Re: [clamav-users] PDF Scanning

2019-04-11 Thread Arnaud Jacques
Hello David, Yes it is the same for all OS. The ClamAV signatures directory is just at a different place. Find the location in your clamd.conf, ot set it if not set. Le 11/04/2019 à 22:10, David Hendrick a écrit : Hi Arnaud, Thank you very much. Just a question, would this be the same on t

Re: [clamav-users] PDF Scanning

2019-04-11 Thread David Hendrick
Hi Arnaud, Thank you very much. Just a question, would this be the same on the Windows port as we're running in Windows? Many thanks, David On Thu 11 Apr 2019, 19:35 Arnaud Jacques, wrote: > David, > > Here is an example : > > Create a file pdf.ndb in your clamav signatures directory (usually

Re: [clamav-users] [External] Re: Scan very slow

2019-04-11 Thread Paul Kosinski via clamav-users
Does clamd use multi-threading for the various "engines" within a single scan, or only to handle multiple requests from different sources? On Tue, 9 Apr 2019 21:29:43 + "Micah Snyder \(micasnyd\) via clamav-users" wrote: > Maarten, > > Your test results are pretty great. I really like you

Re: [clamav-users] Possible FP Doc.Trojan.Agent-6923110-0

2019-04-11 Thread Andrew Williams
Hey Graeme, Doc.Trojan.Agent-6923110-0 has been dropped as of this morning's daily.cvd build. Thanks for bringing this FP to our attention. For reference, the signature was generated from a cluster of documents similar to and including the one below: https://www.virustotal.com/gui/file/7cf485fb

Re: [clamav-users] PDF Scanning

2019-04-11 Thread Arnaud Jacques
David, Here is an example : Create a file pdf.ndb in your clamav signatures directory (usually /var/lib/clamav/) In this file put this : testpdf:10:*:4f70656e416374696f6e*4a617661536372697074 Save the file, and restart Clamav. Then clamdscan should detect the pdf with "OpenAction" and "Javasc

Re: [clamav-users] PDF Scanning

2019-04-11 Thread David Hendrick
Hi Arnaud, Could you explain how I do this? If this something I can add to clamd.conf? Many thanks, David -Original Message- From: clamav-users On Behalf Of Arnaud Jacques Sent: Thursday 11 April 2019 18:27 To: clamav-users@lists.clamav.net Subject: Re: [clamav-users] PDF Scanning Hell

Re: [clamav-users] PDF Scanning

2019-04-11 Thread Arnaud Jacques
Hello David, Le 11/04/2019 à 19:20, David Hendrick a écrit : Hi there, Does anyone know if there's a way to have ClamAV detect PDF files that have items such as "OpenAction" or "JavaScript" or "JS"? You can do any detection using Clamav. *But* if you detect PDF containing "OpenAction" and "Java

[clamav-users] PDF Scanning

2019-04-11 Thread David Hendrick
Hi there, Does anyone know if there's a way to have ClamAV detect PDF files that have items such as "OpenAction" or "JavaScript" or "JS"? Thanks, David ___ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listin

Re: [clamav-users] Security 3310 SSL/TLS

2019-04-11 Thread Matus UHLAR - fantomas
On 10.04.19 18:19, David Hendrick wrote: I was wondering if there's any way to introduce any sort of encryption on the requests sent to ClamAV using port 3310? I'd say clamav is designed to communicate locally on trusted network. otherise, things like stunnel may be an option for you. -- Matus