El jue, 29-03-2018 a las 14:28 +0200, Arnaud Jacques escribió:
> Hello Peter,
>
>
> > Out of interest, are there other public, known good extra virus
> > definitions
> > that include these PHP and/or web server specific
> > patterns/signatures ?
>
> https://www.securiteinfo.com/services/anti-spa
It could be a mirror hosted by a third-party. This first IP you posted
isn't a 'ClamAV' IP either. It's a mindstudios.com IP. I could set up DNS
for my domain so that clamav..com resolves to an IP, but that
wouldn't make it a 'ClamAV' IP.
--Maarten
On Thu, Mar 29, 2018 at 8:10 AM, Régis Houssin
There are a number of public unofficial databases including the Linux
Malware Detect project, Sanesecurity, and Atomic. There's also an
unofficial database update script on github (though it hasn't been updated
in a year or so) that has others.
YMMV with them though.
On Thu, Mar 29, 2018 at 8:08
Hello Peter,
Out of interest, are there other public, known good extra virus definitions
that include these PHP and/or web server specific patterns/signatures ?
https://www.securiteinfo.com/services/anti-spam-anti-virus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml
Specially j
yes but for this IP this not a clamav website !
dev.lepartidegauche.fr (178.33.105.132)
thank you
Le 29/03/2018 à 13:11, Maarten Broekman a écrit :
> Régis,
> This is a feature of DNS where a name can resolve to multiple IPs for load
> balancing and resiliency. Depending on what serves ‘dat
Hi Maarten,
okay, I will try that, thanks.
Out of interest, are there other public, known good extra virus definitions
that include these PHP and/or web server specific patterns/signatures ?
I looked on the clamav site, but only found the standard signature set.
Also - in case I do get a hold o
We fixed an issue earlier in the evening yesterday with the mirrors that, I
think, should have corrected the issue you were seeing. Is this not the case?
Are you still seeing this ongoing ?
On 3/28/18, 11:41 PM, "clamav-users on behalf of Paul Kosinski"
wrote:
True, except:
1.
Régis,
This is a feature of DNS where a name can resolve to multiple IPs for load
balancing and resiliency. Depending on what serves ‘database.clamav.net’ it may
just be a round-robin response or it may resolve to an IP based on which one is
responding faster to requests or simply which one ha
Hi Peter,
Given the name of that virus, I would guess that your hosting provider is
using some extra virus definitions that aren’t part of the standard ClamAV
distribution. It doesn’t have to do with the engine in this case.
You should get in touch with them about that.
Maarten Broekman
Sen
Hello,
running into a weird issue here... our web host has run a clamav scan on
our VPS server, and found 1 infected PHP file, infected with
SL-PHP-BACKDOOR-GENERIC.
The clamav engine version used in the scan done by the web host was:
devel-clamav-0.99-beta1-632-g8a582c7 (that's what the log file
10 matches
Mail list logo
