Look up how to set up a local mirror.
Lyle Giese
On 6/11/25 10:58, Shulist, Victor (SSC/SPC) via clamav-users wrote:
Unclassified | Non classifié
Unclassified | Non classifié
Hello ClamAV support !
I was trying to download (using Edge browser) the *.cvd files from
your site. That failed
those TXT records(via DNS) appears to be failing.
Regards,
Lyle Giese
On 1/7/25 17:22, newcomer01 via clamav-users wrote:
funny, my stats looking little different, then yours
$ dig txt current.cvd.clamav.net
; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> txt
curr
I could be all wrong on this, but it looks to me like DNS issues.
I can ask for the TXT record for current.cvd.clamav.net and get a good
response. I suspect you can not query for the current version record for
some reason.
Lyle Giese
$dig txt current.cvd.clamav.net
; <<>>
Not sure where I need to report this. I am having legit email being
bounced using ClamAV by this:
Heuristics.Phishing.Email.SpoofedDomain(cd2d755959754996812d9dc9405de4be:121605)
This email is legit from Hilton Honors.
Thanks,
Lyle Giese
.
I will admit that compiling from source is not for everyone.
Lyle Giese
On 2/11/23 07:36, Mike Lieberman wrote:
It was suggested that:
"If FreshClam is failing and you're not sure why, you may run freshclam
-v for "Verbose Mode" to see the HTTP request & response detail
I would try the 'short' names of these directories.
dir /X c:\
And yes the /X is case sensitive. /X displays the short names.
Lyle Giese
On 1/28/23 08:58, clamav.mbou...@spamgourmet.com wrote:
If it's expecting a regex, perhaps try:
--exclude-dir="/mnt/c/Program Fil
r has abandoned updates to the
firmware in your NAS.
Lyle Giese
On 12/14/22 20:38, Armando P via clamav-users wrote:
I'm sorry, I'm not Knowledgeable enough to know what that means. I
just need to know where I can find the latest cvd file, so I can
update the anti-virus software. Unfo
I just reread my message. Reject is good behavior. Bouncing is not. At
least in my opinion. Replace reject below with bounce and you have my
correct opinion.
Sorry,
Lyle
On 2/8/22 9:49 AM, Lyle Giese via clamav-users wrote:
But the reject may NOT be going to the server/service that sent
nothing to do with the bad email
sent. This is quite common with any bad email.
Lyle Giese
On 2/8/22 3:50 AM, Marc wrote:
So please explain, why should I not do this, and why I should care about
a server that is delivering a spam message to mine?
You might not care about the server that sent a
FYI, I queried from two distinct locations and got the same IP address.
I then did a traceroute from each of those locations and it took
different but short routes into CloudFlare's network. I presume they
use anycast routing.(and I could be wrong).
Lyle Giese
LCR Computer Services
m uses the status output of ClamAV to make decisions on what to do
with the file/email passed to ClamAV.
This is the primary use of ClamAV on real world systems.
Lyle Giese
LCR Computer Services, Inc.
On 02/02/15 17:37, Jihyun-Chang wrote:
Hi Steven,
Thank you for your feedback.
I have only c
On 02/07/12 16:07, Ralf Hildebrandt wrote:
* Lyle Giese:
The format of local.ign is not very inituitive, IMHO.
It's local.ign2 according to the docs.
"Creating signatures for ClamAV"
http://www.clamav.net/doc/latest/signatures.pdf
3.8 Whitelist databases
To whitelist a spe
update that changes the line number
for that definition will also render the local.ign useless.
It does work and I have used it, but every time I need it, it takes me
more than one try to get it right. Especially since I only use it once
every 3 or 4 months at best and it's case sensi
This is a message I hand created with a valid link to a dropbox file.
I can post a copy of the orginal message if desired.
Thanks,
Lyle Giese
LCR Computer Services, Inc.
2011-07-07 19:47:38.00:Info:-373696176: msg: log_reason [4124389]
Dropped: 2607:fcb8:4480:2::1
1521
<4e1653aa.
is no newer bzip2 then 1.0.5 in my distro
> but anyway, configure should be able to tell Vulnerability within <
> infiniteness
>
>
> Thanks,
> Hajo
> ___
I am seeing the same hang here on openSuSE 10.2(x86-64). This system has
bzi
You proably won't find their code using ClamAV. More likely is that
they will inject code in an HREF or some java to download the malicious
content from a different site. My experience is that that they won't
inject code that will be detected by ClamAV, but will inject a pointer
to their code
da...@davidwbrown.name wrote:
> Hello, I have been running ClamAV (clamd) for some time. I decided to upgrade
> to 95.2. The configure, make, make install executed without incident. As a
> test I tried to execute freshclam and clamscan from the root command-line
> with the following error condit
ing clamAV. Phishing in
clamAV will cause more FPs, IMHO, than it's worth. I do have Phishing
turned off. But clamAV does find enough stuff that it's worth running
behind the Barracuda.
Plus if something bad happens to the Barracuda, I still have something
to scan for viruses
Matus UHLAR - fantomas wrote:
> Hello,
>
> On 10.03.09 21:35, Erik P. Olsen wrote:
>
> please set up your mailer to wrap lines below 80 characters per line. 721 to
> 76 is usually OK.
>
>
>> I am running fedora 10, thunderbird 2.0.0.9 and firefox 3.0.7 and I would
>> like to install clamav to ca
FYI
Just found this:
http://www.sanesecurity.com/
They have shutdown temporarily because of a DDoS problem.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Austin
Try unsubscribing as per the instructions in the header of this message.
Lyle
Austin Brown wrote:
> PLEASE REMOVE ME FROM THIS LIST
>
> THANKS
>
>
>> Date: Fri, 19 Sep 2008 17:28:07 -0700
>> From: [EMAIL PROTECTED]
>> To: clamav-users@lists.clamav.net
>> Subject: Re: [Clamav-users] Viru
ake any harm, especially on proxy)
>
> I can provide some examples if you need...
>
Instead of clamav, I would recommend squidGuard and some blacklist lists
there. It's more suited to this task than clamAV. ClamAV probably still
won't find the malicious javascript and squidGu
that freshclam is changing out the
clamav database at the same time clamd is trying to reload it and
causing clamd to crash?
I will monitor this closely and see if there is a correlation between
the two events going forward and report back on same.
Thanks,
Lyle Giese
LCR Computer Services, Inc
if you were scanning outgoing email, you can catch this before you
are blacklisted.
Scanning outgoing email is not just a simple matter of trusting your own
users. It's part of a good security plan and acknowledging that
something can happen and it makes sense to scan outgoing email to make
sure it's trusted just like you do to incoming email.
Lyle Giese
LCR Computer Services, Inc.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
Cort, Tom wrote:
> Hello,
>
> clamav comes with a sample virus (ClamAV-Test-File) for testing
> purposes. It's located in the clamav source tarball in the 'test'
> directory and named 'clam.exe'. I'd like to distribute it with a free
> software program I maintain, but I can't find the corresponding
[EMAIL PROTECTED] wrote:
> [EMAIL PROTECTED] wrote on 11/16/2007 02:52:34 PM:
>
>
>> [EMAIL PROTECTED] wrote:
>>
>>> Hello all.
>>>
>>> We've had some consultant make the spurious claim that Clam AV
>>>
>> only scans for 'windows viruses' and is really only useful for
>> 'scanning em
You also have to remember that if your internal dns server is listed in
resolv.cfg, it will be queried. And because it's local, your dns queries
will gravitate to them as it will probably give back answers faster than
the external servers.
Lyle
Sean McGlynn wrote:
> I lied.
>
> The DNS server ord
Sean McGlynn wrote:
> Hello,
>
> After changing our DNS services from Netware to OES Linux/BIND, freshclam
> stopped getting updates.
>
> When we run freshclam we get:
>
> WARNING: Can't query current.cvd.clamav.net and
> WARNING: Invalid DNS reply. Falling back to HTTP mode.
> Connecting via Ou
While this may not directly answer your question, I am running the
update script for the addons at 17 minutes past the hour. And run
freshclam at 21 minutes past the hour.(I don't update the addons every
hour...)
But I also see in /var/log/messages, clamd doing a selfcheck on the
databases every
Is nscd running on the same host that is running freshclam?
On the host running freshclam, what does your /etc/resolv.conf look like?
Lyle
[EMAIL PROTECTED] wrote:
> Hello,
>
> Today we upgraded our DNS server which is Debian Bind9 ver 1:9.3.4-2etch1.
> We also upgraded our ClamAV software to th
nd now I run two scripts alternately. One pointed
at http://mirrors.dotsrc.org/clamav-sig and the other script attempts to
connect to www.sanesecurity.co.uk
Lyle Giese
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
chael McCandless wrote:
> No, I did not enable-experimental when I compiled.
>
> -Original Message-
> From: Lyle Giese [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, July 10, 2007 9:42 PM
> To: ClamAV users ML
> Cc: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] scanPDF
When you compiled clamav, did you enable-experimental?
Lyle
Michael McCandless wrote:
> I am using Clamav (0.90.3), compiled from source, on Fedora Core 7. I have
> checked documentation, wiki, and mailing list archives.
>
> My clamd.conf file includes the following:
>
> # This option enables sc
I am amazed at the number of people here that apparently not using
SOMETHING to monitor clamd. Esp. when the developers include a nice
script to check and restart clamd.
I run three different mail servers and quickly found clamdmon and just a
bit of PERL programming created a means of being notif
In this case, was the file really infected or did Norton throw a false
positive?
At this point, we really don't know which product is producing an
error. How about downloading AVG and scanning this file again?( they
have free and trial versions)
Lyle
Jim Maul wrote:
Sean Pinegar wrote:
I
Odhiambo Washington wrote:
* On 11/08/06 08:18 -0500, Lyle Giese wrote:
| I recently installed a Squid proxy server for one of my customers. We
| would like to wedge in ClamAV for scanning and looking over the
| selections of open source software for this, I decided to try out
| SquicClamAV
I recently installed a Squid proxy server for one of my customers. We
would like to wedge in ClamAV for scanning and looking over the
selections of open source software for this, I decided to try out
SquicClamAV by Gilles Darold.(http://www.samse.fr/GPL/squidclamav/)
Unfortunately, it's doesn
37 matches
Mail list logo
