Actually it appears that only "part" of AVG detects it.
Virustotal indicates that AVG cleared the file as being "clean" however
the second site (garyshood.com) seemed to use AVG "command line"
Given the reputation of some of the scanners referenced by Virustotal,
not to mention the sheer numb
I decoded the hex string and it actually matches "Dear PayPal Member\n"
(PayPal instead of Paypal)
Yea, I caught that, it doesn't make any difference
___
http://lurker.clamav.net/list/clamav-users.html
Tomasz Kojm wrote:
Your signature will only match "Dear Paypal Members\n" (0a == new
line) and
not "Dear Paypal Members".
Thanks for the reply.
I knew that when I set it up. I figured if I can't get a simple word
match to work, trying to get complex with it wouldn't be much use.
But alas,
I'm trying to add a couple of custom phishing signatures using .ndb
files within clamav's database directory
For testing purposes I've used a simple phrase "Dear Paypal Members" and
created a hex key for it
Email.Phishing.Paypal.Test.0227001:0:*:446561722050617950616c204d656d6265720a
I've als
I've been seeing this on a lot of servers as well but the time/date on
the servers are correct. Many of them are even timing out trying to grab
the dns record occasionally. Anyone else seeing this?
Here too, and server time is correct though the log entries seem to
point to DNS issues.
Im
Derek Lamparty wrote:
I didn't know that was possible. Huh? Doesn't that really make RBLs
pointless?
No, it makes reporting based only on headers pointless.
___
http://lurker.clamav.net/list/clamav-users.html
Anyone happen to know what happened to http://www.rainingfrogs.co.uk ?
___
http://lurker.clamav.net/list/clamav-users.html
Rob MacGregor wrote:
On 02/12/05, PBR <[EMAIL PROTECTED]> wrote:
Trashscan, procmail.
A little too terse - how does trashscan use clamav (is it using clamd
or clamscan)?
clamscan
If clamd, have you left the defaults on in clamd.conf?
If clamav, what options is it passing?
Odhiambo Washington wrote:
* On 10/09/05 13:47 -0500, Pablo Chamorro C. wrote:
I managed to deploy squid + havp + clamav for antivirus control of web
pages/files, and for my surprise this morning I found:
10/09/2005 13:08:36
http://www.pandasoftware.com/activescan/as5free/motor.cab Virus:
Joanna Roman wrote:
ClamAV team, I wonder how your finance is going ? Are
you guys in the black or red right now ? I think you
are great guys. I just hate to see this great project
gets interrupted because of financial issue. John
If you're concerned, feel free to make a donation ;) and supp
Bart Silverstrim wrote:
It was. It was an insult. I think it is understandable given that to
me it was provoked, and not necessarily aimed personally at you but
instead to all on the list that were giving a virtual flick-off. As
an observer the response he got wasn't really well deserved
List wrote:
Have you restarted the clamd processes?
I had the machine rebooted after I upgraded clamav
Just updated 2 boxes w/ no problem on my end..
?? I'm assuming you remembered to run "make install" ??
___
http://lurker.clamav.net/list/clamav-users.
Bart Silverstrim wrote:
I was just wondering if anyone else had resources to try running the
scan via a bootable Linux CD (like the INSERT CD) and scan a Windows
system to see if they were getting oddball false hits.
I've got Knoppix lying around.
Either tonight or tomorrow morning I'll load it,
Bart Silverstrim wrote:
I had a number of hits showing up within the Windows/system directory.
Heh, didn't Norton detect windows as a virus at one time?
A subsequent scan with a standalone utility from an AV vendor showed
no sign of the viruses in that directory.
This doesn't necessarily mean an
Bart Silverstrim wrote:
Please no...please please no
___
http://lurker.clamav.net/list/clamav-users.html
LMAO!
That was exactly what I was thinking when I opened the question ;)
___
http://lurker.clamav.net/
[EMAIL PROTECTED] wrote:
um, reread what you just wrote. 'any item regardless of it's delivery
method that has the potential to do harm financially or otherwise'.
let's see, little old ladies emailing their bank account information
to MRS. MIRIAM SESE SEKO, LATE OF THE CHIEF PETROLEUM RESERVES
Julian Mehnle wrote:
I can't believe you still didn't get the point.
This is NOT about removing ClamAV's capacity for detecting phishing
attacks, little yellow rubber ducks in PNG images, or whatever else. This
is about making it _optional_, for those people who don't want certain
types of malware
Bart Silverstrim wrote:
Personally, my gripe is that the product is called ClamAV. If it's
expanding it's mission to protect people from everything called
"malware", I'd change the name to something that indicates it's a
malware detector and not a virus detector. Phishing scams are *not*
viru
hai
Does any one know how to filter mails using clamAV milter using with
sendmail
I don't want to use spamassassin it will only mark as junk I don't want to
send
it to users i want to move it to a perticular mail box
thanks
This is rather simple with spamassassin err I should say spamassassin
On Tue, 22 Feb 2005 09:38:20 -0600 (CST)
"Ken Jones" <[EMAIL PROTECTED]> wrote:
When I go to the address http://www.clamav.net/ the latest version is
still .82.
0.83 is listed under stable downloads, as it should be.
I may be wrong here, but I believe 0.83 was more or less just a bug fix,
Tomasz Papszun wrote:
http://www.clamav.net/faq.html#pagestart
Surprise, surprise ;-) .
LOL
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[EMAIL PROTECTED] wrote:
easier:
change the text from:
WARNING: Your ClamAV installation is OUTDATED - please update
immediately!
WARNING: Local version: 0.81 Recommended version: 0.82
to
WARNING: A new version of the ClamAV program is available! Your
version: 0.82
WARNING: New version available
Frank Elsner wrote:
On Tue, 15 Feb 2005 08:54:09 -0500 akshat wrote:
Why not possible, earlier it was updated
automatically. An entry is made in
crontab.
Don't mix up a) update of database
b) update of the software (binaries)
This appears to be a common misconception
You know, this gets old real quick!
Back when this debate first started (around November or so) I never
thought it would stop.
In November I decided to do 2 things 1 log what virus's were being
caught, where they were going, and what virus was detected.
Out of 446 detected viruses, 167 were phish
Is this a joke? "licensed under the GPL" & "not free for commercial
use".
As far as I can tell there is nothing wrong with this. In fact I've seen
this quite alot.
The GPL does not prevent anyone from making money.
___
http://lists.clamav.net/cgi-bi
Joe Maimon wrote:
I'm certainly *very* happy that ClamAV team have added more phishing
detections (thanks Trog et all).
Yes, you're correct it's social engineering but it doesn't stop
users clicking on the links
and downloading the keylogging trojan, from the remote site that the
phish email
Jo Mills wrote:
On Wed, Sep 01, 2004 at 02:20:37PM +0200, Maurizio Marini wrote:
as subscriber to Modssl-users, i'm receiving by yestarday many copies of an
email with subject: foto
coming from engelschall
i think some of them have received it , too
In my opinion the modssl users list has b
27 matches
Mail list logo
