Hi Thanks.
I am using Fedora (red hat) Linux. What should I do
then ?
--- Anton Yuzhaninov <[EMAIL PROTECTED]> wrote:
> Hello, Joanna!
> You wrote on Fri, 26 May 2006 12:39:39 -0700 (PDT):
>
> JR> However, if I first su to clamav and then
> start clamd and then do
> JR> "kill -11 ", a cored
If I started clamd as root and then did "kill -11 ", I did not
see any coredump file is generated.
However, if I first su to clamav and then start clamd and then do "kill -11
", a coredump file is generated.
Can anyone explain to me the reason ???
-
Do ClamAV VDBs have spyware signatures ??
-
Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates.
___
http://lurker.clamav.net/list/clamav-users.html
--- "Christopher X. Candreva" <[EMAIL PROTECTED]>
wrote:
> On Sat, 18 Mar 2006, des wrote:
>
> > "Your disk is slow" or "don't scan large files" is
> a common response.
>
> Well, I'm using ramdisk for temp so I don't think
> that's it.
>
> > If you can provide a sample file to Trog to help
>
Has clamav.net been shutdown ???
__
Yahoo! for Good - Make a difference this year.
http://brand.yahoo.com/cybergivingweek2005/
___
http://lurker.clamav.net/list/clamav-users.html
No one has answered this Q so far. Just I am posting
it again.
I am using an improved version of SCAVR (Squid ClamAV
Redirector) that will scan each and every url.
However, I dont see any spywares getting caught. I did
check that the SCAVR is working properly by attempting
to download a virus webm
I am using an improved version of SCAVR (Squid ClamAV
Redirector) that will scan each and every url.
However, I dont see any spywares getting caught. I did
check that the SCAVR is working properly by attempting
to download a virus webmail and the webmail was
blocked. So my question is how good is C
--- [EMAIL PROTECTED] wrote:
> Joanna Roman wrote:
> > What is the time zone of the timestamps in
> main.cvd
> > and daily.cvd ?
>
> I believe timestamps are stored internally in
> seconds-since-the-epoch. So whatever your ls -l
> command says in your time z
What is the time zone of the timestamps in main.cvd
and daily.cvd ?
__
Start your day with Yahoo! - Make it your home page!
http://www.yahoo.com/r/hs
___
http://lurker.clamav.net/list/clamav-users.html
Hi, How does clamd know whether someone is using the
signature tree when it reloads (after it frees) the
signature tree ? How is this race-condition handled in
the code. I don't see that this condition is ever
checked in the code.
Let's say the clamd is configured with self-checking.
Thanks,
Joh
--- "Christopher X. Candreva" <[EMAIL PROTECTED]>
wrote:
> On Mon, 12 Sep 2005, Stephen J. Smoogen wrote:
>
> > I am currently looking at doing the same thing. I
> have a set of boxes
> > that I am planning to 'infect' with spyware and
> then start making
> > signatures for them. It is a rather
--- Tomasz Papszun <[EMAIL PROTECTED]>
wrote:
> On Mon, 12 Sep 2005 at 11:04:11 -0400, Wilbur Sims
> wrote:
> > Recently been collecting a lot of various malware
> through the use of a
> > couple of new honeypots.
>
> Good idea.
>
Hi Wilbur Sims, Can you share with us how you collect
those
--- Thomas Hruska <[EMAIL PROTECTED]> wrote:
> Dennis Peterson wrote:
> > Meanwhile, why don't you create signatures for
> known spyware and place
> > them in your configuration? ClamAV allows this,
> you know. If you get good
> > at it you can share them.
> >
> > dp
>
> Actually I didn't know
Clamav.net down again ?
Start your day with Yahoo! - make it your home page
http://www.yahoo.com/r/hs
___
http://lurker.clamav.net/list/clamav-users.html
The latest clamav database is of ver 1011. I thought this one almost got
updated daily.
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
___
http://
ClamAV team, I wonder how your finance is going ? Are
you guys in the black or red right now ? I think you
are great guys. I just hate to see this great project
gets interrupted because of financial issue. John
__
Do You Yahoo!?
Tired of spam? Yahoo
--- Matt Fretwell <[EMAIL PROTECTED]> wrote:
> Joanna Roman wrote:
>
> > IS anyone using clamav to scan adware ? If so,
> have you been successful
> > ? Does your clamav scanner listen on port 80 only
> ? Or it also listens
> > on port 21 ?
>
>
IS anyone using clamav to scan adware ? If so, have you been successful ? Does
your clamav scanner listen on port 80 only ? Or it also listens on port 21 ?
-
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
_
Can you tell me under what circustances those files
were detected ? Is it via mail scanner scanning or web
scanning ? And what .cab file is it ?
--- "Securiteinfo.com" <[EMAIL PROTECTED]>
wrote:
> Le vendredi 17 Juin 2005 18:40, Joanna Roman a
> écrit :
> > I have
Can you send me the files that you submitted because
my clamav filter has failed to catch any
spyware/adware so far. I found that clamav is very
good at stoping mail born viruses but not sure about
its capability of stopping spywares.
Can clamav scan dll type files ? I dont see the clamav
website mention that clamav can scan dll type files.
http://www.clamav.net/abstract.html#pagestart
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
Does clamav consider adware and spyware the same thing ?
Yahoo! Sports
Rekindle the Rivalries. Sign up for Fantasy Football
http://football.fantasysports.yahoo.com
___
http://lurke
I have several questions:
1. Have anybody succesfully filtered spywares/adwares
using clamav ?
Adware.BBuddy-1 (Clam)
main.cvd Adware.BBuddy-3 (Clam)
main.cvd Adware.BBuddy-4 (Clam)
main.cvd Adware.BBuddy-2
When someone submit a virus sample (in the format of email, exe file, *.hml
file), what criteria does ClamAV team use to classify the virus sample as Worm
or Trojan ?
-
Discover Yahoo!
Use Yahoo! to plan a weekend, have fun online & more. Check i
--- Odhiambo Washington <[EMAIL PROTECTED]> wrote:
> * Joanna Roman <[EMAIL PROTECTED]> [20050609
> 09:34]: wrote:
> >
> > Can the current ClamAV scan .eml and .nws file
> types ?
> >
> > http://www.malware.com/index2.html
>
> 5 years down
Can the current ClamAV scan .eml and .nws file types ?
http://www.malware.com/index2.html
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
___
http
--- Michel Arboi <[EMAIL PROTECTED]> wrote:
> http://passoire.hd.free.fr/malware/
>
> All those malwares are not detected by ClamAV.
> They were automatically fetched by TFTP from
> infected machines when
> they tried to attack my IP.
Hi Michel, How do those machines got infected in the
firs
--- "Securiteinfo.com" <[EMAIL PROTECTED]>
wrote:
> Le dimanche 5 Juin 2005 22:15, Joanna Roman a
> écrit :
> > --- Niek <[EMAIL PROTECTED]> wrote:
> > > On 6/5/2005 5:22 AM +0200, Joanna Roman wrote:
> > > > I am just wondering how feasi
--- Damian Menscher <[EMAIL PROTECTED]> wrote:
> On Sun, 5 Jun 2005, Joanna Roman wrote:
> > --- Niek <[EMAIL PROTECTED]> wrote:
> >> On 6/5/2005 5:22 AM +0200, Joanna Roman wrote:
> >>> I am just wondering how feasible it is to do AV
> hw acceler
--- Niek <[EMAIL PROTECTED]> wrote:
> On 6/5/2005 5:22 AM +0200, Joanna Roman wrote:
> > I am just wondering how feasible it is to do AV hw
> > acceleration in general. Besides using faster CPU
> and
> > faster memory, ASIC can't really help. Can anybody
&
I am just wondering how feasible it is to do AV hw
acceleration in general. Besides using faster CPU and
faster memory, ASIC can't really help. Can anybody
shed some light ? I just want to have some
intellectual discussion.
__
Do You Yahoo!?
Tired o
In terms of percentage and absolute size, how fast are
both databases growing monthly ? Anybody have any idea ?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--- Brian Morrison <[EMAIL PROTECTED]> wrote:
> On Wed, 1 Jun 2005 09:16:06 -0700 (PDT) in
> [EMAIL PROTECTED]
> Joanna Roman
> <[EMAIL PROTECTED]> wrote:
>
> > I am using 0.83. If I do not upgrade, will clamd
> > eventually refuse to reload main.cvd
I am using 0.83. If I do not upgrade, will clamd
eventually refuse to reload main.cvd and daily.cvd ? I
already noticed that the new sigtool refuses to list
sigs if I used it on older versions of virus databases.
__
Do You Yahoo!?
Tired of spam? Yah
If I ran clamav on multi processor box, will the
scanning thread be distributed among multiple
processors ? Or this is pthread specific ? Have anyone
try this yet ?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
ht
How are virues like IRC.LXD.A, IRC.Gadez.A encountered
? When a user submit a virus, how do clamav team know
that they are of IRC types ??? Just curious .
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.
Link:
http://clamav-du.securesites.net/cgi-bin/clamgrok?virus=Trojan.Lowzone-37&search-type=contains&case-sensitivity=No&database=daily&database=main&display=database&display=virus&.submit=&.cgifields=database&.cgifields=case-sensitivity&.cgifields=search-type&.cgifields=display
Try searching Troj
Hi I am adding some kind of web scanning code into a
http proxy. Somewhere in the code where the proxy is
ready to send the HTTP GET request to the server, I
added some code to first download the URL and scan it
before letting the proxy to send the GET request out.
I was using something like system
--- Christoph Cordes <[EMAIL PROTECTED]> wrote:
> Joanna Roman wrote:
> > Can anybody tell me how downloader viruses are
> > encountered ? Is it via http browsing and adware
> ??
> >
>
> Not only - sometimes they are spammed through mail
> or distributed
--- Tomasz Kojm <[EMAIL PROTECTED]> wrote:
> On Wed, 27 Apr 2005 18:11:17 -0700 (PDT)
> Joanna Roman <[EMAIL PROTECTED]> wrote:
>
> > Can anybody tell me how downloader viruses are
> > encountered ? Is it via http browsing and adware
> ??
>
> via
Can anybody tell me how downloader viruses are
encountered ? Is it via http browsing and adware ??
Trojan.Downloader.Agent-117
Trojan.Downloader.Agent-118
Trojan.Downloader.Agent-119
Trojan.Downloader.Agent-120
__
Do You Yahoo!?
Tired of spam? Yaho
Hi, I am thinking of building/looking for some kind of
utility that can let me remotely control clamav tools.
(The utility is not restricted to control only clamav
but can be used to control other tools remotely in a
similar manner.) Basically the utility will be running
on the same machine as the
If freshdb overwrite the virus databases when clamd
was in the middle of reloading them, clamd might end
up having loaded corrupted databases. Does everyone
agree that such a window exists ?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the bes
What is the total memory consumption of mail.cvd and
daily.cvd after they are loaded into the memory ?
__
Do you Yahoo!?
Plan great trips with Yahoo! Travel: Now over 17,000 guides!
http://travel.yahoo.com/p-travelguide
__
Hi, There is a http scanner for clamav called SCAVR,
which uses python's urllib. Do anyone know whether
there is a urllib equivalent for C ?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
__
Can phishing be considered one kind of spam ?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
___
http://lurker.clamav.net/list/clamav-users.html
Hi Does anybody know of any nice http redirector/proxy
other than SCAVR (SquidClamAV Redirector). SCAVR has
to work with squid, which is too clumsy too me. I only
need the redirector functionality that can work with
clamav scanner. Thanks.
__
Do
ClamAV Team:
Have you already thought about adding heuristic based
scanning ability to the existing code ? John
__
Do you Yahoo!?
Yahoo! Personals - Better first dates. More second dates.
http://personals.yahoo.com
_
--- Tomasz Kojm <[EMAIL PROTECTED]> wrote:
> On Wed, 6 Apr 2005 05:14:36 -0700 (PDT)
> Joanna Roman <[EMAIL PROTECTED]> wrote:
>
> > My question is can you just run sigtool over the
> whole
> > file and use the md5 result as the virus signature
> ?
>
--- Thomas Lamy <[EMAIL PROTECTED]> wrote:
> Guillaume Arcas wrote:
> > Damian Menscher a écrit :
> >
> >
> >>http://www.clamav.net/doc/0.75/signatures.pdf
> >>
> >>They removed the functionality in 0.80 and above,
> but that's because
> >>it's simplest for users to create md5 signatures
> of un
--- Trog <[EMAIL PROTECTED]> wrote:
> On Tue, 2005-04-05 at 21:02 -0700, Joanna Roman
> wrote:
>
> > If I gave you a .exe file that has virus, how do
> you
> > extract the virus signature from the .exe file ? I
> > dont think I know how to do it ?
>
>
Hi What would happen if the clamd is notified by
freshdb to reload the db when the clamd is in the
middle of scanning something. I have not read that
part of the code yet. But if you know the answer on
top of your head, pls inform me.
__
Do you
--- "Robert G. Werner" <[EMAIL PROTECTED]> wrote:
> Joanna Roman wrote:
> > At least we still don't know how virus signatures
> and
> > patterns are created ? Will that ever be disclosed
> ?
> >
> >
> >
> > ___
At least we still don't know how virus signatures and
patterns are created ? Will that ever be disclosed ?
__
Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail
_
What if it got bought up by some company one day ?
__
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced search.
http://info.mail.yahoo.com/mail_250
___
http://lurker.clamav.net/list/cla
--- Tomasz Papszun <[EMAIL PROTECTED]>
wrote:
> On Fri, 01 Apr 2005 at 9:32:36 -0800, Joanna Roman
> wrote:
> > > > > Le vendredi 1 Avril 2005 00:50, Joanna Roman
> a crit :
> > > > > > I noticed that a lot of virus sigs are not
> availabl
--- Maurice Lucas <[EMAIL PROTECTED]> wrote:
> On Thu, 2005-03-31 at 19:22 -0800, Joanna Roman
> wrote:
> > --- "Securiteinfo.com"
> <[EMAIL PROTECTED]>
> > wrote:
> > > Hello,
> > >
> > > Le vendredi 1 Avril 2005 00:50, Joan
I cannot seem to be able to lookup a lot of signatures
from this link
http://clamav-du.securesites.net/cgi-bin/clamgrok
HTML.Phishing.Bank-157
HTML.Phishing.Bank-159
l
are two to start with ... !
--- Trog <[EMAIL PROTECTED]> wrote:
> ClamAV databases updated (2005.04.01 10:49 +):
> daily.cvd
--- "Securiteinfo.com" <[EMAIL PROTECTED]>
wrote:
> Hello,
>
> Le vendredi 1 Avril 2005 00:50, Joanna Roman a
> écrit :
> > I noticed that a lot of virus sigs are not
> available
> > in the virus database. For example, I tried to
> search
I noticed that a lot of virus sigs are not available
in the virus database. For example, I tried to search
in the virus database
(http://clamav-du.securesites.net/cgi-bin/clamgrok)
for HTML.Phishing.Bank-156, which is in the latest
updates
(http://lurker.clamav.net/message/20050331.095845.0b407689.
Hi, Let me know what you think.
I downloaded clamav (0.92) and installed it. When I
clamscan clamav-0.82.tar.gz, clamscan says the archive
is OK. However, when I clamscan clamav-0.82/test,
clamscan says "ClamAV-Test-File" found. So why cant
clamscan detect "ClamAV-Test-File" "virus" in
clamav-0.8
What are MaxConnectionQueueLength and MaxThreads for ?
I think that you can only run one clamd instance on
one machine. Anymore more instaces will automatically
exist due to not being able to bind to the same socket
(either /tmp/clamd or TCP socket 3310.
On my machine, I set both to be 2.
Then I
--- Jerome Limozin <[EMAIL PROTECTED]> wrote:
> Sorry, excuse the total newby I am if this is a well
> know issue, but I
> browsed the mailing-list archives and FAQ and
> couldn't find an answer.
>
> Just installed clamav 0.82. ran freshclam OK, ran
> tests against test
> files - it worked fin
Do I have to restart clamd everytime I runs frecshlam
to have the clamd load up the updated db ?
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
___
--- Joanna Roman <[EMAIL PROTECTED]> wrote:
>
> I first clamscaned the downloaded clamav-0.82.tar.gz
> but it does not detect any virus. Then I gunzipped
> it,
> untarred it, tarred and gzipped it, and then
> clamscaned it again. This time, it detect
> ClamAV-Test-
Jerome, I ran into a similar problem before. If you
attached the encoded file with the right extension,
clamscan would understand it. Otherwise, clamscan just
thinks it is a text file!
--- Jerome Limozin <[EMAIL PROTECTED]> wrote:
> Sorry, excuse the total newby I am if this is a well
> know is
I first clamscaned the downloaded clamav-0.82.tar.gz
but it does not detect any virus. Then I gunzipped it,
untarred it, tarred and gzipped it, and then
clamscaned it again. This time, it detect
ClamAV-Test-File. If you take a look at the "Data
scanned:", you will see the first time is 23.77MB and
If so you, have you encountered the following errors
?/
Feb 11 14:50:37 localhost SquidClamAV: Unable to get
Size from Url
http://home.netscape.com/bookmark/7_2/home.html:
[Errno socket error] timed out
Feb 11 14:50:37 localhost SquidClamAV: Ignored Request
http://home.netscape.com/bookmark/7_2/ho
What is the average virus signature length these days ?
__
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
http://promotions.yahoo.com/new_mail
___
http://lists.clamav.net/cgi-
I dont get it. If it can scan test.tar.gz, then why it
cant scan clamav-0.82.tar.gz, which contains test
directory, which contains clam.exe.bz2 ? Since both
are gz archives!? So what is the problem ?
--- Tomasz Kojm <[EMAIL PROTECTED]> wrote:
> On Wed, 9 Feb 2005 18:03:30 -0800 (PST)
If you tgz test dir to be test.tar.gz, the clamscan can detect it.
But clamscan cannot detect it in clamav-0.82.tar.gz
I just want to know the reason (e.g. max number of files reached ? max archive level reached ?). Anybody knows the answer ??? René Berber <[EMAIL PROTECTED]> wrote:
Joanna
I downloaded clamav (0.92) and installed it. When I
clamscan clamav-0.82.tar.gz, clamscan says the archive
is OK. However, when I clamscan clamav-0.82/test,
clamscan says "ClamAV-Test-File" found. So why cant
clamscan detect "ClamAV-Test-File" "virus" in
clamav-0.82.tar.gz in the first place ??
A
72 matches
Mail list logo
