and clamav-milter.

  Is restarting clamav-milter only makes no sense?

MB>P.S. This is a dual processor box - any remote possibility of that
MB>leading to a  race condition somewhere? I'd have thought not, but
MB>figured mentioning it can't do any harm.

 I believe there is noting on clamav what could depend on number of CPUs.
But looking for some news in kernel mailing lists or simply upgrading kernel
to latest stable release can help. The same, by the way, can be said of
thread library. I understand clamav is not so bug free as kernel and libc
are, but who knows...  Today I had to ask one of our customers to
disable his Norton Antivirus on Windoze because it prevented my program from
creating a new file on a floppy. Creating, not writing to it I mean. Yes, a
file with lengthy filename, but why it cares?  Mysterious things
sometimes happen in this world.

misha.



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

[Clamav-users] Re: virus FOUND stats

2003-12-16 Thread Tomoyuki Sakurai

On Tue, 16 Dec 2003 16:12:37 +0100
Fisher <[EMAIL PROTECTED]> wrote:

| > Do you have scripts you could share? 
| 
| see http://fisher.hu/vcount/ for the script & config. Please update me 
| if someone has a better solution.

If you're postfix and amavisd-new user, mailgraph would be your friend.
It works quite nicely for me.

http://people.ee.ethz.ch/~dws/software/mailgraph/

-- 
Tomoyuki Sakurai - Tomi -



---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] virus FOUND stats

2003-12-16 Thread Sancho2k.net Lists

Fisher wrote:


I use mrtg to record the traffic of the viruses and spam. Have not 
tested yet but looks working.


Do you have scripts you could share? 


see http://fisher.hu/vcount/ for the script & config. Please update me 
if someone has a better solution.
Sorry, which software configuration does this work for? (MTA, scanner, 
etc..?)

TIA

DS

---
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] virus FOUND stats

Re: [Clamav-users] Clamd with Clamuko - Segmentation fault

Re: [Clamav-users] clamav-milter - runaway process problem

[Clamav-users] Qmail-toaster and Clamav

Re: [Clamav-users] virus FOUND stats

Re: [Clamav-users] virus FOUND stats

Re: [Clamav-users] virus FOUND stats

Re: [Clamav-users] virus FOUND stats

[Clamav-users] Re: [Clamav-virusdb] Update (daily: 56)

Re: [Clamav-users] clamav-milter - runaway process problem

[Clamav-users] Re: virus FOUND stats

Re: [Clamav-users] virus FOUND stats

12 matches

Site Navigation

Mail list logo

Footer information