[Clamav-users] Problem scanning ZIP archives with clamdscan and not clamscan
I've encounted this problem: clamscan will scan zip files and detect a virus. clamdscan will not. clamdscan part.1.body.zip /tmp/part.1.body.zip: OK --- SCAN SUMMARY --- Infected files: 0 clamscan part.1.body.zip --- SCAN SUMMARY --- part.1.body.zip: Worm.Gibe.F FOUND Infected files: 1 I'm using clamav 0.65-3 for debian. This was all run from the command line on a zipped virus file. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] freshclam update rate
Luke Scharf said: > This does seem more polite than hitting it hard, right on the hour. > > -Luke > > -- > Luke Scharf, Systems Administrator > Virginia Tech Aerospace and Ocean Engineering If you use freshclam as a daemon, you don't have to worry about this as it randomizes it? -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Problem scanning ZIP archives with clamdscan and not clamscan
Tomasz Papszun said: > Are these set in clamav.conf? > > ScanArchive > StreamSaveToDisk No. Strange, when using debconf to configure and explicitly telling it to enable ScanArchive it still leaves these commented out. Fixed. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Worm.SomeFool is this w32/Netsky.b@MM
I saw this virus show up today:Worm.SomeFool Updated here: Submission: 1235-web Sender: Tobias Oetiker Virus: Unknown Virus Added: Worm.SomeFool Notes: File uses the same icon as a word document,double extension (.rtf.pif i.e.),starts to massmail with a own smtp engine, drops a 'services.exe' in the %windows% folder. Name could be changed later. Is it this mcafee virus? This is a Medium Threat Advisory for W32/[EMAIL PROTECTED] worm. Justification W32/[EMAIL PROTECTED] has been deemed Medium due to prevalence. Read About It Information about W32/[EMAIL PROTECTED] is located on VIL at: http://vil.nai.com/vil/content/v_101034.htm -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] web submittal,auto scan
Thought of a great idea. Make it so the virus submittal page will scan the virus with clamscan. If it already detects it teh virus, it will reject it. Unless the user explicitly tell web page to accept it a virus that has been detected with clamscan. That should reduce the number of redundant submittals clamav receives. Am I overlooking any unintended consequences of this idea? Less submittals? Clamav might miss new variants? --Luke --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Mydoom.F not in my virus defs...
When I'm wondering if clamav detects a new virus. I contemplate going through the clamav-virusdb archive and looking for the keyword. But I'm Lazy. You should be lazy too. So I go here, and search term it. http://marc.theaimsgroup.com/?l=clamav-virusdb&w=2&r=1&s=&q=b -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] Re: 5 from testvirus.com came through
Just wait for .67 to hit testing from unstable on debian. 2 more days and it will be in testing. Then it will take 10 seconds to upgrade. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] optimal freshclam update frequency
Erik Corry said: > I use procmail to put mails from the clamav-virusdb list in the folder > above. > > This way I update within one hour if there is an update, otherwise > nothing happens. You could up this to once every half hour without > overloading the servers I think. > The most efficient update scheme would be only downloading for new updates when new update came out. You could determine this by looking at the virus-db mailing list. Any procmail programmers want to post script to do this? When a new mail comes out, you initiate a new download within 5-10 minutes. I see the following problems with this: virusdb mailings would need to be gpg signed, and procmail script would need to verify gpg signature. Not sure how to do this. Everyone would download at at once whenever a new update came out. Their is not a signifigant delay between virus updates and mailings. If sourceforge mailing list breaks, your updates break. So a more efficient update scheme might be 4 per day normally and within 5-10 minutes of whenever a new virusdb comes out. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Password-protected .zip file viruses
Tomasz Papszun said: >WE ASK USERS TO NOT SUBMIT naked zip files IF their contents is DETECTED >as infected by ClamAV AFTER UNZIPPING. It's a utter waste of our time, >which results in delays in processing really significant samples! Why not add this on the web submittal nag screen? Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Occasionally missing viruses
I was missing some virus's until I upgraded from .65 to .67. Bounce back zipped virus's were slipping by. Dominic Mazzoni said: > Ryan Moore wrote: >> Dominic Mazzoni wrote: >> >>> I'm also having the problem that Ron Snyder reported yesterday, >>> where clamscan will mark a file as OK, but if I extract the >>> attachment (just by base64-decoding it, NOT by unzipping it too), >>> then clamscan properly recognizes the virus (in this case, SCO.A). >>> >> >> Try running 'clamscan --mbox email' > > Oops, I didn't realize that. > > Same problem: > >> clamscan --mbox email > email: OK > > --- SCAN SUMMARY --- > Known viruses: 20383 > Scanned directories: 0 > Scanned files: 1 > Infected files: 0 > Data scanned: 0.03 MB > I/O buffer size: 131072 bytes > Time: 0.626 sec (0 m s) > > Thanks for responding. > > - Dominic > > > > > --- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users > -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] clamscan detects clamdscan does not
There are two virus's that clamscan detects, and clamdscan does not. using clamav .67-6 via the debian package. clamscan -r --stdout --disable-summary --mbox --infected ./ ENTIRE_MESSAGE: Worm.Mydoom.F FOUND LibClamAV Warning: Multipart MIME message contains no boundary lines ENTIRE_MESSAGE: Worm.SomeFool.Gen-1 FOUND clamdscan -r --stdout --disable-summary --mbox --infected ./ ./: OK I have all the pertinent options enabled in clamav.conf, and am not sure why it does not detect it. #To reconfigure clamd run #dpkg-reconfigure clamav-daemon LocalSocket /var/run/clamd.ctl StreamMaxLength 15M ArchiveMaxFileSize 15M ArchiveMaxRecursion 5 ArchiveMaxFiles 1500 ScanArchive StreamSaveToDisk ArchiveMaxRecursion 5 ArchiveMaxFiles 1000 ArchiveMaxFileSize 10M ThreadTimeout 180 MaxThreads 5 MaxConnectionQueueLength 15 PidFile /var/run/clamd.pid DataDirectory /var/lib/clamav/ SelfCheck 3600 -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] missing some virus's
The current production version is .67 correct? I'm using .67 and some virus's are slipping by on teh initial scan, perhaps 1%. I catch them with fprot and mcafee, which then notifies me. When I run a manual command line scan afterwards I catch the virus. clamscan --no-summary --mbox -r qdir-2004-03-10*/ENTIRE_MESSAGE I do see a lot of warnings: LibClamAV Warning: Multipart MIME message contains no boundary lines It is a strange problem. I considered that clamscan dat was updated after the initial scan. In that case the command line scan would pick up the virus, when run later. I will enable some more troubleshooting and perhaps that will help me fix the problem. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] missing some virus's
Antony Stone said: I can't justify running ANY cvs/beta version on this production system, though. > How are you passing your emails to clamav? I am using mimedefang, I have complete copies off all the virus's that were missed, and I am trying to determine what is similar between the messages. Nothing apparent, System load is really low. Messages are all small. I can send you the messages to look at. Some of the messages were urlspoof messages, which I don't believe clamav detects as a virus, and mcafee does. I discount those messages. >> When I run a manual command line scan afterwards I catch the virus. >> >> clamscan --no-summary --mbox -r qdir-2004-03-10*/ENTIRE_MESSAGE >> >> I do see a lot of warnings: >> LibClamAV Warning: Multipart MIME message contains no boundary lines > > That sounds a bit sinister to me... -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Scanning LAN for virus activity?
use something like: acidlab to detect scans, or nessus/sara to activelly scan your network for particular vulnerabilities. Michael St. Laurent said: > I was reading about the String module for iptables in Linux Journal over > the > weekend and it occured to me that this could be used for scanning the LAN > for the presence of an infected system. > > Does anyone know if such a tool exists? We're seeing *much* higher > network > activity lately than in the past and it makes me nervous. > > -- > Michael St. Laurent > Hartwell Corporation > > > --- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users > -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] New varient of password compressed virus
Fajar A. Nugraha said: > An interesting fact on ChangeLog: > > Thu Mar 11 21:50:32 CET 2004 (tk) > - > * libclamav: rar: added support for encrypted archive (Encrypted.RAR) > detection > To make an obvious statement. Clamav should add encrypted compression detection support for all formats it supports. As we will see more variants... -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Freshclam died
This is a hack, but I run monit on my servers to restart failed services. Works well, it's a hack but it sure jacks my perceived uptime. Tomasz Kojm said: >> And that was it. There hasnt been another entry since and freshclam >> quit after it. I supposed it is acceptable that due to network >> issues, freshclam may be unable to update the database, but it >> definitely should not die because of it. > -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] success with clamav versions
I have had no problems running the following clamav versions. clamav-0.67-6 on debian testing clamav-0.68 from dag on redhat 7.3 These are both production mail servers. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] dag clamav rpm .68
On redhat 7.3 to continue my earlier statement I am using .68 (dag rpm) but it has a problem with the daemon, so I am currently just running clamscan, not clamdscan while I troubleshoot. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Clamav may crash when processing Certain RAR files.....
You won't detect some bagle rar virus unless you are using .68-1. .67 does not detect some virus's and core dumps. I filed this bug against the debian package last week and the maintainers (for debian) are releasing a .68-x package shortly. You need to upgrade to detect some bagle virus's. Jim said: > Has anyone seen the below article, is it really a problem and do users > of clamav need to move to .68 or better to be protected? > > > http://www.securitytracker.com/alerts/2004/Mar/1009502.html > > > > Jim > > > > > > > > --- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users > -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
RE: [Clamav-users] memory leak?
I'm a bit hesitant of upgrading to .68 or .70-rc if it appears to have a memory leak. At what point can the developers say: "this x release does not have a memory leak." Pubs said: >> On Sun, Mar 21, 2004 at 01:14:53PM -0600, John Jolet wrote: >> > If anything, i'd say it leaked less...course, i jumped from .65 to .7. >> >> It seems to be worse for me. Much worse. I had archive scanning off >> before the jump to 67, and then to 70-rc from 65. Both of these appear >> to have the problem. I can cron a daily restart to clear it up but >> that's kind a jenky. >> -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] problem detecting netsky.x variant.
I'm running debian clamav-daemon 0.69-0.70-rc-1 Does not detect netsky.x variant. I submitted the virus to the clamav webpage and they detected it, but my current install does not detect it with these scan switches: clamscan -r --mbox --stdout --disable-summary --infected Download the message from here: http://www.cs.montana.edu/support/ENTIRE_MESSAGE.netsky.X.zip I've already filed a bug against the debian version of this. What version of clamscan or options, do I need to detect this? -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] problem detecting netsky.x variant.
I would like to state for the record: I'm dumb sometimes. I was not running freshclam in daemon form, so I did not have new dat files. problem solved. Lucas Albers said: > I'm running debian clamav-daemon 0.69-0.70-rc-1 > > Does not detect netsky.x variant. > I submitted the virus to the clamav webpage and they detected it, but my > current install does not detect it with these scan switches: > > clamscan -r --mbox --stdout --disable-summary --infected > Download the message from here: > http://www.cs.montana.edu/support/ENTIRE_MESSAGE.netsky.X.zip > > I've already filed a bug against the debian version of this. > What version of clamscan or options, do I need to detect this? > > -- > Luke Computer Science System Administrator > Security Administrator,College of Engineering > Montana State University-Bozeman,Montana > > > > --- > This SF.Net email is sponsored by: IBM Linux Tutorials > Free Linux tutorial presented by Daniel Robbins, President and CEO of > GenToo technologies. Learn everything from fundamentals to system > administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click > ___ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users > -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] VIRUS ALERT?
I am detecting a new netsky variant that is detected by mcafee as a netsky variant but is not yet detected by name yet. It is NOT detected by: clamav, or f-prot. I am receiving upwards of 10-20 an hour so far. I have submitted it to the f-prot/mcafee/clamav online virus submittal page for inclusion. You can see a copy of it here: http://www.cs.montana.edu/support/ENTIRE_MESSAGE.netsky-variant.04-20-04.zip.password-infected.zip --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] problem detecting netsky.x variant.
Just trying to file as many bugs against clamav as possible. Make you earn your pay!... Stephen Gran said: > > Ah, my second guess was right then - ignore completely my previous post. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Recommendation RedHat replacement
Kelson Vibber said: > As for what to put on new servers, we haven't decided yet here. I've had > good experiences with Fedora Core 1 on workstations, but we'll probably > avoid using it on servers for now. If you're interested, it's at > http://fedora.redhat.com/ . FC1 really is Red Hat 10 renamed, so it has > all > the same tools you're used to, and most of the third-party packagers > building for RHL have started building for Fedora Core as well. Plus it's > the only distro you can upgrade a RHL system to without reinstalling. > > If you like the way Red Hat works, there are also several RH-based distros > you can look at. I upgraded my 50 desktops from redhat 9 to Lineox. The upgrade actually works. I reccomend it for least upgrade effort from redhat 7.3/9 systems. I reccomemd it, it includes apt support for updates. It's 2 dollars per machine if you buy 100+ licenses. I'm moving my server from redhat 7.3/9 to debian and lineox. Servers are going to debian, (just upgraded yesterday) and desktops are going to lineox. -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Clamd Leaking?
Fajar A. Nugraha said: > Did you add the script to kill clamd and start it when clamdwatch says > clamd dead/hung? What is clamdwatch, I have never heard of it? Where do you get it? -- Luke Computer Science System Administrator Security Administrator,College of Engineering Montana State University-Bozeman,Montana --- This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for SourceForge Broadband and get the fastest 6.0/768 connection for only $19.95/mo for the first 3 months! http://ads.osdn.com/?ad_id=2562&alloc_id=6184&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
