On 04/01/06, Leo Dano <[EMAIL PROTECTED]> wrote:
> I keep getting a message that I need to upgrade to 0.87.1 from 0.87 which I
> did but I keep getting these messages. I tried uninstalling 0871 then
> reinstalling with no luck. I am a Windows user and have a Linux Raq4. Can
> anyone help me?
Yo
I keep getting a message that I need to upgrade to 0.87.1 from 0.87 which I
did but I keep getting these messages. I tried uninstalling 0871 then
reinstalling with no luck. I am a Windows user and have a Linux Raq4. Can
anyone help me?
Thanks in advance.
Leo
John Jolet wrote:
On Jan 4, 2006, at 11:29 AM, Steven Spence wrote:
John Jolet wrote:
they always were pointless. How many times has each of us had to
go to a maintainer of an rbl and explain that we were not, in
fact, spammers. and face the inevitable...prove it. g.
They are
At 10:35 AM 1/4/2006, Derek Lamparty wrote:
I am getting hammered by worm.sober.u-3. What are the
characteristics of
this worm? Can it spoof ip addresses in the mail server
logs?
The IP listed as the client in your mail log is very likely
accurate. It's both difficult (but not impossible)
On Jan 4, 2006, at 11:29 AM, Steven Spence wrote:
John Jolet wrote:
they always were pointless. How many times has each of us had to
go to a maintainer of an rbl and explain that we were not, in
fact, spammers. and face the inevitable...prove it. g.
They are not at all pointless
John Jolet wrote:
they always were pointless. How many times has each of us had to go to
a maintainer of an rbl and explain that we were not, in fact,
spammers. and face the inevitable...prove it. g.
They are not at all pointless. The problem is that some people build
their RBL's
> >
> >
> No, it makes reporting based only on headers pointless.
When you are referring to headers, are you talking about headers in the
actual virus e-mail? I don't have those as they have been deleted. I am
looking at the sever communications my smtp logs.
Derek Lamparty
___
Derek Lamparty wrote:
I am getting hammered by worm.sober.u-3. What are the characteristics of
this worm? Can it spoof ip addresses in the mail server logs?
If your mail server logs the IP of the TCP connection then the chances
are very good that it is not spoofed. It is very difficult to s
Derek Lamparty wrote:
I didn't know that was possible. Huh? Doesn't that really make RBLs
pointless?
No, it makes reporting based only on headers pointless.
___
http://lurker.clamav.net/list/clamav-users.html
On Jan 4, 2006, at 11:13 AM, Derek Lamparty wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Tomasz Papszun
Sent: Wednesday, January 04, 2006 11:08 AM
To: clamav-users@lists.clamav.net
Subject: Re: [Clamav-users] Spoofing IP Address?
On Wed, 0
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Tomasz Papszun
> Sent: Wednesday, January 04, 2006 11:08 AM
> To: clamav-users@lists.clamav.net
> Subject: Re: [Clamav-users] Spoofing IP Address?
>
> On Wed, 04 Jan 2006 at 10:35:20 -0600, Derek
On Wed, 04 Jan 2006 at 10:35:20 -0600, Derek Lamparty wrote:
> I am getting hammered by worm.sober.u-3. What are the characteristics of
> this worm? Can it spoof ip addresses in the mail server logs? I was trying
> to track some of the viruses back to the origination point (there are a lot
> of
I am getting hammered by worm.sober.u-3. What are the characteristics of
this worm? Can it spoof ip addresses in the mail server logs? I was trying
to track some of the viruses back to the origination point (there are a lot
of them) to let our members know that they might have a virus. I contac
> > I'm afraid my squid+dansguardion+clamav (with daily.cvd v 1225) does not
> > detect exploited wmf's created by metasploit.
>
> The signatures has been updated twice since 1225 (IIRC) to better detect
> randomized variants.
>
> But I've not seen any malware that use the "new" randomize technique
Filbert wrote:
On Tuesday 03 January 2006 10:39, Diego d'Ambra wrote:
Abdul Rehman Gani wrote:
Hi,
Clamscan currently detects Exploit.WMF.A, but F-Secure are reporting 57
different varieties. How many does this signature detect?
Just an update:
I believe that with daily.cvd version 1225,
On Wed, 4 Jan 2006 14:54:26 +0100 in
[EMAIL PROTECTED] "Braindead"
<[EMAIL PROTECTED]> wrote:
> Hello,
>
> Coulds you just said me how to restart Clamav ?
>
> I didn't found the clamav daemon in init.d
>
> Thanks and sorry for this question !!!
How did you install it? Using a tarball and
Hello,
Coulds you just said me how to restart Clamav ?
I didn't found the clamav daemon in init.d
Thanks and sorry for this question !!!
___
http://lurker.clamav.net/list/clamav-users.html
On Tuesday 03 January 2006 10:39, Diego d'Ambra wrote:
> Abdul Rehman Gani wrote:
> > Hi,
> >
> > Clamscan currently detects Exploit.WMF.A, but F-Secure are reporting 57
> > different varieties. How many does this signature detect?
>
> Just an update:
>
> I believe that with daily.cvd version 1225
18 matches
Mail list logo
