t; wrote:
> > Read this online at:
> > https://blog.clamav.net/2023/10/clamav-121-113-104-010311-patch.html
> > <https://blog.clamav.net/2023/10/clamav-121-113-104-010311-patch.html>
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.
g:1677101601
0110 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
0120 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20
I think that main.cvd contains the basic stuff and definitions up and
until 16 Sep 2021. bytecode.cvd contains the current database
definitions which were impleme
003916-0 get thrown out, or does it get updated to
Kaiji-10003917-0 ?
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.org st...@stokkie.net
___
Manage your clamav-users mailing list subscription / unsubscrib
ClamAV 0.103.7/26654/Sat Sep 10 09:55:46 2022
[hubble:stock]:(/var/lib/clamav)$
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.org st...@stokkie.net
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://l
(version: 26615, sigs: 1992518, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90,
builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63,
builder: awillia2)
Clamd successfully notified about the update.
---
628
[hubble:root]:(~)# clamdscan -V
ClamAV 0.103.4/26363/Wed Nov 24 10:19:30 2021
[hubble:root]:(~)#
[hubble:root]:(~)# cd /var/lib/clamav/
[hubble:root]:(/var/lib/clamav)# ll
total 222144
-rw-r--r-- 1 clamav clamav293670 Nov 25 04:58 bytecode.cvd
-rw-r--r-- 1 clamav clamav 56687807 Nov 25 04:58
ything can happen. Perl is a perfect tool for administering
complicated tasks, but when you allow it to get invoked for a unknown
number of times as part of a heavy duty service, the end result is
unclear.
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.org
the squid server and tried to
download the txt file again i got the squid virus page
i did have to update my clamav service via yum as when i run "freshclam" it
errored saying running an old version but once i updated all was good
On Wed, 29 Sept 2021 at 18:51, robert k Wild wrote:
&g
allow all
thanks,
rob
--
Regards,
Robert K Wild.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
>
>
> On Thu, 15 Jul 2021, Robert Kudyba wrote:
>
Here we are Aug 24
> >> ... do you have that log?
> >
> > Uploaded at ...
>
> Nothing remarkable there. Presumably you're aware of this warning
> in that log?
>
See https://storm.cis.fordham.
dee6.0 -> 062cdee6.pem
> -rw-r--r-- 1 root root 4531 Apr 10 12:48 062cdee6.pem
> lrwxrwxrwx 1 root root 12 Apr 10 12:49 064e0aa9.0 -> 064e0aa9.pem
>
I'd like to point to the following thread :
Thread: ubuntu 18.04 LTS cannot verify SSL certificate
https://ubuntuforums.org/showthread.p
> > here are the logs from 10:01 AM Jul 13:
> > Jul 13 10:01:02 storm freshclam[3930506]: Database test passed.
> > Jul 13 10:01:02 storm freshclam[3930506]: daily.cld updated (version:
> 26230, sigs: 3995778, f-level: 63, builder: raynman)
> > Jul 13 10:01:02 storm freshclam[3930506]: daily.cld up
72MiB
Received an older daily CVD than was advertised. We'll retry so the incremental
update will ensure we're up-to-date.
daily database available for update (local version: 26231, remote version:
26233)
Current database is 2 versions behind.
Down
backend for clamav
still has some work todo
>
> ___
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive Cla
> -rw-r--r-- 1 clamav clamav 1438720 Mar 17 10:47 bytecode.cld
> -rw-r--r-- 1 clamav clamav293670 Apr 8 06:32 bytecode.cvd
> -rw-r--r-- 1 clamav clamav 327757824 Jul 12 09:59 daily.cld
> -rw-r--r-- 1 clamav clamav 117859675 Nov 25 2019 main.cvd
>
> and a bunch of others which we're not conc
MDEND ([ -x
/usr/local/sbin/clamav-unofficial-sigs.sh ] && /usr/bin/bash
/usr/local/sbin/clamav-unofficial-sigs.sh)
On Mon, Jul 12, 2021 at 12:31 PM Robert Kudyba wrote:
>
>>
>> > grep clam /etc/passwd
>> > clamilt:x:989:985:Clamav Milter
>> User:/var/r
>
>
>
> > grep clam /etc/passwd
> > clamilt:x:989:985:Clamav Milter User:/var/run/clamav-milter:/sbin/nologin
> > clamav:x:985:981::/var/run/clamav:/sbin/nologin
> > clamupdate:x:983:979:Clamav database update
> user:/var/lib/clamav:/sbin/nologin
> > clamscan:x:982:978:Clamav scanner user:/:/sbin/n
>
> I asked about the permissions on the directories, not on files. In
> your 'find' command there you specifically limit the search to files
> and not directories with "-type f". See 'man find' for more (but IMO
> 'find' is a bit like a cornered rat and I'm starting to think it might
> not be th
"$(/bin/date) " >> /var/log/clam_perms.log ; \
> |> /bin/ls -l /var/lib/clamav >> /var/log/clam_perms.log
>
OK just set this in cron but I suppose it isn't useful until the problem
happens again.
On Sun, 11 Jul 2021, Robert Kudyba wrote:
> > ls -ld /var
>
> On Sat, 10 Oct 2020, Robert Kudyba wrote:
>
> > ... next time it happens I can try some of these:
> > ...
>
> But put some logging in place before it does, so you get as precise a
> timeline as you can.
>
> > Here's what the -i option returns:
> &
>
> 1. Is your Perl interpreter in /usr/local/bin/? It's often in usr/bin/.
>
Thanks I saw that after the fact, indeed /usr/bin in Fedora
2. The environment is likely to be different when the script runs via
> freshclam from when it runs at the command line, and it's usually bad
> form in script
>
> > >> next if
> /^MBL_\d+:0:\*:68747470733a2f2f64726976652e676f6f676c652e636f6d$/;
> > next if /^MBL_\d+:0:\*:68747470733a2f2f646f63732e676f6f676c652e636f6d$/;
> >
> > You could do better with a regex, see the excellent Perl documentation.
> >
> > So what's the syntax to use || (or) with this
>
> On Thu, 29 Apr 2021, Olivier via clamav-users wrote:
> > Robert Kudyba writes:
> >
> >> How would you make this work for docs.google.com as well?
> >>
> >> the following regex corresponds to
> https://urldefense.proofpoint.co
>
> > How would you make this work for docs.google.com as well?
> >
> > the following regex corresponds to
> https://urldefense.proofpoint.com/v2/url?u=https-3A__drive.google.com&d=DwIBAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=rEXlMfZlmblv9Z7-T
How would you make this work for docs.google.com as well?
the following regex corresponds to https://drive.google.com
next if /^MBL_\d+:0:\*:68747470733a2f2f64726976652e676f6f676c652e636f6d$/;
On Thu, Apr 29, 2021, 12:25 AM Olivier wrote:
> Robert,
>
> In the configuration file user
I'd like the script and in our case the link starts with docs.google.com
On Wed, Apr 28, 2021, 10:43 PM Olivier via clamav-users <
clamav-users@lists.clamav.net> wrote:
> Hi,
>
> Robert Kudyba writes:
>
> > [1:multipart/alternative Hide]
> >
> >
> &
Since the signature name has .UNOFFICIAL and starts with MBL I believe
that's Malware Block List. I've submitted a sample to fp (at)
malwarepatrol.net. Is more than one sample needed? I'm posting here to let
others know and as they don't appear to acknowledge nor reply.
Why don't these come up?
s
> Is there an updated convention for this?
I believe it's more or less unchanged since version 8.6 of Sendmail
> (from the early 1990's). The ID is generated in assign_queueid() in
> .../sendmail/queue.c, which uses the integer as an index to the string
> "0123456789ABCDEF... you get the picture
An important email from our university president was quarantined with
Heuristics.Phishing.Email.SSL-Spoof. I submitted the email as an attachment
to ClamAV. I'm also disabling it based on past reports such as
https://qmailtoaster-list.qmailtoaster.narkive.com/NYaYAjLl/disabling-clamav-heuristic-phi
> Hi there,
>
> On Tue, 13 Apr 2021, Robert Kudyba wrote:
>
> > So I still don't know what "queue_id" is.
>
> Try the command
>
> mailq
>
> and look in the Sendmail docs. The queue ID is just the filename in
> the mail queue directory withou
As you can see, the daily.cld is from today, Apr 17, and the others
were downloaded on the day of upgrade. However one would expect the
daily.cvd to be the smallest file, instead its the biggest
with 307M in size.
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecover
>
> > Also, with clamav-milter and sendmail. I see that the headers of
> quarantined messages go to /var/spool/mqueue with root:smmsp owner/group
> permissions and the header of the email starts with hf whilst the body of
> the message starts with df. So the message in question looks like this:
> >
I'm seeing a FP from a Delta Airlines email.
Also, with clamav-milter and sendmail. I see that the headers of
quarantined messages go to /var/spool/mqueue with root:smmsp owner/group
permissions and the header of the email starts with hf whilst the body of
the message starts with df. So the messag
Using clamav-milter 0.103.1 with sendmail on Fedora 33, we had several
emails quarantined with the MBL_82485625.UNOFFICIAL. All they contained was
a link forwarded as an attachment of a Google Drive folder. I reported this
to the false positive at SaneSecurity address. I also added the signature
to
>
> > Oct 09 04:15:56 Checking for urlhaus updates...
> > Oct 09 04:15:56 Checking for updated urlhaus database file: urlhaus.ndb
> > Oct 09 04:15:56 Testing updated urlhaus database file: urlhaus.ndb
> > Oct 09 04:15:56 Clamscan reports urlhaus urlhaus.ndb database integrity
> tested good
> > Oct
you could for example make a
> wrapper for the update script which sets permissions before running it,
> or run another script before invocations of the update script so that
> the permissions are set first, or hack the update script itself. You
> could even use 'chattr' to m
>
> > Every few weeks I'll start seeing this error:
> >
> > ERROR: clam database directory (clam_dbs) not writable /var/lib/clamav
> >
> > Running this fixes it:
> > su clamav -s '/usr/local/sbin/clamav-unofficial-sigs.sh'
> >
> > Here are the files not owned by clamav:
> > -rw-r--r-- 1 clamupdate
Running ClamAV 103.0-1 on Fedora, I have freshclam
and clamav-unofficial-sigs.sh from
https://github.com/extremeshok/clamav-unofficial-sigs
Every few weeks I'll start seeing this error:
ERROR: clam database directory (clam_dbs) not writable /var/lib/clamav
Running this fixes it:
su clamav -s '/u
p
Stopping Clam AntiVirus Daemon: [ OK ]
[hubble:root]:(~)# time service clamd start
Starting Clam AntiVirus Daemon: [ OK ]
30.00user 2.06system 0:32.07elapsed 99%CPU (0avgtext+0avgdata
4311168maxresident)k
0inputs+0outputs (
Using Fedora 31, this has been happening for quite a while. After reboot
/var/run/clamav is removed, which is expected. However, wehn ClamAV was
installed the user created in /etc/passwd looks like this:
clamav:x:985:981::/var/run/clamav:/sbin/nologin
So Pulseaudio tries to create the following di
squid/var/logs/cache.log
/usr/local/squid/sbin/squid -k reconfigure
On Fri, 1 May 2020 at 14:14, G.W. Haywood via clamav-users <
clamav-users@lists.clamav.net> wrote:
> Hi there,
>
> On Fri, 1 May 2020, robert k Wild via clamav-users wrote:
>
> > i have installed clama
Nice
On Fri, May 1, 2020, 9:38 PM James Brown via clamav-users <
clamav-users@lists.clamav.net> wrote:
> On 1 May 2020, at 8:31 pm, Mark Allan via clamav-users <
> clamav-users@lists.clamav.net> wrote:
>
>
> Try excluding Email.Exploit.Efail-6641027-1 from the main ClamAV set.
>
>
> Thanks Mark. A
is there a way into deleting old virus
definitions/databases as clamav must save them somewhere
thanks,
rob
--
Regards,
Robert K Wild.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav
rs
WARNING: Deprecated option --list-mirrors. Individual mirrors are no longer
tracked, as official signature distribution is now done through the CloudFlare
CDN.
[hubble:root]:(~)# freshclam --version
ClamAV 0.102.1/25672/Mon Dec 23 10:53:10 2019
[hubble:root]:(~)#
Robert
--
Ro
This might be off topic to the list. We have Clam AV running on Fedora 30
with clamav-milter, clamav-0.101.4-1.fc30.x86_64, and sendmail. On one
server the logwatch emails do send a daily recap as desired such as this
stanza:
- Clamav Begin
Viruses det
a talking timeout?
>
> On 07.09.2019 22:03, Robert M. Stockmann via clamav-users wrote:
> > On Fri, 6 Sep 2019, Reio Remma via clamav-users wrote:
> >>>>> I guess many of us are just running too old hardware. :)
> >>>>>
> >>>>> Her
via clamav-users wrote:
> >I suspect the i9-9900 is cheaper to actually run than the old
> >whichever Core is in the mail server. :D
>
> I think that virtual/cloud server has to be cheaper than power usage of the
> existing server (plus housing, if you pay for that one).
>
Wh
You have to wait for the Fedora maintainers to update it, usually takes a
week or so.
On Fri, Aug 9, 2019, 11:41 AM Cliff Hayes via clamav-users <
clamav-users@lists.clamav.net> wrote:
> I took advice given and used dnf to install clamd and clamav.
> But now I am getting the errors:
>
> WARNING:
sock: No such file or directory
--
Several DNS timeout cause long delays with running freshclam
and also starting clamd can take upto two minutes.
Robert
--
Robert M. Stockmann - RHCE
Network Engineer - UNIX/Linux Specialist
crashrecovery.org st...@stokkie.ne
ne file per signature. I wonder if any
> of the unofficial databases have similar efforts to keep the volume and
> quality of signatures in check.
>
>
>
> Regards,
>
> Micah
>
>
>
> *From: *clamav-users on behalf of
> Robert Kudyba
> *Reply-To: *C
gt; keeps growing and clamd loading time with it.
>
> But it's really an issue with older machines like the one I have here. :D
>
> Good luck!
> Reio
>
>
> On 30/07/2019 23:30, Robert Kudyba wrote:
>> I did but then I also increased from 600 to 900 and th
s killing the process because it goes over the timeout
> threshold when loading the signatures.
>
> Good luck!
> Reio
>
>
> On 30.07.2019 21:58, Robert Kudyba wrote:
>
> rpm -qa clamav-milter
> clamav-milter-0.101.2-2.fc30.x86_64
> rpm -qa clamd
> clamd-0.101.2-
rpm -qa clamav-milter
clamav-milter-0.101.2-2.fc30.x86_64
rpm -qa clamd
clamd-0.101.2-2.fc30.x86_64
See some logs and statuses below. clamd takes up all of the CPU. clamd does
appear to start based on the ps command but you can see the status shows no
running;
PID USER PR NIVIRTRE
tail
("83.3% Query timed out at ns4.clamav.net (12.167.151.33))"
https://mxtoolbox.com/SuperTool.aspx?action=a%3adaily.25523.93.1.0.260647006810da54.ping.clamav.net&run=toolpage
("DNS No Valid NameServers Responded")
--
Robert L M
ld mean to keep the infected file on the server, but
isolate it from the other files.
What does Disinfect do?
I have been Destroying all infected files, both malware and email, but I'm
not sure if that is my best option.
I appreciate your advice and help on this technicalit
>
> sm-client.service: Failed to parse PID from file /run/sm-client.pid:
> Invalid argument
>
> I'm not too familiar with sendmail client, so I'll defer this to someone
> else more knowledgeable.
>
A bug that won't get fixed?
https://bugzilla.redhat.com/show_bug.cgi?id=748171
Anyways any idea why
clamav-0.101.0-3.fc29.x86_64
clamd-0.101.0-3.fc29.x86_64
clamav-milter-0.101.0-3.fc29.x86_64
sendmail-8.15.2-29.fc29.x86_64
4.19.13-300.fc29.x86_64
Milter (clamav-milter): write(D) returned -1, expected 23: Broken pipe
Also seeing errors like:
clamd[25994]: LibClamAV Error: cli_get_filepath_from_
I saw this myself last week, so downloaded the new sources and built ->
installed them myself. No problems and no warnings now.
0.101.0 is the latest stable version
robert
> On 13 Dec 2018, at 07:54, Scott Kitterman wrote:
>
> A larger issue in this case is that 0.100.0, as rel
http://www.clamav.net/downloads
-
Robert Chalmers
https://robert-chalmers.uk
aut...@robert-chalmers.uk
@R_A_Chalmers
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help
https://github.com/Cisco-Talos/clamav-faq/blob/master/manual/UserManual/Installation-Unix.md
Ensure your environment points to your compiler. and libraries etc.
Read the INSTALL.MD
Other than that, not sure what could be wrong.
-
Robert Chalmers
https://robert-chalmers.uk
aut...@robert
Ok, try this first.
./configure tidy
./configure clean
./configure
make
-
Robert Chalmers
https://robert-chalmers.uk
aut...@robert-chalmers.uk
@R_A_Chalmers
> On 10 Dec 2018, at 7:36 am, nikos wrote:
>
> Hello list.
>
> I tried Robert, but nothing change.
>
>
shclam/freshclamcodes.h from
typedef enum fc_error_tag {
FC_SUCCESS = 0,
FC_UPTODATE = 1,
to
typedef enum fc_error_tag {
FC_SUCCESS = 0,
FC_UPTODATE = 0,
The clamav code maintainers are aware of this…
robert
> On 7 Dec 2018, at 07:28, nik
There is something wrong with your C++ compiler.
Is it actually installed?
-
Robert Chalmers
https://robert-chalmers.uk
aut...@robert-chalmers.uk
@R_A_Chalmers
> On 7 Dec 2018, at 7:28 am, nikos wrote:
>
> Hello list.
>
> I'm trying to install the now version of cla
Of course. Sorry. I should know that. It’s time I went home …
> On 4 Dec 2018, at 15:25, Joel Esler (jesler) wrote:
>
> You'd have to talk to the maintainer for homebrew for ClamAV. To my
> knowledge, we don't control that.
>
>> On Dec 4, 2018, at 10:23 AM,
@Mica Snyder,
Is there any chance that this update will make it to the Homebrew repo soon?
It’s not causing me any problems here, but the Error 1 in the log is getting
annoying :-)
Cheers
Robert
> On 7 Nov 2018, at 21:34, Micah Snyder (micasnyd) wrote:
>
> The change to actu
-
Robert Chalmers
https://robert-chalmers.uk
aut...@robert-chalmers.uk
@R_A_Chalmers
Begin forwarded message:
>
> Has the Amavisd.conf config file remained constant through Amavis-new.
> Is there the latest example version somewhere if it has had changes?
> Tha
.
Thanks for your help.
> On 7 Nov 2018, at 14:07, Eric Tykwinski wrote:
>
> Robert,
>
> Looking at the freshclam return codes, it's not a problem.
> https://github.com/Cisco-Talos/clamav-devel/blob/dev/0.101/freshclam/freshclamcodes.h
>
> FC_UPTODATE = 1,
>
>
Finally I got through.
Ok, I understand this is an exit code probably generated by fresh clam Can it
be fixed?
-
Robert Chalmers
https://robert-chalmers.uk
aut...@robert-chalmers.uk
@R_A_Chalmers
> On 7 Nov 2018, at 10:23 am, Robert Chalmers wrote:
>
> I’m running freshclam
odd thing is, it appears to work each time, but then gives this error when
it exits.
I can not find the reason for this.
Thanks
Robert
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/cl
gt;
> http://www.clamav.net/contact.html#ml
>
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben
> Jul 23 11:45:39 storm clamd[22351]: LibClamAV Error: yyerror():
>> /var/lib/clamav/packer.yar line 82 undefined identifier "pe"
>>
>
> remove yar rules
>
> clamav is unstable with yara, google it
>
Yes just found
https://github.com/extremeshok/clamav-unofficial-sigs/issues/203#issuecomment-400
S=local:/var/run/clamav-m
ilter/clamav-milter.socket,F=T,T=S:4m;R:4m;E:10m')dnl
What's the difference between `clamav-milter' vs `clamav' in that line?
On Mon, Jul 23, 2018 at 11:51 AM, Robert Kudyba wrote:
> However I still get these errors in sendmail:
>>>
>
> However I still get these errors in sendmail:
>> Milter: data, reject=451 4.3.2 Please try again later
>>
>
> the syslog entry should give us more information.
>
Jul 23 11:45:33 storm systemd[1]: clamd@scan.service: Main process exited,
code=killed, status=6/A
BRT
Jul 23 11:45:33 storm system
2018 at 12:27 PM, Micah Snyder (micasnyd) <
micas...@cisco.com> wrote:
> What are your current user/group ownership and permissions on:
> /var/run/clamd.scan/clamd.sock ?
>
> Regards,
> Micah
>
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco System
rds,
> Micah
>
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
>
>
> On Jul 16, 2018, at 12:19 PM, Robert Kudyba wrote:
>
> I set:
> MilterSocketGroup clamscan
> User clamscan
>
> Still getting the permission denied.
>
> Note the
:123:clamav,clamscan
clamav:x:124:clamscan,clamilt
clamupdate:x:125:
clamscan:x:126:clamilt,clamav
virusgroup:x:127:clamupdate,clamscan,clamilt
On Mon, Jul 16, 2018 at 11:50 AM, Micah Snyder (micasnyd) <
micas...@cisco.com> wrote:
> Hi Robert,
>
> clamav-milter is a separate process
run/clamd.scan/clamd.sock
>
> Lines in /etc/clamd.d/scan.conf
>
> TCPSocket 3310
> TCPAddr 127.0.0.1
>
> You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd. We
> recommend using Unix/Local sockets.
>
>
> Micah Snyder
> ClamAV Development
> T
mav scanner daemon.
What else can I check?
On Tue, Jul 10, 2018 at 7:24 PM, Kees Theunissen
wrote:
> On Tue, 10 Jul 2018, Robert Kudyba wrote:
>
> >Hello hive,
> >
> >Running:
> >clamav-0.100.0-2.fc28.x86_64
> >
> >clamd, freshclam and clamav-milte
Hello hive,
Running:
clamav-0.100.0-2.fc28.x86_64
clamd, freshclam and clamav-milter all up and running:
ps -auwx | grep clam
clamupd+ 20336 0.0 0.0 50672 4016 ?Ss Jun29 1:15
/usr/bin/freshclam -d -c 4
clamav 23713 0.0 0.0 176780 1160 ?Ssl 13:23 0:00
/usr/sbin/clam
VMWare Pro 14 with RHEL 6.9 install as the guest
Clam AV version used is ClamAV 0.100.0
--
Robert
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive Cl
efinitions.
System Configuration
One standalone laptop
Running Windows 10 (Host OS)
VMWare Pro 14 with RHEL 6.9 install as the guest
Clam AV version used is ClamAV 0.100.0
Thanks,
Robert
___
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.
ok should i have started clamd@server OR clamd@service?
On 4 December 2017 at 14:46, robert k Wild wrote:
> as you said i did a
>
> yum install -y clamav-server-systemd
>
> then to start it i did a
>
> systemctl enable clamd@server
>
> On 4 December 2017 at
as you said i did a
yum install -y clamav-server-systemd
then to start it i did a
systemctl enable clamd@server
On 4 December 2017 at 13:58, Reindl Harald wrote:
>
>
> Am 04.12.2017 um 14:56 schrieb robert k Wild:
>
>> i have done a
>>
>> yum install -y clamav
hi all,
i have done a
yum install -y clamav
and to start the service i would had thought it would be simple
systemctl start clam or clamd
but i get a
Failed to start clam.service: Unit not found.
what am i doing wrong please
many thanks
rob
--
Regards,
Robert K Wild
I submitted a possible false positive via the clamav.net site on Wednesday. I
have not heard anything back, not even a confirmation that the submission was
received. What is the timeframe that I should expect to get some sort of
response? Is there any way to get a contact information to email
ng scan requests.
>
> Thanks & Regards.
>
reading this might help
http://www.fim.uni-linz.ac.at/diplomarbeiten/Diplomarbeit_Macskasi.pdf
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
Sitz de
in/clamav-faq
>
> http://www.clamav.net/contact.html#ml
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG, 80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbau
thanks
On 14 Dec 2016 6:34 p.m., "Simon Hobson" wrote:
> robert k Wild wrote:
>
> > Can I install a clamav server and point all my clamav end users ie Mac
> > Linux windows to the server to get update definitions
>
> Yes. Setup your own mirror and point everyt
ement of AV
> software.
>
>
> --
> Joel Esler | Talos: Manager | jes...@cisco.com<mailto:jes...@cisco.com>
>
>
>
>
>
>
> On Dec 14, 2016, at 11:13 AM, robert k Wild robertkw...@gmail.com>> wrote:
>
> are there any AV programs that have this functunali
are there any AV programs that have this functunality free?
many thanks,
rob
On 14 December 2016 at 15:59, robert k Wild wrote:
> thank you all
>
> On 14 Dec 2016 15:57, "Leonardo Rodrigues"
> wrote:
>
>>
>> No, absolutely not, clamav do not implem
y, just get a
> local mirror of the definitions and configure that on the clients. All the
> other requests, no no no.
>
> Em 14/12/16 13:27, robert k Wild escreveu:
>
>> Hi all,
>>
>> Can I install a clamav server and point all my clamav end users ie Mac
>>
Hi all,
Can I install a clamav server and point all my clamav end users ie Mac
Linux windows to the server to get update definitions and can I manage my
clients from the server ie see if there online run scans and lock clients
so they can't change settings?
Many thanks,
Rob
_
Hi,
I see that you have added Win.Exploit.CVE_2016_3316-1 to whitelist.ign2
Can you please advise when this whitelist update is available to all users?
Thanks
RB
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
specific
> than "Re: Contents of clamav-users digest..."
>
>
> Today's Topics:
>
>1. Banload not detected (Robert Boyl)
>2. Re: Banload not detected (Alain Zidouemba)
>
>
> ------
>
:
- Win.Trojan.Banload-6197
- Win.Trojan.Banload-6198
See http://lists.clamav.net/pipermail/clamav-virusdb/2015-June/
Pls advise?
Thanks,
Robert
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html
gt; With nowadays CPUs, that's not a problem
Yeah, tell that to mirror operators.
-Robert
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
Hi, some users reported a false postive with Email.Trojan-393
is this wide known ?
Best Regards
MfG Robert Schetterer
--
[*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64
Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben
I've been hit by this also (started around 2:50pm today UK time).
All the FP's are via the same MBL_349876.
I've commented out the MBL lines in the /etc/clamav-unofficial-sigs.conf
file and killed all MBL sigs for now.
Robert.
On 21 Aug 2013, at 17:51, Andrew Beverley wrote:
I concede and remove my requests.
On Wed, Mar 20, 2013 at 12:14 PM, Erwan David wrote:
> Le 20/03/2013 18:42, Robert Lopez a écrit :
>
> Bot net member identification and blocking.
>> Block email from spoofed in-our-domain-sender sent from outside our domain
>> when it is
, we don't have an estimated release date :)
>
>
>
> Thanks in advance for your ideas! Please send your ideas to this list so
> we can track them.
>
>
>
> Matt
> ___
> Help us build a comprehensive ClamAV guide: v
1 - 100 of 479 matches
Mail list logo
