[Clamav-users] Suse RPM for ClamAV 10.2
I see that both the official Suse 10.2 update repository (eg. http://ftp5.gwdg.de/pub/suse/update/10.0/rpm/i586/) and the Suse RPM download directory ftp://ftp.suse.com/pub/projects/clamav recommended on the the ClamAV Linux packages page (http://www.clamav.org/download/packages/packages-linux) still don't have a 0.92 package. Are there any plans for providing one? Thanks -- Tilman Schmidt Abteilungsleiter Technik Phoenix Software GmbH Tel. +49 228 97199 0 Geschäftsführer: W. Grießl Fax +49 228 97199 99 Adolf-Hombitzer-Str. 12 www.phoenixsoftware.de 53227 Bonn, GermanyAmtsgericht Bonn HRB 2934 signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] SelfCheck of clamd does not work!
Hi, On Sat, Jan 12, 2008 at 07:26:45PM +, G.W. Haywood wrote: > On Sat, 12 Jan 2008 Matthias Hank wrote: > > > Why is my clamd not checking his Database every 300 secs, although he is > > configured to do so and tells me in his logfile, that he will do it? > > Look at the output of > > clamconf -n > > to see if it's looking at the right database directory? Yes it is configured correctly. DatabaseDirectory = "/var/lib/clamav" On startup, the logfile says: *** Mon Jan 14 10:59:09 2008 -> Reading databases from /var/lib/clamav Mon Jan 14 10:59:11 2008 -> Loaded 219958 signatures. Mon Jan 14 10:59:11 2008 -> Unix socket file /var/run/clamav/clamd.ctl ... Mon Jan 14 10:59:11 2008 -> Self checking every 300 seconds. *** But then: Nothing, no SelfCheck logged :-( until scamp.sh notifies clamd of a successful Patterndownload, then clamd reloads its Database: *** Mon Jan 14 11:30:11 2008 -> No stats for Database check - forcing reload Mon Jan 14 11:30:12 2008 -> Reading databases from /var/lib/clamav Mon Jan 14 11:30:14 2008 -> Database correctly reloaded (219961 signatures) *** No other entries in clamav.log since 10:59:11 ... Menawhile i added "NotifyClamd" to freshclam.conf, so freshclam will hopefully notify clamd too, but there is no logged SelfCheck of clamd itself. If the database Path would be wrong, clamd would have told me so in his logfile. Any other ideas? BTW: On one of my other servers, SelfCheck does strange things too. Even if it is configured to do Selfcheck each 300 secs, it does what it wants: Mon Jan 14 10:08:45 2008 -> SelfCheck: Database status OK. Mon Jan 14 10:15:20 2008 -> SelfCheck: Database status OK. Mon Jan 14 10:23:16 2008 -> SelfCheck: Database status OK. Mon Jan 14 10:32:27 2008 -> SelfCheck: Database status OK. Mon Jan 14 10:50:36 2008 -> SelfCheck: Database status OK. Mon Jan 14 11:00:22 2008 -> SelfCheck: Database status OK. Mon Jan 14 11:11:00 2008 -> SelfCheck: Database status OK. Mon Jan 14 11:18:08 2008 -> SelfCheck: Database status OK. Mon Jan 14 11:29:53 2008 -> SelfCheck: Database status OK. Mon Jan 14 11:37:01 2008 -> SelfCheck: Database status OK. This is on debian/4.0 On a FreeBSD Machine, it checks exactly each 300 secs: Jan 14 11:02:21 scan1 clamd[557]: SelfCheck: Database status OK. Jan 14 11:07:22 scan1 clamd[557]: SelfCheck: Database status OK. Jan 14 11:12:23 scan1 clamd[557]: SelfCheck: Database status OK. Jan 14 11:17:24 scan1 clamd[557]: SelfCheck: Database status OK. Jan 14 11:22:25 scan1 clamd[557]: SelfCheck: Database status OK. Jan 14 11:27:26 scan1 clamd[557]: SelfCheck: Database status OK. Jan 14 11:32:27 scan1 clamd[557]: SelfCheck: Database status OK. Greetings, Matthias ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] SelfCheck of clamd does not work!
On Mon, 2008-01-14 at 11:48 +0100, Matthias Hank wrote: > Hi, > > On Sat, Jan 12, 2008 at 07:26:45PM +, G.W. Haywood wrote: > > On Sat, 12 Jan 2008 Matthias Hank wrote: > > > > > Why is my clamd not checking his Database every 300 secs, although he is > > > configured to do so and tells me in his logfile, that he will do it? > > > > Look at the output of > > > > clamconf -n > > > > to see if it's looking at the right database directory? > > Yes it is configured correctly. > Clamd will only check if it needs to do a reload when you ask it to scan something. If you don't give it any work to do, it will not bother checking if it needs to reload the database. -trog signature.asc Description: This is a digitally signed message part ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] SelfCheck of clamd does not work!
Matthias Hank wrote: > No other entries in clamav.log since 10:59:11 ... > > > > BTW: On one of my other servers, SelfCheck does strange things too. > Even if it is configured to do Selfcheck each 300 secs, it does what it wants: > > Mon Jan 14 10:08:45 2008 -> SelfCheck: Database status OK. > Mon Jan 14 10:15:20 2008 -> SelfCheck: Database status OK. > > This is on debian/4.0 > > On a FreeBSD Machine, it checks exactly each 300 secs: > > Jan 14 11:02:21 scan1 clamd[557]: SelfCheck: Database status OK. > Jan 14 11:07:22 scan1 clamd[557]: SelfCheck: Database status OK. > Is this FreeBSD by any chance a busy mailserver? I seem to recall that SelfCheck is queued, and only performed when a scan request comes in. Regards, Fajar ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Suse RPM for ClamAV 10.2
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello Tilman, you search for OpenSuSE 10.2 rpm, but your link is for SuSE 10.0 Packages: Well, modifying the 10.0 to 10.2 you would finde clamav packages: http://ftp5.gwdg.de/pub/suse/update/10.2/rpm/i586/clamav-0.92-0.1.i586.rpm http://ftp5.gwdg.de/pub/suse/update/10.2/rpm/i586/clamav-db-0.92-0.1.i586.rpm Regards Jörg Am Montag 14 Januar 2008 schrieb Tilman Schmidt>: > I see that both the official Suse 10.2 update repository > (eg. http://ftp5.gwdg.de/pub/suse/update/10.0/rpm/i586/) and the Suse > RPM download directory ftp://ftp.suse.com/pub/projects/clamav > recommended on the the ClamAV Linux packages page > (http://www.clamav.org/download/packages/packages-linux) still don't > have a 0.92 package. Are there any plans for providing one? > > Thanks -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHi0F+sVka5Mu0KoQRAqtRAKCgOkKrjkPGTHMPMiOqpDjH34opHACeKNDy hvf/Loq61bszjhiwAcL8DSc= =jCHC -END PGP SIGNATURE- ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] SelfCheck of clamd does not work!
Hi Trog an Fajar, On Mon, Jan 14, 2008 at 11:08:35AM +, Trog wrote: > Clamd will only check if it needs to do a reload when you ask it to scan > something. If you don't give it any work to do, it will not bother > checking if it needs to reload the database. This ist probably the answer, because the Server is not yet productive. The other, FreeBSD Server is in fact a busy Mailserver ;) So: Thanks for your answers, it seems you solved my (not really existing) problem ;) Greeting, Matthias signature.asc Description: Digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Suse 10.0 RPM for ClamAV 0.92 (!)
Jörg Wedekind schrieb: you search for OpenSuSE 10.2 rpm, but your link is for SuSE 10.0 Packages: Sorry for the confusion. I really meant Suse 10.0 but got mixed up with a different problem while composing the mail. I have corrected the subject. Well, modifying the 10.0 to 10.2 you would finde clamav packages: http://ftp5.gwdg.de/pub/suse/update/10.2/rpm/i586/clamav-0.92-0.1.i586.rpm http://ftp5.gwdg.de/pub/suse/update/10.2/rpm/i586/clamav-db-0.92-0.1.i586.rpm Ok. Would those work on a Suse 10.0 system? Background: I normally compile ClamAV myself, but Suse 10.0 has gcc 4.0.2 which ClamAV 0.92 refuses being compiled with because of a compiler bug. So I thought I'd take the easy way out and convert ClamAV on those machines running Suse 10.0 from self-compiled to RPM installed. Thanks -- Tilman Schmidt Phoenix Software GmbH www.phoenixsoftware.de 53227 Bonn, GermanyAmtsgericht Bonn HRB 2934 signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Suse 10.0 RPM for ClamAV 0.92 (!)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Tilman, well I used SuSE 10.0 until November 2007. Well I know the compiler-bug problem when compiling clamav, but why didn't you update gcc to fix this issue? Therefore in installed the gcc-Packages from OpenSuSE 10.2 on the SuSE 10.0 System. This maybe also the reason why there isn't a official RPM for this SuSE Version... Try to install the following packages from 10.2: gcc-4.1.3-29.i586.rpm gcc-c++-4.1.3-29.i586.rpm gcc41-4.1.2_20061115-5.i586.rpm gcc41-c++-4.1.2_20061115-5.i586.rpm Then you should be able to compile the ClamAV 0.92 your own. Regards Jörg Am Montag 14 Januar 2008 schrieb Tilman Schmidt>: > Jörg Wedekind schrieb: > > you search for OpenSuSE 10.2 rpm, but your link is for SuSE 10.0 > > Packages: > > Sorry for the confusion. I really meant Suse 10.0 but got mixed up with > a different problem while composing the mail. I have corrected the subject. > > > Well, modifying the 10.0 to 10.2 you would finde clamav packages: > > > > http://ftp5.gwdg.de/pub/suse/update/10.2/rpm/i586/clamav-0.92-0.1.i586.rp > >m > > http://ftp5.gwdg.de/pub/suse/update/10.2/rpm/i586/clamav-db-0.92-0.1.i586 > >.rpm > > Ok. Would those work on a Suse 10.0 system? > > Background: I normally compile ClamAV myself, but Suse 10.0 has gcc 4.0.2 > which ClamAV 0.92 refuses being compiled with because of a compiler bug. > So I thought I'd take the easy way out and convert ClamAV on those > machines running Suse 10.0 from self-compiled to RPM installed. > > Thanks -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFHi2xasVka5Mu0KoQRAnoTAJ9lnKB4HZH/hmnKENojisnGeKSUJwCg6UXP w5LLRkvkRYk5fpRFf6mZz2c= =SfEK -END PGP SIGNATURE- ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Which ste of RPMs to install on Centos5?
I have tried downloading RPMs from the Centos 5 mirrors and installing with yum localinstall. Following the error messages about dependencies I have then tried to install each of the listed dependencies in turn. Evenyually I get: Error: Missing dependency: fedora-usermgmt is needed by package clamav-filesystem I'd by really grateful for any advice about what RPMs I should install for Centos 5 and where I can get them. (I am downloading el5 RPMs from Centos mirrors at the moment) Many thanks in advance, Kind regards, Mark. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Which ste of RPMs to install on Centos5?
I've used the rpms from atrpms and rpmforge. Both installed with yum. I liked atrpms package because it's 1 or 2 packages, but I'm more comfortable with rpmforge as a general rule. Both are enabled on my systems. You can find the instructions to install the respective repos on their web sites. Mark Piekos wrote: > I have tried downloading RPMs from the Centos 5 mirrors and installing > with yum localinstall. Following the error messages about dependencies > I have then tried to install each of the listed dependencies in turn. > Evenyually I get: > > Error: Missing dependency: fedora-usermgmt is needed by package > clamav-filesystem > > I'd by really grateful for any advice about what RPMs I should install > for Centos 5 and where I can get them. > > (I am downloading el5 RPMs from Centos mirrors at the moment) > > Many thanks in advance, > > Kind regards, > > Mark. > > ___ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://lurker.clamav.net/list/clamav-users.html > -- Milton Calnek BSc, A/Slt(Ret.) [EMAIL PROTECTED] 306-717-8737 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] SelfCheck of clamd does not work!
Hi Ged, G.W. Haywood wrote: > If you type > clamconf | tail I don't know about your output from clamconf, but mine is a grand total of 107 lines (courtesy of wc -l). What's the point of using tail in this case, unless you are running over a seriously slow data link? Kind Regards AndrewM Andrew McGlashan Broadband Solutions now including VoIP Current Land Line No: 03 9912 0504 Mobile: 04 2574 1827 Fax: 03 8790 1224 National No: 1300 85 3804 Affinity Vision Australia Pty Ltd http://www.affinityvision.com.au http://adsl2choice.net.au In Case of Emergency -- http://www.affinityvision.com.au/ice.html ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] SelfCheck of clamd does not work!
Hi there, On Mon, 14 Jan 2008 Matthias Hank wrote: > On Sat, Jan 12, 2008 at 07:26:45PM +, G.W. Haywood wrote: > > On Sat, 12 Jan 2008 Matthias Hank wrote: > > > > > Why is my clamd not checking his Database every 300 secs, although he is > > > configured to do so and tells me in his logfile, that he will do it? > > > > Look at the output of > > > > clamconf -n > > > > to see if it's looking at the right database directory? > > Yes it is configured correctly. > > DatabaseDirectory = "/var/lib/clamav" > > ... > > Any other ideas? If you type clamconf | tail what does it say about the engine and signature databases? -- 73, Ged. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Suse 10.0 RPM for ClamAV 0.92 (!)
Jörg Wedekind schrieb: well I used SuSE 10.0 until November 2007. Well I know the compiler-bug problem when compiling clamav, but why didn't you update gcc to fix this issue? Because that promises to be substantially more work, with much bigger potential for trouble, than just updating ClamAV. I was hoping to get away cheaper. Try to install the following packages from 10.2: gcc-4.1.3-29.i586.rpm gcc-c++-4.1.3-29.i586.rpm gcc41-4.1.2_20061115-5.i586.rpm gcc41-c++-4.1.2_20061115-5.i586.rpm Hmmm, all four of these? Wouldn't that install two versions of gcc on the systems in question? Then you should be able to compile the ClamAV 0.92 your own. Sure, if that's the only way then I'll do it that way. Thanks, -- Tilman Schmidt Phoenix Software GmbH www.phoenixsoftware.de 53227 Bonn, GermanyAmtsgericht Bonn HRB 2934 signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] ClamAV vs. Wildlist
Hello all, I am curious as to whether there has been any recent comparison of ClamAV's virus detection against the wildlist (www.wildlist.org). Granted, the latest wildlist is from October 2007, but it would be interesting to see the results as several vendors use their wildlist detection as a marketing tool (or at least used to). Also, I was wondering if there was any solid method of actually doing a comparison on my own, as the wildlist provides only virus names, which do not match the naming convention used by ClamAV. Any thoughts or ideas would be greatly appreciated. Thanks! _ Watch “Cause Effect,” a show about real people making a real difference. http://im.live.com/Messenger/IM/MTV/?source=text_watchcause ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ClamAV vs. Wildlist
I use ClamAV to scan computers in the shop I work in and have compared it with Norton (not using the --remove argument) and in most cases it has had a much higher detection rate, but much slower than Norton (about 3x longer). On Mon, 2008-01-14 at 15:27 -0600, Matt Forbis wrote: > Hello all, > > I am curious as to whether there has been any recent comparison of ClamAV's > virus detection against the wildlist (www.wildlist.org). Granted, the latest > wildlist is from October 2007, but it would be interesting to see the results > as several vendors use their wildlist detection as a marketing tool (or at > least used to). Also, I was wondering if there was any solid method of > actually doing a comparison on my own, as the wildlist provides only virus > names, which do not match the naming convention used by ClamAV. Any thoughts > or ideas would be greatly appreciated. Thanks! > _ > Watch “Cause Effect,” a show about real people making a real difference. > http://im.live.com/Messenger/IM/MTV/?source=text_watchcause > ___ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://lurker.clamav.net/list/clamav-users.html ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
