Hi,
Can someone tell me if the Google Safebrowsing package and the clamav
support for it is still useful? Is it still being developed? It does
appear Google development has stopped for this project, but maybe the data
is still being updated?
Perhaps there's a more modern alternative?
Thanks,
Ale
Hi,
I'm using clamav-0.103.8 on fedora37 with the current daily update and have
received a false positive involving the RPMSG secure download that's
apparently part of office365.
For some reason the fp is in the body of the message, not the
message_v2.rpmsg attachment. Here is the entire message:
Hi, this issue was reported some time ago and is still occurring. Any ideas?
./clamsbwrite.py --config /etc/clamd.d/safebrowsing.conf
./clamsbwrite.py:36: SAWarning: relationship 'SBPrefix.hashes' will copy
column sbclient_v4_prefixes.reflist_id to column
sbclient_v4_hashes.reflist_id, which confl
Hi,
> > Is the clamav-safebrowsing repository still maintained?
>
> https://blog.clamav.net/2020/06/the-future-of-clamav-safebrowsing.html
Yes, that's exactly what I'm referring to - your link directs the user
to the new repo, but that has problems, and itself doesn't appear to
be developed any l
Hi,
Is the clamav-safebrowsing repository still maintained?
https://github.com/Cisco-Talos/clamav-safebrowsing
It also appears the SafeBrowsing config option is no longer supported?
When running clamsbwrite.py, I'm seeing an error but have no idea of
what's involved and there doesn't seem to be
ok at your possible solutions.
-Message d'origine-
De : clamav-users De la part de G.W.
Haywood via clamav-users
Envoyé : lundi 11 avril 2022 10:08
À : alex via clamav-users
Cc : G.W. Haywood
Objet : ⚠️ Re: [clamav-users] Is the signature "Win.Tool.Hoax-9939325-0" really
pro
Hi all,
Recently, ClamAV sent us the following alert "Win.Tool.Hoax-9939325-0" on one
of our executables.
This software was developed by our teams and has not been modified since 2014.
And suddenly, an alert is lifted...
After some research in the ClamAV VirusDB announcements, I found that this
Hi,
> Micah has given you plenty to go on. I'd add that you can search the
> docs online, for example:
>
> https://docs.clamav.net/?search=false%20positive
>
> To prevent all such detections, see 'PhishingScanURLs' in the man page
> for clamd.conf.
Thank you both for your help. The following pat
Hi,
The link description is a URL and apparently doesn't match the link
itself, resulting in email from Amazon Business being marked as
malicious. Do I just add this to some kind of allow/bypass list?
How do I go about doing that?
$ clamscan -v amazon-fp.eml
Scanning /home/alex/quarantine/amazon-
Hi,
> >How do I exclude this email from being tagged without having to bypass
> >the Heuristics.Phishing.Email.SpoofedDomain rule altogether?
> >
> >X-Amavis-Alert: INFECTED, message contains virus:
> >Heuristics.Phishing.Email.SpoofedDomain
>
> I think this can be enabled by disabling Phi
Hi,
I have a fedora34 system with clamd-0.103.5 and amavisd/SA/postfix. I
have a newsletter from ncua.gov that keeps getting blocked because it
apparently contains links.gd in the body somewhere, although I can't
find it.
How do I exclude this email from being tagged without having to bypass
the
Hi,
> for examples of utilities which might be useful. You're just going to
> create regular expressions of a kind, where (unlike the familiar kind)
> literal characters are given in hexadecimal instead of as themselves.
>
> The regex way: (A|B)C{1,3}\x01
> Signature way: (41|42)43{1-3}01
>
> The
Hi,
> > I'm using clamav with spamassassin and amavis on fedora33 and would
> > like to block content based on CL_TYPE_SCRIPT, such as javascript
> > within a PDF.
> >
> > https://www.clamav.net/documents/clamav-file-types
> >
> > How does this work?
>
...
> Having decided what you're scanning is
Hi,
I'm using clamav with spamassassin and amavis on fedora33 and would
like to block content based on CL_TYPE_SCRIPT, such as javascript
within a PDF.
https://www.clamav.net/documents/clamav-file-types
How does this work?
___
clamav-users mailing li
Hi,
I'm using clamav-0.103.0 on fedora33 and am interested in the DLP
options. Last I checked, support for it had been discontinued, but as
of 0.102, it appears to have been supported again, at least to block
credit cards and SSNs?
Are there other options available?
Is there more information avai
> > I'm attempting to use the clamsbsync and clamsbywrite Google
> > safebrowsing utils and having some issues.
> > ...
>
> I haven't seen much discussion on this list about safebrowsing, but
> you have changed that recently (and almost single-handedly: of the
> four threads which mention safebrows
Hi,
I'm attempting to use the clamsbsync and clamsbywrite Google
safebrowsing utils and having some issues.
I'm running the following on the database server directly:
python3 ./clamsbsync.py -v --config etc/safebrowsing.conf sync
This sometimes results in the following output:
UpdateClient: WARNI
Hi,
> > (MySQLdb._exceptions.OperationalError) (2006, 'MySQL server has gone away')
> > ...
>
> I don't use safebrowsing and it's a long time since I've used MySQL
> for anything serious, but last time I did this issue was one of the
> most common causes of questions. I don't know, however, if in
Hi,
I'm trying to set up safebrowsing on fedora32 and having a few
problems. I've set up the Google API key and believe I had it running
successfully for some time about three weeks ago, but now I'm unable
to keep it running.
Updates using the "build" option fail with a "duplicate entry" error:
s
Hi,
I've just registered for and received a Google safebrowing API key and
configured clamav-safebrowsing
(https://github.com/Cisco-Talos/clamav-safebrowsing) on a fedora32
server system.
btw, I found out the hard way that having a percent sign in the
password causes the clamav-safebrowsing script
20 matches
Mail list logo
