Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Paul Kosinski
I too would like the option. (One of the reasons I use ClamAV is because of its lack of bloat.) So how about having "extra" databases in freshclam.conf that are enabled by default? Or perhaps a minimal ClamAV-origin-only database as an alternative to the default "full" database. Paul Kosinski O

[clamav-users] Freshclam question

2016-07-13 Thread Paul Kosinski
Is there an easy way to get freshclam do multiple "attempts" at a lower rate than it does? I use an LAN-local server (a tiny Perl program) to redistribute signatures, and occasionally ClamAV's DNS shows that the official current version is beyond what the redistribution server has, so it generates

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Joel Esler
On Wed, Jul 13, 2016 at 10:27:07PM +0200, Benny Pedersen wrote: On 2016-07-13 22:21, Joel Esler (jesler) wrote: It basically has to do with our how signature system works. so its complicated ? Oh yes. i still like to know why its 3rd party, and why its not just added in ExtraDatabase m

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Benny Pedersen
On 2016-07-13 22:21, Joel Esler (jesler) wrote: It basically has to do with our how signature system works. so its complicated ? i still like to know why its 3rd party, and why its not just added in ExtraDatabase marketing stats dont intrest me SafeBrowsing is a option, why is 3dr party fo

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Joel Esler (jesler)
It basically has to do with our how signature system works. > On Jul 13, 2016, at 4:20 PM, Benny Pedersen wrote: > > On 2016-07-13 22:13, Joel Esler (jesler) wrote: >> All third party signatures have the name of the third party submitter >> in the signature itself. For example: >> * Win.Malw

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Benny Pedersen
On 2016-07-13 22:13, Joel Esler (jesler) wrote: All third party signatures have the name of the third party submitter in the signature itself. For example: * Win.Malware.Agent4285353149/CRDF-1 I understand what you are saying Benny, however, we’re rather err on the side of shipping more det

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Joel Esler (jesler)
All third party signatures have the name of the third party submitter in the signature itself. For example: * Win.Malware.Agent4285353149/CRDF-1 I understand what you are saying Benny, however, we’re rather err on the side of shipping more detection to protect users. -- Joel Esler Manager,

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Benny Pedersen
On 2016-07-13 21:52, Joel Esler (jesler) wrote: Nothing prevents anyone from using 3rd party sigs. We just want to incorporate 3rd party sigs into the official repo, for more coverage, for more users. If ClamAV has, say, 10M users, how many of those 10M do you suppose also run 3rd party sigs?

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Axb
He means : freshclam.conf # Download an additional 3rd party signature database distributed through # the ClamAV mirrors. # This option can be used multiple times. #ExtraDatabase dbname1 #ExtraDatabase dbname2 Do we aggree that any signatures which are NOT written by Sourcefire staff are third

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Joel Esler (jesler)
Nothing prevents anyone from using 3rd party sigs. We just want to incorporate 3rd party sigs into the official repo, for more coverage, for more users. If ClamAV has, say, 10M users, how many of those 10M do you suppose also run 3rd party sigs? I’d say less that 5%. > On Jul 13, 2016, at 3:

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Axb
My guess is that Benny doens't really mean "silly" but probably is his "special" way of saying that it would be nice to be able to opt-in to third party sigs. On 07/13/2016 09:30 PM, Joel Esler (jesler) wrote: Why would it be silly to make life easier for millions of users? On Jul 13, 2016

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Benny Pedersen
On 2016-07-13 21:30, Joel Esler (jesler) wrote: Why would it be silly to make life easier for millions of users? its is since users want choices why is SafeBrowsing not on pr default ? ___ Help us build a comprehensive ClamAV guide: https://github.co

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Joel Esler (jesler)
Why would it be silly to make life easier for millions of users? > On Jul 13, 2016, at 3:25 PM, Benny Pedersen wrote: > > On 2016-07-13 21:11, Joel Esler (jesler) wrote: > >> what ExtraDatabase is it in freshclam ? >> It’s not. It’s in the regular daily.cvd that you download from us. > > sil

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Benny Pedersen
On 2016-07-13 21:11, Joel Esler (jesler) wrote: what ExtraDatabase is it in freshclam ? It’s not. It’s in the regular daily.cvd that you download from us. silly imho :( ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/cla

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Joel Esler (jesler)
On Jul 13, 2016, at 3:06 PM, Benny Pedersen mailto:m...@junc.eu>> wrote: On 2016-07-13 20:40, Joel Esler (jesler) wrote: http://blog.clamav.net/2016/07/crdf-joins-clamav-signature-partner.html what ExtraDatabase is it in freshclam ? It’s not. It’s in the regular daily.cvd that you download fr

Re: [clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Benny Pedersen
On 2016-07-13 20:40, Joel Esler (jesler) wrote: http://blog.clamav.net/2016/07/crdf-joins-clamav-signature-partner.html what ExtraDatabase is it in freshclam ? ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq htt

Re: [clamav-users] ERROR: Malformed database

2016-07-13 Thread Joel Esler (jesler)
Thank you Kees. We no longer test against 0.96. So, it is quite possible that 0.96 doesn’t work anymore. Time to upgrade! -- Joel Esler Manager, Threat Intelligence Team & Open Source Talos Group http://www.talosintel.com On Jul 13, 2016, at 2:06 PM, Kees Theunissen mailto:c.j.theunis...@d

[clamav-users] ClamAV® blog: CRDF Joins the ClamAV Signature Partner Program!

2016-07-13 Thread Joel Esler (jesler)
http://blog.clamav.net/2016/07/crdf-joins-clamav-signature-partner.html CRDF Joins the ClamAV Signature Partner Program! We'd like to welcome CRDF to the ClamAV Signature Detection Partner Program! The CRDF is the first 3rd party Signature house we've integrated

Re: [clamav-users] ERROR: Malformed database

2016-07-13 Thread Kees Theunissen
On Wed, 13 Jul 2016, Rejaine Monteiro wrote: > yes, I deleted all databases .. I think the problem is the version of this > particular server, which is very old (V.96). in other servers with version > v.098 is functioning normally. See: http://www.clamav.net/documents/end-of-life-policy-eol Quo

Re: [clamav-users] ERROR: Malformed database

2016-07-13 Thread Rejaine Monteiro
exact. also I tried to install a new version on my "old box" but also had problems when compiling .. anyway, is passing the time to update it and I will work on that in the coming days. On 13-07-2016 14:44, Bob wrote: On 07/13/2016 11:03 AM, Rejaine Monteiro wrote: yes, I deleted all databases

Re: [clamav-users] ERROR: Malformed database

2016-07-13 Thread Bob
On 07/13/2016 11:03 AM, Rejaine Monteiro wrote: yes, I deleted all databases .. I think the problem is the version of this particular server, which is very old (V.96). in other servers with version v.098 is functioning normally. On 13-07-2016 12:30, Joel Esler wrote: On 7/13/16 9:22 AM, Rej

Re: [clamav-users] ERROR: Malformed database

2016-07-13 Thread Rejaine Monteiro
yes, I deleted all databases .. I think the problem is the version of this particular server, which is very old (V.96). in other servers with version v.098 is functioning normally. On 13-07-2016 12:30, Joel Esler wrote: On 7/13/16 9:22 AM, Rejaine Monteiro wrote: Hi, After the update made

Re: [clamav-users] ERROR: Malformed database

2016-07-13 Thread Joel Esler
On 7/13/16 9:22 AM, Rejaine Monteiro wrote: > Hi, > > After the update made by freshclam this morning, clamd stopped working > and went on to give the error: ERROR: Malformed database. > > I tried to remove all viurs signatures in /var/lib/clamav/* and run > freschclam again, but without succe

[clamav-users] ERROR: Malformed database

2016-07-13 Thread Rejaine Monteiro
Hi, After the update made by freshclam this morning, clamd stopped working and went on to give the error: ERROR: Malformed database. I tried to remove all viurs signatures in /var/lib/clamav/* and run freschclam again, but without success. Any tips to solve the problem? ___

Re: [clamav-users] ClamAV and DoD Approval

2016-07-13 Thread Jerry
On Tue, 12 Jul 2016 20:14:22 -0500, TR Shaw stated: >Actually they approved ClamAV for use in CI PL 4 & 5 since mid 2000s Interesting; can you supply any documentation to support this? -- Jerry ___ Help us build a comprehensive ClamAV guide: https://g