Jan-Pieter Cornet wrote:
> On Wed, Apr 02, 2008 at 10:50:59AM -0700, Dennis Peterson wrote:
>> Arthur Sherman wrote:
I use scripts now to monitor user space for new php code.
>>> Could you share these scripts?
>> On a Solaris system you can use the built-in aset tool, and for any
>> Unix/Linu
Dear Sir or Madam,
I am trying to test the funcationality of ClamAV scanning the binary file. I
have added a signature into the daily.db file, the signature is as follows:
Worm.Yawen (Clam)=6161616262626363
It is actually the string of aaabbbcc. When I add this string into the
binary file, and u
> >> I use scripts now to monitor user space for new php code.
> >>
> >> dp
> >
> >
> > Could you share these scripts?
>
> On a Solaris system you can use the built-in aset tool, and
> for any Unix/Linux system you can use trip-wire or Cfengine.
>
> dp
Thanks!
Best,
--
Arthur Sherman
___
On Wed, Apr 02, 2008 at 10:50:59AM -0700, Dennis Peterson wrote:
> Arthur Sherman wrote:
> >> I use scripts now to monitor user space for new php code.
> > Could you share these scripts?
>
> On a Solaris system you can use the built-in aset tool, and for any
> Unix/Linux system you can use trip-w
Dennis Peterson wrote:
> Jon R. Kibler wrote:
>> Hi,
>>
>> Running clamd 0.93rc1 on Solaris 9 Sparc.
>> Build it with gcc 3.4.6.
>
> Running on Sol 9 Sparc, single cpu, clamd built with gcc 3.3.2:
>
> Here's output from top from clamd after several days running:
>
> PID USERNAME LWP PRI NICE
Török Edwin wrote:
Jon R. Kibler wrote:
Does memory usage ever decrease?
I have never seen it decrease.
Suggestions to debug?
On Linux I would run clamscan under valgrind, and scan some samples (but
that is very slow).
Maybe a similar tool exists for Solaris?
DMalloc seems to be availabl
Jon R. Kibler wrote:
> Hi,
>
> Running clamd 0.93rc1 on Solaris 9 Sparc.
> Build it with gcc 3.4.6.
>
> I know there was a recent thread on clamd memory
> usage (that rapidly deteriorated into a discussion on
> scanning email), but I never saw a clear answer to
> the original question.
>
> On 0.92,
Arthur Sherman wrote:
>> I've had to repair or replace a number of "Contact Us" and
>> feedback type php scripts that were incredibly easy to
>> exploit and in fact actually were exploited. More than once
>> one of my own systems was spewing spam from badly crafted web
>> pages. Many of these w
Jon R. Kibler wrote:
> Hi,
>
> Running clamd 0.93rc1 on Solaris 9 Sparc.
> Build it with gcc 3.4.6.
Running on Sol 9 Sparc, single cpu, clamd built with gcc 3.3.2:
Here's output from top from clamd after several days running:
PID USERNAME LWP PRI NICE SIZE RES STATETIMECPU COMMAN
Hi,
Running clamd 0.93rc1 on Solaris 9 Sparc.
Build it with gcc 3.4.6.
I know there was a recent thread on clamd memory
usage (that rapidly deteriorated into a discussion on
scanning email), but I never saw a clear answer to
the original question.
On 0.92, memory usage would start off around 24
David Cunningham wrote:
> I am running:
>
> ClamAV 0.92.1/6555/Wed Apr 2 09:56:05 2008
>
> And yes, setting scanpdf to no in the clamd.conf stops the error.
Please open a bugreport and attach a sample that reproduces the problem.
Meanwhile you have a workaround ;)
Thanks,
--Edwin
___
Hi there,
On Wed, 2 Apr 2008 sydz@ wrote:
> ... the developer of ClamXav admitted that he doesn't know how to
> write and add anti-virus definitions for ClamAV's database (which is
> what is used by ClamXav). And the ClamAV folks are not members of
> the alliance that the commercial Mac anti-viru
I am running:
ClamAV 0.92.1/6555/Wed Apr 2 09:56:05 2008
And yes, setting scanpdf to no in the clamd.conf stops the error.
Dave
Quoting Török Edwin <[EMAIL PROTECTED]>:
> David Cunningham wrote:
>> Anyone hear what is up with this issue?
>>
>> I used to get it maybe 6 to a dozen times per d
>From: [EMAIL PROTECTED]
> I am no expert but if I had to guess I would say it means you scanned
> a file that was utf16 and also less then 2 bytes. I don't think this
> is a bug but just a special case when the length of a utf16 file to
> be converted to ascii is less than 2 bytes. This looks t
--On 1 April 2008 12:43:27 -0400 "David F. Skoll" <[EMAIL PROTECTED]>
wrote:
> Eric Rostetter wrote:
>
>> You've never seen a macro virus???
>
> Not lately. Have you? They seem to have fallen out of favour.
Probably since Microsoft switched off auto-run of macros by default in
their product
15 matches
Mail list logo
