releases the whole set to the cluster, but
I can't do it until I get that binaries.
--
Regards,
Julio Canto | VirusTotal.com | Hispasec Sistemas Lab | Tlf: +34.902.161.025
| Fax: +34.952.028.694 | PGP Key ID: EF618D2B | jca...@hispasec.com
__
Sarocet escribió:
> Julio Canto wrote:
>> Paul Whelan escribió:
>>
>>> must be the clamwin version then <http://www.clamwin.com/> which is a
>>> strange 'official
>>> channel'.
>>>
>> Hi again,
>> You&
Paul Whelan escribió:
> On 17 Mar 2009 at 13:28, Julio Canto wrote:
>
>> Steve Basford escribió:
>>>> Any particular reason why they are using 0.94.1 (and it appears with
>>>> the most non aggressive settings)? You are not showing off your best
>>&g
emember.
>
> Having said that... 0.94.2 is available for windows:
Hi there,
We use the versions that we're provided with via official channels.
--
Regards,
Julio Canto | VirusTotal.com | Hispasec Sistemas Lab | Tlf: +34.902.161.025
| Fax: +34.952.028.694 | P
at you'd like us to put on that channel.
Cool :)
--
Regards,
Julio Canto | VirusTotal.com | Hispasec Sistemas Lab | Tlf: +34.902.161.025
| Fax: +34.952.028.694 | PGP Key ID: EF618D2B | [EMAIL PROTECTED]
___
Help us build a comprehensive ClamAV guid
ermediate point is
filtering your messages.
--
Regards,
Julio Canto | VirusTotal.com | Hispasec Sistemas Lab | Tlf: +34.902.161.025
| Fax: +34.952.028.694 | PGP Key ID: EF618D2B | [EMAIL PROTECTED]
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
us email was 116KB (it
> contained Worm.Bagle.pwd-eml).
It is an interesting matter anyway :) I'll see if I can get some
statistics about it.
--
Regards,
Julio Canto | VirusTotal.com | Hispasec Sistemas Lab | Tlf: +34.902.161.025 |
Fax: +34.952.028.694 | PGP Key I
Per Jessen wrote:
> Virus-scanning anything bigger than 1-2Mb makes little sense. ANything
> as big as 20Mb, I would just skip without further consideration.
>
Nowadays it is not unusual to find malware samples exceeding that 2MB
size limit.
--
Regards,
Julio Canto | Virus
Julio Canto wrote:
mr.dan.watson wrote:
Hello
There seems to be a problem with virustotal.com clamav scan engine.
The engine we're using now is very old. The versions that
theoretically could fix that problem doesn't fit well in the
VirusTotal framework (for instance, it need
f we don't find something
suitable in the next weeks, we'll disable that engine of the service.
--
Regards,
Julio Canto | VirusTotal.com | Hispasec Sistemas Lab | Tlf: +34.902.161.025 | Fax: +34.952.028.694 | PGP Key ID: EF618D2B | [EMAIL PROTECTED]
___
t is, not needing to be installed in a fixed location and so on).
The version we're using now is extremelly old, and I guess that if the
matter continues this way, we'll stop using that engine.
--
Regards,
Julio Canto | VirusTotal.com | Hispasec Sistemas Lab | Tlf: +34.902.161.025 |
F
oday.
What is being done to get signatures out more quickly, if anything? Or
can anything be done?
I'm monitoring 19 antivirus solutions in the company I work for, and I
can tell you Clam is usually one of the fastest on new malware detection.
--
Regards,
Julio Canto
Hispasec
Hello,
I'm seeing from yesterday that the windows version (devel-20041205) of
the clam scanner doesn't like very much the last daily.cvd file. I don't
read any report, I just see it not responding :? Any clue about this?
--
Regards,
Julio Canto
Hispasec Sistemas
http://www.his
Sorry to ask this again, but, what's the email adress to send samples to
the Clam team?
I've tried to contact a couple of members some weeks ago for sending
them new ones, but I was unsuccessful.
--
Regards,
Julio Canto
Hispasec Sistemas
http://www.hispasec.com
(+34) 902 161 0
am -v) but ClamAV still
doesn't detect it :-S
Thank you very much for your help :-)
Regards,
Alvaro Uría.
From VirusTotal (the file you said):
ClamWin devel-20041018/20041124 found [Worm.Sober.I]
--
Regards,
Julio Canto
Hispasec Sistemas
http://www.hispasec.com
(+34) 902 161 025
Parque
d to send a sample by email, wich address should I sent it to?
Greetings.
--
Regards,
Julio Canto
Hispasec Sistemas
http://www.hispasec.com
(+34) 902 161 025
Parque Tecnologico de Andalucia
Avda Juan Lopez Peñalver, 21
Málaga, España
___
http://lis
sam wun wrote:
Hi, how do you make ClamAV update virus database as soon as possible
when the signature becomes ready?
Sam.
Polling frequently the online versions. This subject were allready
discussed in the list some months ago.
--
Regards,
Julio Canto
Hispasec Sistemas
http
multiengine file scanner) we've seen that ClamAV
is usually in the top 3 of updating their databases for virus outbreaks,
usually with hours of difference against other commercial products.
--
Regards,
Julio Canto
Hispasec Sistemas
http://www.hispasec.com
(+34) 902 161 025
Parque Tecnologi
seen that problem of not detecting different 'mutations' of the MS04-028
vulnerability with other AV products, not only with the version of Clam
we're using on VirusTotal (in my humble opinion I think it is basically
a matter of how signature files are made).
--
Regards,
J
that is why we
used ClamWin.
--
Regards,
Julio Canto
Hispasec Sistemas
http://www.hispasec.com
(+34) 902 161 025
Parque Tecnologico de Andalucia
Avda Juan Lopez Peñalver, 21
Málaga, España
___
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
[EMAIL PROTECTED] wrote:
Hi.
Does anyone know a good description of the behavior of Worm.Somefool.Gen-3 ?
How do others AV call this worm?
thanks
--eduardoh
You can take a look on AVGrep, or if you have a sample, you can send it
to www.virustotal.com for seeing different names on scan.
Re
Lucca already annouced dropped support for old-style viruses.db* (used
by clamav <= 0.60).
Newer versions (with *.cvd) don't need the /database directory,
since *.cvd is located on root dir.
As such, the /database was removed from all mirrors.
Regards,
Fajar
Forget my last question :)
Thanks!
J
Hi there,
Formerly, one could consult one of the mirrors with an URL like this,
and you could see the signature files:
http://clamav.crysys.hu/database/
Now it gives a 'not found' message... what's up with it, did it changed
the policy?
Greetings,
JC
al
AVs if it would be neccesary to pay for that kind of checks?
Greetings,
Julio Canto
---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only $33
Save 50% off Ret
viruses (in the field of the ones who doesn't have heuristic
features).
Of course I'm open to any suggestion of how to keep that signatures
fully updated using as less resources as neccesary, and trying to
understand this AV as good as I can is the reason why I joined and
follow
mirror.
Yes, I got it now... I didn't really thought the Clam park of users were
so big. Thank you for the explanation (looks like sometines it is
difficult to find a normal one without being called stupid or something).
Greetings,
Julio
er the world? Excuse me if
you don't mean that, English is not my native tongue.
Greetings,
Julio Canto
---
SF.Net email is sponsored by Shop4tech.com-Lowest price on Blank Media
100pk Sonic DVD-R 4x for only $29 -100pk Sonic DVD+R for only
ing to 'touch' the files themselves.
Probably it ain't the most elegant way to do so, but I bet it is has a
quite low comsumption rate of resources of Clam av servers online :)
Greetings,
Julio Canto
Hispasec Sistemas
---
SF.Ne
indow', every 10 minutes is
a good time. It takes a little resources to check for new signatures
(basically a GET to an HTTP site should not make croack one of the
mirrors)... Anyway, I'm not using freshclam but a python script.
Greetings,
Julio Canto
Hi
There's exception to that rule like datum - data, man - men, mouse -
mice. Greetings,
JC
Why you tend to complicate things? Isn't it just 'viruses'?
Regards,
Andrzej Kukula
I'm not trying to complicate anything. I just say that there's
exceptions in the English rule you said. I've see
> Neither Miriam-Webster nor Cambridge list plural form of 'virus'. But
> there's simple rule to make plurals in English: append 's' to a noun,
and if
> the noun ends in 's', then append 'es'. Or I'm missing something.
There's exception to that rule like datum - data, man - men, mouse - mice.
Gre
Hi there,
I'm using ClamWin devel-20040517 and I would like to know if there's a
way to keep that executable updated in an appropiate manner (an URL to
download more recent versions, etc).
Thank you in advance,
JC
---
This SF.Net email spons
Michael D. Crawford wrote:
Recall that I was asking the list recently how to deal
with getting 400 MB a day of the zafi.b virus in my
mailbox. I can filter out my mailbox with a procmail
script, followed by using clamscan and procmail, but
my hosting service isn't yet able to do it for me.
It turn
33 matches
Mail list logo