On 4/28/05, Chris de Vidal <[EMAIL PROTECTED]> wrote:
> ClamAV 0.83 from dag.wieers.com
> CentOS 3.3 (A.K.A RedHat Enterprise Linux AS3)
> Kernel 2.4.28
>
> I have a full system scan cron job. We have a 1.25TB Samba server that
> causes the load average to go to 5+. When that happens the users n
Link:
http://clamav-du.securesites.net/cgi-bin/clamgrok?virus=Trojan.Lowzone-37&search-type=contains&case-sensitivity=No&database=daily&database=main&display=database&display=virus&.submit=&.cgifields=database&.cgifields=case-sensitivity&.cgifields=search-type&.cgifields=display
Try searching Troj
Todd Lyons said this while chewing gum:
> If the scan is occurring during normal business hours, then yeah, you
> need to nice the heck out of it to keep it from sucking away
> performance. If you know a bit about c, you could add a commandline
> option --delay=x where x is the number of milliseco
On Thu, 28 Apr 2005 17:01:24 -0700
Kurt Buff <[EMAIL PROTECTED]> wrote:
> Tomasz Kojm wrote:
> > ClamAV 0.90 will support the NodalCore hardware accelerator:
> >
> > http://sourceforge.net/forum/forum.php?forum_id=458047
>
> > With hw acceleration my old Athlon 1200 was able to scan 2GB of
> > d
Tomasz Kojm wrote:
> ClamAV 0.90 will support the NodalCore hardware accelerator:
>
> http://sourceforge.net/forum/forum.php?forum_id=458047
> With hw acceleration my old Athlon 1200 was able to scan 2GB of
> data in one minute.
2gb in one minute, ceterus paribus, means roughly 8.5 hours per ter
On Thu, Apr 28, 2005 at 06:15:17PM -0300, René Bellora said:
> clamdscan is way faster
Not necessarily.
Single file:
[EMAIL PROTECTED]:~$ clamscan F5D5010.exe
F5D5010.exe: OK
--- SCAN SUMMARY ---
Known viruses: 33876
Engine version: 0.84rc2
Scanned directories: 0
Scanned files:
On Thu, Apr 28, 2005 at 04:18:41PM -0400, Chris de Vidal wrote:
> Have you ever lied, no matter the color? I have. Have you ever stolen
> anything, no matter the value? I have. Have you ever lusted? I have.
> Jesus said whoever looks at a woman with lustful intent has already
> committed adu
Tomasz Kojm wrote:
>With hw acceleration my old Athlon 1200 was able to scan 2GB of data in
>one minute.
>
>
2Gb in one minute!!!
That's pretty impressive - I wouldn't have thought you could do a
directory listing of that much data in one minute (assuming it's not a
single file of course!)
--
Chris de Vidal wanted us to know:
>Is our situation that foreign? I was half expecting someone to tell me
>"We have a 5TB FTP server and can scan it all under 40 minutes with .25
>extra load average! You just have to do this..."
Most people with stuff that large have a three teir system:
1) AV
Morgan Smith said this while chewing gum:
> Do compiler options help? YMMV but if I'm looking for speed I'll
> compile from source or create an RPM from the SRPM, and I'll add some
> optimizations:
> ./configure CFLAGS=-O3 -march=pentium4
>
> The man page for gcc may provide more insight.
OK I'll
On Thu, 28 Apr 2005 14:45:20 -0700 (PDT)
Joanna Roman <[EMAIL PROTECTED]> wrote:
> Hi I am adding some kind of web scanning code into a
> http proxy. Somewhere in the code where the proxy is
> ready to send the HTTP GET request to the server, I
> added some code to first download the URL and scan
Hi I am adding some kind of web scanning code into a
http proxy. Somewhere in the code where the proxy is
ready to send the HTTP GET request to the server, I
added some code to first download the URL and scan it
before letting the proxy to send the GET request out.
I was using something like system
Chris de Vidal wrote:
>ClamAV 0.83 from dag.wieers.com
>CentOS 3.3 (A.K.A RedHat Enterprise Linux AS3)
>Kernel 2.4.28
>
>I have a full system scan cron job. We have a 1.25TB Samba server that
>causes the load average to go to 5+. When that happens the users notice
>and I must kill the script.
On Thu, 28 Apr 2005 16:09:55 -0400 (EDT)
"Chris de Vidal" <[EMAIL PROTECTED]> wrote:
> Matt Fretwell said this while chewing gum:
> > Scan on an evening when your users are gone?
>
> Thanks for the fast reply!
>
> A 1.25TB Samba server takes several days to do a full scan with
> clamscan.
Clam
Matt Fretwell said this while chewing gum:
> Surely you're not doing a full scan each time, are you?
Yeah, just like the large Windows boxen we run. It's a corporate
requirement that we scan daily but clamscan is just too slow for a daily
scan so I run it weekly. It's a decent compromise; I'd co
René Bellora wrote:
> clamdscan is way faster
Only on a frequent stop/start type scenario. (Unless things have
changed). For an extended duration scan, any difference would be
negligible.
Matt
___
http://lurker.clamav.net/list/clamav-users.html
Chris de Vidal wrote:
> > Scan on an evening when your users are gone?
>
> Thanks for the fast reply!
>
> A 1.25TB Samba server takes several days to do a full scan with
> clamscan.
Surely you're not doing a full scan each time, are you? How often do you
scan the system?
I can't answer on
Chris de Vidal wrote:
ClamAV 0.83 from dag.wieers.com
CentOS 3.3 (A.K.A RedHat Enterprise Linux AS3)
Kernel 2.4.28
I have a full system scan cron job. We have a 1.25TB Samba server that
causes the load average to go to 5+. When that happens the users notice
and I must kill the script. I've even
Matt Fretwell said this while chewing gum:
> Scan on an evening when your users are gone?
Thanks for the fast reply!
A 1.25TB Samba server takes several days to do a full scan with clamscan.
CD
Have you ever lied, no matter the color? I have. Have you ever stolen
anything, no matter the valu
Chris de Vidal wrote:
> Ideas?
Scan on an evening when your users are gone?
Matt
___
http://lurker.clamav.net/list/clamav-users.html
ClamAV 0.83 from dag.wieers.com
CentOS 3.3 (A.K.A RedHat Enterprise Linux AS3)
Kernel 2.4.28
I have a full system scan cron job. We have a 1.25TB Samba server that
causes the load average to go to 5+. When that happens the users notice
and I must kill the script. I've even reniced it to 19 wit
Actually, their primary distribution is via Windows file sharing (i.e.
ports 135, 139, 445) via SDBot, Robobot, RBot, etc. variants. The
primary reason they're called "Downloader" is because once on the system
they unpack their payload, connect to an IRC server for remote control,
and download add
--- Christoph Cordes <[EMAIL PROTECTED]> wrote:
> Joanna Roman wrote:
> > Can anybody tell me how downloader viruses are
> > encountered ? Is it via http browsing and adware
> ??
> >
>
> Not only - sometimes they are spammed through mail
> or distributed
> through P2P networks - you can find th
Joanna Roman wrote:
Can anybody tell me how downloader viruses are
encountered ? Is it via http browsing and adware ??
Not only - sometimes they are spammed through mail or distributed
through P2P networks - you can find them almost everywhere in many
different flavours.
--
Best regards,
Christ
On Wed, 27 Apr 2005 22:43:05 -0700 (PDT)
Joanna Roman <[EMAIL PROTECTED]> wrote:
>
> --- Tomasz Kojm <[EMAIL PROTECTED]> wrote:
> > On Wed, 27 Apr 2005 18:11:17 -0700 (PDT)
> > Joanna Roman <[EMAIL PROTECTED]> wrote:
> >
> > > Can anybody tell me how downloader viruses are
> > > encountered ? Is
Joanna Roman wrote:
[snip]
> Serious answers only. You must be tired. Take a break
> man ! :) Serious, how are they encountered ?
They come in mail. Is that what you wanted to know?
--
René Berber
___
http://lurker.clamav.net/list/clamav-users.html
26 matches
Mail list logo
