I've been experiencing the same thing throughout the day (from aws
us-east-1), seems to be intermittent, at least for me. My HIDS has been
going crazy :) Looks OK right now, only a couple failures
$> host db.us.clamav.net | awk '/address/ { print $NF }' | xargs -L1 ping
-c 1
PING 155.98.64.87 (1
Just a user or not Al, thanks for the quick update!! Also thank you to the
folks that looked into this. I just rescanned everything i posted after
running freshclam and it checks out.
Thanks for the efforts!
On Wed, Nov 30, 2016 at 5:44 PM, Al Varnell wrote:
> And the signature appears to have
Thanks Joel and Al, hopefully my hashes, files and virustotal urls are
helpful.
Jeff
On Wed, Nov 30, 2016 at 10:21 AM, Joel Esler (jesler)
wrote:
> Gene,
>
> Al was simply asking, as he knows we may ask, and it helps us identify the
> file faster. Otherwise we have to search through and look f
I did, multiple. I submitted them again, plus new ones i have found since
i first submitted
sha256 - short file name - virus total url
52457b84faac951b961273cba7fe5f462e9edef14aee394f49981770eb75337e
DCBPOS.pdf
https://www.virustotal.com/en/file/52457b84faac951b961273cba7fe5f462e9edef14aee394f49
ut knowing, have have a site user
download an infected file.
Thanks, happy to do anything i can.
Jeff
On Wed, Nov 23, 2016 at 12:11 PM, Jeff Dyke wrote:
> I also submitted an FP a few days ago. I'm not as much of a fan of
> whitelisting what could be a fairly serious exploit that i&#
I also submitted an FP a few days ago. I'm not as much of a fan of
whitelisting what could be a fairly serious exploit that i'd be allowing
people to download if it were valid. Hopefully it will be fixed up soon.
The documents i found it in are public, so if there is way to expedite the
process,
Thanks again i have done that now
On Mon, Nov 21, 2016 at 8:05 PM, Jeff Dyke wrote:
> I'm not sure that it is. But i can submit it, b/c i'm not sure that it is.
>
> Thanks
> Jeff
>
> On Mon, Nov 21, 2016 at 4:25 PM, Al Varnell wrote:
>
>> Suspected F
> On Mon, Nov 21, 2016 at 08:31 AM, Jeff Dyke wrote:
> >
> > CVE_2016_1091-2 was found during a routine scan on my site after a user
> > uploaded it. I tried an online virus scan site
> https://www.virustotal.com/,
> > which i don't know much about only that it was t
CVE_2016_1091-2 was found during a routine scan on my site after a user
uploaded it. I tried an online virus scan site https://www.virustotal.com/,
which i don't know much about only that it was the #1 hit in google for
"online virus scan". After uploading the file to that site, the only
scanner
-clamav-to-listen-on-tcp-3310?newreg=0a11acb857d341e7b3b4a44aed83553e
https://answers.launchpad.net/ubuntu/+source/clamav/+question/357500
On Mon, Aug 29, 2016 at 10:01 AM, Jeff Dyke wrote:
> thats what i assumed/knew just checking. It may be something odd with
> this particular lxc con
.
On Mon, Aug 29, 2016 at 9:51 AM, Reindl Harald
wrote:
>
>
> Am 29.08.2016 um 15:34 schrieb Jeff Dyke:
>
>> our config locations for the .service files are in slightly different
>> areas, so do you mind saying what distro you're running
>>
>
> Fedora b
.08.2016 um 18:30 schrieb G.W. Haywood:
>
>> Hi there,
>>
>> On Sat, 27 Aug 2016, Jeff Dyke wrote:
>>
>> ... if i start clamd with
>>> sudo -u clamav /usr/sbin/clamd --config-file=/etc/clamav/clamd.conf
>>> it *will* bind to that address and por
oss
servers via HAProxy, which works great when they are properly started.
I'll try your suggestions and report back, i've been gone all weekend, so
sorry for the delay and thanks for you response.
On Sat, Aug 27, 2016 at 12:30 PM, G.W. Haywood
wrote:
> Hi there,
>
> On
i have the following in my config
TCPSocket 3310
and if i start clamd with
sudo -u clamav /usr/sbin/clamd --config-file=/etc/clamav/clamd.conf
it *will* bind to that address and port.
The following lines are in the log through a direct start:
Fri Aug 26 17:09:53 2016 -> TCP: Bound to [0.0.0.0]:33
14 matches
Mail list logo
