On Wed, 18 May 2005 18:56:23 +0200
"David" <[EMAIL PROTECTED]> wrote:
>
>
> Hello,
>
> I upgraded my clamv
>
> ClamAV 0.85.1/886/Wed May 18 12:32:36 2005
>
>
> But the problem is not resolved
>
> qmail/simscan/1116416733.717518.2973/AKQLCI35.zip: Input/Output error
> ERROR qmail/simsca
On Wednesday, May 18, 2005, at 04:25 pm, Dennis Peterson wrote:
We had one IP attempting to get in for quite a while (194.55.159.7) last
night. Probably not worth blocking in the packet filter. If a pattern
shows up I'll consider blocking IP ranges.
Look for sshmonitor recently posted to alt.sourc
Frank Barton wrote:
>> Ken Jones wrote:
>>> On my system, only #24 and #25 make it through ... both of
>>> which don't have a test virus in them :)
> Stefaan wrote:
>> What is stopping #5 & #17 in your configuration ? Is it clamd or
>> somethingelse ? My config : messagewall, clamdmail, clamd, spa
Matthew.van.Eerde wrote:
> Damian Menscher wrote:
>> On Wed, 18 May 2005 [EMAIL PROTECTED] wrote:
>>> LibClamAV Warning: Not reloading database until idle - waiting for 2
>>> children
>>
>> Could you tell us how you're running clamav-milter? Specifically,
>> I'd like to know if you're using --ext
>> On my system, only #24 and #25 make it through ... both of
>>
>> which don't have a test virus in them :)
>>
>>
>>
>> --
Excuse, but i read the manual and the --exclude option is not present in the
clamd.
Thanx
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] En nombre de Trog
Enviado el: dimecres, 18 / maig / 2005 13:32
Para: ClamAV users ML
Asunto: RE: [Clamav-users] Exclude extens
Hello,
I upgraded my clamv
ClamAV 0.85.1/886/Wed May 18 12:32:36 2005
But the problem is not resolved
qmail/simscan/1116416733.717518.2973/AKQLCI35.zip: Input/Output error ERROR
qmail/simscan/1116416781.176909.3110/AKQLCI35.FM6: Input/Output error ERROR
Any ideas?
-Mensaje origi
Damian Menscher wrote:
> On Wed, 18 May 2005 [EMAIL PROTECTED] wrote:
>> LibClamAV Warning: Not reloading database until idle - waiting for 2
>> children
>
> Could you tell us how you're running clamav-milter? Specifically, I'd
> like to know if you're using --external and your --max-children
>
On Wed, 18 May 2005 [EMAIL PROTECTED] wrote:
Tue May 17 15:35:10 2005 -> Reading databases from /usr/local/share/clamav
Tue May 17 15:35:10 2005 -> Database correctly reloaded (34417 viruses)
LibClamAV Warning: Not reloading database until idle - waiting for 2 children
LibClamAV Warning: Waiting fo
i have recently run into a clmilter problem causing sendmail to crash out
with an out of memory exception (cannot allocate memory). a quick look
around on google comes up with a few hits but no clear solutions
This has occurred after an upgrade to the most recent gentoo ebuild for
clamav,
Gack! I came in this morning to find this in my clamd.log...
Tue May 17 15:35:10 2005 -> Reading databases from /usr/local/share/clamav
Tue May 17 15:35:10 2005 -> Database correctly reloaded (34417 viruses)
LibClamAV Warning: Not reloading database until idle - waiting for 2 children
LibClamAV W
Thomas Wheeler said:
> Yip, seen it increase since this German "SPAM" started to hit my server
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Ken Jones
> Sent: 18 May 2005 04:42 PM
> To: ClamAV users ML
> Subject: Re: [Clamav-users] Sober.P sidebar
Yip, seen it increase since this German "SPAM" started to hit my server
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Jones
Sent: 18 May 2005 04:42 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] Sober.P sidebar topic
On Tuesday 17 May 2005 8:58
On Tuesday 17 May 2005 8:58 pm, Dennis Peterson wrote:
> Anyone noticing any increase in failed login attempts via ssh? I have and
> the timing associates well with the recent outbreak.
Last night we saw the first password ssh scans against our machine.
Looks like scanning for default accounts wit
clamd 0.85 and 0.85.1 same result, system OpenBSD 3.5
on first server work fine on second clamdscan report OK
any sugestion ?
How many signatures is each reporting to have?
work bad : 34417
work fine : 34517
Thanks for advice !
Wojtek
-
On Tue, 17 May 2005, Eric J. Wisti wrote:
> How are others with Solaris handling the socket?
I put my socket in /var/clamav instead of /var/run
[Libby]:/var$ ls -ld clamav/
drwxrwsr-x2 clamav clamav512 May 17 11:06 clamav/
Both the clamd and clamav-milter sockets are there, along
On Wed, May 18, 2005 03:56, Stefke wrote:
>
>> -Original Message-
>> From: [EMAIL PROTECTED]
>> [mailto:[EMAIL PROTECTED] On Behalf Of Ken Jones
>> Sent: dinsdag 17 mei 2005 15:57
>> To: ClamAV users ML
>> Subject: Re: [Clamav-users] Clam AV allows e-mail from
>> www.webmail.us/testvirus
On Wed, May 18, 2005 at 01:28:43PM +0200, David wrote:
>
>
>
> But, if i need to exclude an extension. How i do it?
>
>
> Thanx,
>
Pardon my butting in, but is this not more of a job for MailScanner or
such? Once MailScanner (or similar) has decided which mails it is not
going to reject,
On Wed, 2005-05-18 at 13:28 +0200, David wrote:
>
>
> But, if i need to exclude an extension. How i do it?
Use --exclude, easy when you read the manual.
-trog
signature.asc
Description: This is a digitally signed message part
___
http://lurker.cl
But, if i need to exclude an extension. How i do it?
Thanx,
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] En nombre de Tomasz Kojm
Enviado el: dimecres, 18 / maig / 2005 12:47
Para: ClamAV users ML
Asunto: Re: [Clamav-users] Exclude extension from scanning
O
On Wed, 18 May 2005 12:44:21 +0200
"David" <[EMAIL PROTECTED]> wrote:
>
>
>
> Hello,
>
> I have a problem with an extension .FM6.
> Really, this file is an encrypted zip and the clamd says
>
> ASBHCI83.FM6: Input/Output error ERROR
Upgrade to 0.85.1.
--
oo. Tomasz Kojm <
On Wed, 2005-05-18 at 12:44 +0200, David wrote:
>
>
> Hello,
>
> I have a problem with an extension .FM6.
> Really, this file is an encrypted zip and the clamd says
>
> ASBHCI83.FM6: Input/Output error ERROR
>
>
> How I can exclude this extension from the clamd?
Upgrade to 0.85.1
-trog
s
Hello,
I have a problem with an extension .FM6.
Really, this file is an encrypted zip and the clamd says
ASBHCI83.FM6: Input/Output error ERROR
How I can exclude this extension from the clamd?
Thank you.
David.
___
http://lurker.clamav.net/l
On 18 May 2005 09:53:28 +0200
"didier.georgieff" <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I just noticed that clamav & freshclam 0.85.1 seems to report wrong
> informations about the virus database
There's a bug in your configuration then...
--
oo. Tomasz Kojm <[EMAIL PROTECT
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Ken Jones
> Sent: dinsdag 17 mei 2005 15:57
> To: ClamAV users ML
> Subject: Re: [Clamav-users] Clam AV allows e-mail from
> www.webmail.us/testvirus through?
>
> On my system, only #24 and #25 make it
OK - this seems to be a 'known issue'.
A patch is here if other are having this problem:
http://blog.gmane.org/gmane.comp.security.virus.clamav.devel
Does anyone know if/when this will be fixed in a
stable release?
Thanks, Chris
--- Chris Masters <[EMAIL PROTECTED]> wrote:
> Hi All,
>
> WinZ
On Wed, 2005-05-18 at 10:20 +0200, rybka52 wrote:
> clamd 0.85 and 0.85.1 same result, system OpenBSD 3.5
> on first server work fine on second clamdscan report OK
> any sugestion ?
How many signatures is each reporting to have?
-trog
signature.asc
Description: This is a digitally signed messa
clamd 0.85 and 0.85.1 same result, system OpenBSD 3.5
on first server work fine on second clamdscan report OK
any sugestion ?
i'll be greatfull
Wojtek
--
Startuj z INTERIA.PL! >>> http://link.interia.pl/f186c
Hello,
I just noticed that clamav & freshclam 0.85.1 seems to report wrong
informations about the virus database
$clamscan -V
ClamAV 0.85.1/507/Mon Sep 27 12:53:21 2004
#freshclam -V
ClamAV 0.85.1/507/Mon Sep 27 12:53:21 2004
but my database is up2date :
#freshclam
ClamAV update process starte
Hello Hermann Schaefer,
> .. how, if the sample is already a password-protected zip-file?
>
> Result:
> Please encrypt your ZIP files with password virus
>
> If I unpack the archive, the signature is lost and the virus will not
> be detected, right?
Do not unpack it. Encrypt it again.
Best
30 matches
Mail list logo
