All is comming retour on my registrered address except this here koffie
The admin(Snyder?) is manipulating my post.
On 31/01/2025 00:11, koffie via clamav-users wrote:
Forwarded Message
Subject: [clamav-users] ClamAV 1.4.2 and 1.0.8 security patch versions
published
Date
Forwarded Message
Subject: [clamav-users] ClamAV 1.4.2 and 1.0.8 security patch versions
published
Date: Thu, 30 Jan 2025 23:15:17 +0100
From: jac
To: ClamAV users ML
It took five attempts to get in contact to this list.
Responsible for this is M.Snyder. The only concrete
On Wed, 22 Jan 2025, newcomer01 via clamav-users wrote:
Hi Florens,
clamav can handle files up to 4GB form 1.2.0 onwards ->
https://blog.clamav.net/2023/08/clamav-120-feature-version-and-111-102.html
Not quite.
MaxScanSize is no longer limited to 2GB or 4GB,
but MaxFileSize is still limi
Read this online at
https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html
Today, we are publishing the 1.4.2 and 1.0.8 security patch versions. The
release files for the patch versions are available for download on the ClamAV
downloads page<https://www.clamav.net/downlo
Hi Florens,
clamav can handle files up to 4GB form 1.2.0 onwards ->
https://blog.clamav.net/2023/08/clamav-120-feature-version-and-111-102.html.
Upload all files in the same directory and from there you can move the scanned
files around (cronjob), this is possible on most/all linux servers.
Hi Florens,
Le 22/01/2025 à 09:10, Florens von Heydwolff via clamav-users a écrit :
Hello,
(...) I have managed to
implement clamav in a way that it scans my uploads in the local
environment.
Clamav using TCP connection is for you.
Here is my uncertainty:
My website needs to be capable
>
> I wonder what would happen if many users were uploading at the same
> time. Would the scan requests be executed one at the time? I imagine
> that could lead to long waiting times for the uploading users.
>
> If that is so, I need to either configure clamav in a way that a
Hello,
I´m kind of a noob, forced to work on my own project because the money for
programmers is running out 🙂. Nevertheless I could pay a certain amount for
help if needed. My framework is laravel and I have managed to implement clamav
in a way that it scans my uploads in the local
child
cl_engine_free() in 10.202081s at child
cl_engine_free() in 10.553096s at child
cl_engine_free() in 11.202486s at child
cl_engine_free() in 11.074945s at child
cl_engine_free() in 8.223201s at main
TIA
Ale
--
___
Manage your clamav-users mailing
On Sun, 19 Jan 2025, Diggy via clamav-users wrote:
Where can I find which directives in "clamd.conf" apply to which components
(clamd, clamdscan, clamonacc) ???
Hmm. Well, 'man clamdscan' does say that
It accepts all the options implemented in clamscan but most of them
can I find which directives in "clamd.conf" apply to
which components (clamd, clamdscan, clamonacc) ???
I need to know this information when planning my ClamAV deployment, much
of which will be fileserver clients using clamdscan and/or clamonacc to
stream to a centralized clamd on the netw
>
> In brief, I am planning a large ClamAV deployment with varying
> requirements. A few of the file servers will have their own instance of
> clamd running locally. The remaining file servers will utilize (via
> clamdscan and/or clamonacc) a remote TCP clamd daemon.
>
Not sure if you're planning on communicating via the internet but it's not
recommended per the ClamAV Docs.
On Jan 18, 2025, 2:42 PM -0500, Diggy via clamav-users
, wrote:
> I have a few questions about TCP sockets and local sockets.
>
> FYI, I am using ClamAV 1.0.7 packages p
I took a look at the PUA documents page at:
https://docs.clamav.net/faq/faq-pua.html
I'm guessing it may be a bit outdated. The page has a 2020 reference.
It is now 2025.
Where can I find an updated list of PUA categories and subcategories?
Also, I am using ClamAV 1.0.7 packages provid
I have a few questions about TCP sockets and local sockets.
FYI, I am using ClamAV 1.0.7 packages provided by el9 EPEL.
If clamd is configured with both a TCP socket and a local Unix socket,
which does clamdscan choose first?
Which does clamonacc choose first?
Are there clamd commands that
not at all, you can also scan various of file types not mails only, but right,
mostly it is used for emails only.
Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net>
An / To:Newcomer01 <mailto:newcome...@posteo.de>
CC / CC:Marc <
Yes, it is.
And if a malicious file is being attached to an email for ClamAV to scan, then
if a signature can be written to catch a file that may be attempting to export
this vulnerability with either a logical signature or a bytecode signature,
then I am sure that the ClamAV will write one
I have the impression this is some binary that is being attached, next to that
isn't clamav mostly used as email scanner? ;)
> Subject: Re: [clamav-users] CVE-2025-21298 vulnerability
>
> ClamAV is an AV/file scanner. Not a Vulnerability scanner.
>
> > On Jan 16, 2
and it is basically designed for linux not windows ;)
Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net>
An / To:Newcomer01 <mailto:newcome...@posteo.de>
CC / CC:Joel Esler <mailto:joel.es...@me.com>
Gesendet / Sent:Donnersta
ClamAV is an AV/file scanner. Not a Vulnerability scanner.
> On Jan 16, 2025, at 14:36, Marc via clamav-users
> wrote:
>
> I am just a bit curious are such vulnerabilities added to clamav?
>
> https://msrc.microsoft.com/update-guide/vulnerabil
I am just a bit curious are such vulnerabilities added to clamav?
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21298
___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo
On Wed, 8 Jan 2025, newcomer01 via clamav-users wrote:
That is great news Micah.
Thank you and your team for continuously developing clamav!
Is there a way to get the 1.4.1 LTS for Ubuntu 24.04.* LTS directly from
clamav (via a "special"
ppa maybe)?
We talked little about t
That is great news Micah.
Thank you and your team for continuously developing clamav!
Is there a way to get the 1.4.1 LTS for Ubuntu 24.04.* LTS directly from clamav (via a
"special" ppa maybe)?
We talked little about that in the past.
Ubuntu is unfortunately very slow in deliverin
Read this announcement online at:
https://blog.clamav.net/2025/01/clamav-14-as-next-long-term-stable-lts.html
We are excited to announce that ClamAV 1.4 is now designated as our latest
Long-Term Stable (LTS) release.
Previously, we planned to announce 1.5 as the next LTS version at the end of
Basically, you are absolutely right.
That it can be possible, that the dig client differ in each of the Distros was
not clear to me, good to know - thank you.
Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net>
An / To:Newcomer01 <mailto:newcome...@
those TXT records(via DNS) appears to be failing.
Regards,
Lyle Giese
On 1/7/25 17:22, newcomer01 via clamav-users wrote:
funny, my stats looking little different, then yours
$ dig txt current.cvd.clamav.net
; <<>> DiG 9.18.28-0ubuntu0.24.04.1-Ubuntu <<>> txt
curr
192:335"
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Wed Jan 08 00:18:09 CET 2025
;; MSG SIZE rcvd: 107
but it worked, you see the COOKIE is missing in my case
Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net>
An / To:
answers is stackoverflow.
Von / From: Clamav User Mailinglist <mailto:clamav-users@lists.clamav.net>
An / To:Newcomer01 <mailto:newcome...@posteo.de>
CC / CC:Lyle Giese <mailto:l...@lcrcomputer.net>
Gesendet / Sent:Dienstag, Januar 07, 2025 um 23:56 (at 11:56
2.168.250.1#53(192.168.250.1)
;; WHEN: Tue Jan 07 16:54:46 CST 2025
;; MSG SIZE rcvd: 135
On 1/7/25 12:39, koffie via clamav-users wrote:
don't believe that here isn't enough .interest to get answer.
Again: Anybody who can reply if there is access to this post?
Forwarded M
Nice if you don't have problems with that.
I was blocked during sudo freshclam.
Forwarded Message
Subject: Re: [clamav-users] 1. What causes cool blocking by clamav 2.
Freshclam
Date: Tue, 7 Jan 2025 19:09:15 +
From: newcomer01 via clamav-users
Reply-To: ne
wrong or if you use a private DNS check it's settings.
In the past I had sometimes problems in getting CLD instead of CVD and since I
changed my settings in freshclam.conf this problem is nearly complete solved
(switched to https and ipv6 settings for my queries).
Von / From: Clamav
don't believe that here isn't enough .interest to get answer.
Again: Anybody who can reply if there is access to this post?
Forwarded Message
Subject: 1. What causes cool blocking by clamav 2.
Date: Mon, 6 Jan 2025 23:42:42 +0100
From: koffie
To: clamav-users@lists.
Hello,
I recently stumbled upon a lot of findings for PDF files with
"Heuristics.Encrypted.PDF".
Those PDF files are viewable but have permissions restricted.
It seems to be a known issue and is already reported here:
https://github.com/Cisco-Talos/clamav/issues/770.
My question
Regarding: "WARNING: Message: Could not resolve hostname"
It seems to be a DNS resolve issue. Any DNS filter device is active like
pihole, etc.?
mfg,
Norman
> Am 06.01.2025 um 23:44 schrieb koffie via clamav-users
> :
>
> WARNING: Message: Coul
Hello
1.
I've never got an answer on coll blocking by clamav.
That happened last december.
Instead I was sent to cloudflare and Honeypot.
All didn't explain and didn't do anything.
At the beginning I've tried to ask M.Snyder who is involved with that
topic but he refused
On Mon, 6 Jan 2025, Marijus Gudiskis via clamav-users wrote:
I would like to know the reasoning behind these limits and why are they are
relatively conservative:
* MaxFileSize 25M
* MaxScanSize 100M
Do you think this limit would still be safe?:
* MaxFileSize 500M
2000M
If I understand correctly the limits are to protect against zip bombs but if
you have a zip bomb that is 20MB it can balloon to 2GB, so we should mainly
care about MaxScanSize?
Also, is ClamAV constant memory when it comes to scanning for viruses?
Thanks!
With kind regards
ad database everytime scan is done
Do you mean that I need to use clamd instead of clamdscan?
2. avoid repeated scanning of the same content
How can I do this?
On Wed, Dec 25, 2024 at 2:00 PM
wrote:
> Send clamav-users mailing list submissions to
> clamav-users@lists.clamav.net
>
Hall, Michael H. (GSFC-423.0)[RAYTHEON COMPANY] via clamav-users wrote:
OK, I know this is months “overdue”.
I’m working on upgrading my office’s ClamAV to 1.0.7.
I’ve reached the system that’s running “clamav-milter”.
It appears that the RHEL Linux version of provides man pages for
ClamAV
OK, I know this is months “overdue”.
I’m working on upgrading my office’s ClamAV to 1.0.7.
I’ve reached the system that’s running “clamav-milter”.
It appears that the RHEL Linux version of provides man pages for
ClamAV-milter, but I don’t seem to see other files for clamav-milter.
Is another
Thanks for response.
this is the first of several question which was visible here.
Anyway I have no access with common browsers to the archiv.
I dont get access to other contacts of clamAV listed on their website.
Any ideas?
Forwarded Message
Subject: Re: [clamav-users
On 25.12.24 20:38, koffie via clamav-users wrote:
I've tried to get answer here several times without response.
I am asking now a simple question: Am i visible here as user? Anybody
or more who can you read this?
On 25.12.24 21:31, Matus UHLAR - fantomas via clamav-users wrote:
I can se
On 25.12.24 20:38, koffie via clamav-users wrote:
I've tried to get answer here several times without response.
I am asking now a simple question: Am i visible here as user? Anybody
or more who can you read this?
I can see you.
You can check your mail and replies to it at:
Hello,
I've tried to get answer here several times without response.
I am asking now a simple question: Am i visible here as user? Anybody
or more who can you read this?
koffie
___
Manage your clamav-users mailing list subscription / unsubs
Hi clamav-users,
I am trying to set up ClamAV for non-blocking OnAccess scanning.
It appears to be working since I am receiving delayed instream alerts. When
I tested with eicar, I received an alert after ~30s to 2m of opening the
test file. For now, I am running clamd and clamonacc as root
:
bash
сlamdscan --fdpass --log=/var/log/clamav/clamdscan.log
--move=/root/quarantine /
5.
*On-Access Scanning:*
I decided against enabling on-access scanning because I’m concerned it
might negatively impact the performance of our servers. This is something
my admins are pa
On 24.12.24 14:11, Adalfarus Theodoric via clamav-users wrote:
I hope this message finds you well. I’m new to using ClamAV and am
currently in the process of implementing it on our production servers.
During our testing phase, I encountered a couple of performance-related
issues that I’d like to
Hello all!
Sorry, if I used the wrong email.
I hope this message finds you well. I’m new to using ClamAV and am
currently in the process of implementing it on our production servers.
During our testing phase, I encountered a couple of performance-related
issues that I’d like to address with your
On 20.12.24 01:02, Linux via clamav-users wrote:
Hi. I am currently using Fedora 41 Workstation, Linux Kernel 6.12. I
noticed the limit of scanning for ClamAV is only 2 GB. Is there a way for
me to change this limit to scan my whole pc (1TB)?
the limit should apply for file size, not for
Hi. I am currently using Fedora 41 Workstation, Linux Kernel 6.12. I
noticed the limit of scanning for ClamAV is only 2 GB. Is there a way for
me to change this limit to scan my whole pc (1TB)?
Thank you.
___
Manage your clamav-users mailing list
Hello Masaru, Eric und Marc,
Thank you so much for helpful suggestions.
Kind regards,
Kortschnoi
Am 17.12.24 um 15:20 schrieb Mark Allan via clamav-users
> I've just inspected the installer pkg itself and can confirm that the only
> items installed are under /usr/local/clamav
>
Thanks it is not easy getting Squid proxy to work with ssl intercept and to
have ClamAV scan for issues inside a firewall. It’s impressive. Thanks for all
you do ClamAV team.
Sent from my iPhone
> On Dec 18, 2024, at 01:27, Ralf Hildebrandt via clamav-users
> wrote:
>
> * Jona
* Jonathan Lee via clamav-users :
> instream(local): vhxtdQ.sigs.InterServer.net.SHA256.21881.UNOFFICIAL FOUND
# sigtool --find-sig=vhxtdQ.sigs.InterServer.net.SHA256.21881
[interserver256.hdb]
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21:17
C-ICAP Virus Table
C-ICAP - Virus Logs
Date-Time Message Virus URL HostUser
17.12.2024 11:55:40 VIRUS FOUND
sigs.InterServer.net.HEX.Topline.194.150.117.29.371.UNOFFICIAL
https://raw.githubusercontent.com/interserver/clamav-unofficial/refs/heads/master/interserver256.hdb
search for it as you will go to a github that has a virus in the
database that explains what this bug is.
instream(local): sigs.InterServer.net.HEX.Topline.194.150.117.29.371.UNOFFICIAL
FOUND
Will show if you search google for information.
Does clamAV stop the bug? Can it help remove it? I am
It is currently set to
TemporaryDirectory /var/tmp
This is a separate partition from /tmp
On Tue, Dec 17, 2024 at 3:05 PM Ralf Hildebrandt via clamav-users <
clamav-users@lists.clamav.net> wrote:
>
> > kubernetes that run and add log files to /tmp. /tmp is being actively
> &g
> kubernetes that run and add log files to /tmp. /tmp is being actively
> monitored and must be monitored by clamav. The log file shows these
> error messages
Where does clamav drop it's tempfiles (check the config option
"TemporaryDirectory")?
I hope it's not /tmp
causes numerous issues while the server is in operation
and the clamonacc program is hung. The server is running kubernetes in
user mode, not under the root user. They have quite a few jobs in
kubernetes that run and add log files to /tmp. /tmp is being actively
monitored and must be monitored by clamav
I've just inspected the installer pkg itself and can confirm that the only
items installed are under /usr/local/clamav
There are no postflight/preflight scripts that install any extras or do
anything else.
The receipt under /Library/Receipts is just so macOS knows what was installed
and
Kortschnoi,
I just did a fresh install on a blank drive:
/Library/Receipts/com.cisco.ClamAV.*
/usr/local/clamav/*
That should be all the files installed that I can see.
-Original Message-
From: clamav-users On Behalf Of
Kortschnoi via clamav-users
Sent: Tuesday, December 17, 2024 5:15
Hello,
In the Message;
Subject: [clamav-users] Uninstalling clamAV on macOS
Message-ID :
Date & Time: Tue, 17 Dec 2024 10:15:03 +
Kortschnoi via clamav-users has written:
> Dear all,
> I couldn't find any instructions in the documentation on how to
> u
Dear all,
I couldn't find any instructions in the documentation on how to uninstall
clamAV on macOS if you installed it using the installer. There are specific
instructions for all other Unix and Linux distributions. Can someone help me?
Best regards,
Korts
On Tue, 10 Dec 2024, neel roy via clamav-users wrote:
> I think Neel's intention is to reduce the system load.
Thanks! Yes, and it's all over internet - discussions about
ClamAV CPU usage. I did face the same problem with McAfee but that
was 15 years back. So, I think it goes to
Hello,
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID :
<1734082489.s.19777.autosave.drafts.1734082997.7...@webmail.rediffmail.com>
Date & Time: 13 Dec 2024 09:43:17 -
[NR] == neel roy v
is it not? We
could not use clamd service because of permission issue on
selinux: https://github.com/Cisco-Talos/clamav/issues/582
So we ended up using clamd as standalone process.
I don't know what else can I try other than somehow coming with incremental
scan - writing my own fanotify
On 12 December 2024 23:46:26 Lyle Giese via clamav-users
wrote:
Not sure where I need to report this. I am having legit email being
bounced using ClamAV by this:
Heuristics.Phishing.Email.SpoofedDomain(cd2d755959754996812d9dc9405de4be:121605)
Hi.
It's not a 3rd party definition.
It
Not sure where I need to report this. I am having legit email being
bounced using ClamAV by this:
Heuristics.Phishing.Email.SpoofedDomain(cd2d755959754996812d9dc9405de4be:121605)
This email is legit from Hilton Honors.
Thanks,
Lyle Giese
Hello,
Sorry for late reply.
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID :
<1733801811.s.30439.autosave.drafts.1733802148.16...@webmail.rediffmail.com>
Date & Time: 10 Dec 2024 03:42:28
Hello Masaru,
> I think Neel's intention is to reduce the system load.
Thanks! Yes, and it's all over internet - discussions about ClamAV CPU
usage. I did face the same problem with McAfee but that was 15 years back. So,
I think it goes to show that is possible. Is it not possib
Hello,
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID :
Date & Time: Mon, 9 Dec 2024 12:47:59 + (GMT)
[ACA] == Andrew C Aitchison via clamav-users
has written:
ACA> On Mon, 9 Dec 20
On Mon, 9 Dec 2024, neel roy via clamav-users wrote:
Yes, that I found evident as described in mail below.
Yet, no antivirus including ClamAV use this approach in their product.
There must be reason(s). I am just trying to find that reason.
I do not think it is very useful to only scan
Hello,
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID : <874j3d59u2.wl-nom...@lake.dti.ne.jp>
Date & Time:
[MN] == Masaru Nomiya has written:
MN>> clamscan and clamdscan can be us
Hello,
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID :
<1733743224.s.30773.autosave.drafts.1733743230.31...@webmail.rediffmail.com>
Date & Time: 9 Dec 2024 11:20:30 -
[NR] == "ne
> reduce the scanning time, I think.
Yes, that I found evident as described in mail below. Yet, no antivirus
including ClamAV use this approach in their product. There must be reason(s). I
am just trying to find that reason.
Thanks in advance,
-Neel.
From: Masaru Nomiya via clamav-user
Hello,
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID :
<1733732516.s.11406.autosave.drafts.1733732836.27...@webmail.rediffmail.com>
Date & Time: 9 Dec 2024 08:27:16 -
[NR] == &qu
them? In which cases, "find" would not work?
Thanks in advance,
-Neel.
From: Masaru Nomiya via clamav-users <clamav-users@lists.clamav.net>
Sent: Mon, 09 Dec 2024 13:35:37
To: clamav-users@lists.clamav.net
Cc: Masaru Nomiya <nom...@lake.dti.ne.jp>
Subject: Re: [clamav-use
Hello,
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID :
<1733723659.s.7812.31692.f4-234-194.1733724123.30...@webmail.rediffmail.com>
Date & Time: 9 Dec 2024 06:02:03 -
[NR] == &qu
Hello Masaru,
There is some good information in your message but I believe my question is
different.
I am not concerned about ClamAV not detecting changes. I want to know why
should I not use "find" to detect changed files. The part below from
your mail\reply does provide relevant i
Hello,
In the Message;
Subject: Re: [clamav-users] Using linux command "find" to get modified
files list for scan
Message-ID :
<1733718887.s.10974.autosave.drafts.1733719852.13...@webmail.rediffmail.com>
Date & Time: 9 Dec 2024 04:50:53 -
[NR] == &qu
Hello Masaru,
You wrote:
> In short, Using the find command to specify files can make the ClamAV
> scanning process inefficient. ClamAV is designed to effectively scan
> entire directories and specific file types, so there is no need to
> filter the list generated by find command.
Hello Masaru,
You wrote:
> In short, Using the find command to specify files can make the ClamAV
> scanning process inefficient. ClamAV is designed to effectively scan
> entire directories and specific file types, so there is no need to
> filter the list generated by find command.
Hello,
In the Message;
Subject: [clamav-users] Using linux command "find" to get modified files
list for scan
Message-ID :
<1733715472.s.23081.autosave.drafts.1733715610.1...@webmail.rediffmail.com>
Date & Time: 9 Dec 2024 03:40:10 -
[RN] == neel roy v
Hello,
I need to scan Linux systems for viruses/malwares, just entire filesystem.
There are few options to consider.
- One is normally what users do: Use clamav to scan system
once a day.
- The second option is to find files modified in last one
day and give that list to anti virus
ional to number of files
changed\added.
That makes me ask question, what is "--disable-cache" option for
*clamscan* is which states "Disable caching and cache checks for hash sums
of scanned files."?
I came across following question in this list:
https://www.mail
at, 07 Dec 2024 08:43:59
To: Eddie via clamav-users <clamav-users@lists.clamav.net>
Cc: neel roy <neelsm...@rediffmail.com>
Subject: Re: [clamav-users] Difference between clamscan and clamdscan scanning
time
Per the docs:
"clamscan is a command line tool which uses libclamav
-v" (verbose) option about engine creation. But assume it takes another
> 40 seconds.That's still 2 minutes versus 9 seconds. Should there be *that*
> big a difference?
>
> Thanks in advance,
> -Neel.
>
> From: Paul Silvestri
> Sent: Sat, 07 Dec 2024 08:43:59
> To:
n. It will then scan the files and/or
directories specified at the command line, create a scan report, and exit."
https://docs.clamav.net/manual/Usage/Scanning.html#clamscan
On Dec 6, 2024, 10:08 PM -0500, neel roy via clamav-users
, wrote:
> Hello,
>
> I passed 10,000 files li
Hello,
I passed 10,000 files listed in the file to clamscan and clamdscan. I see very
big difference on 4 cpu bare metal machine. Why is it?
I am using clamav 1.0.7.
clamscan -f large_files.txt - 3 mins 5 seconds
clamdscan --fdpass -f large_files.txt - 9 seconds
Notes
- For clamdscan, I am
Dear Neel,
factors such as CPU speed, RAM size, file size, number of files, number of
personal antivirus libraries, size of each library (containing signatures which
must the dates passed), etc. have an influence on the scanning speed.
kind greetings
Marc
Von / From: Clamav User
Hello,
While doing scan with clamscan or clamdscan, what does duration, cpu and memory
requirement depends on? Does it depend on number of files or size of file?
Thanks in advance,
-Neel.___
Manage your clamav-users mailing list subscription
On Thu, 5 Dec 2024, neel roy via clamav-users wrote:
Hello Ralf,
I hope I can ask follow up question. You wrote:
> I doesn't (from the clamonacc man page):
> The clamonacc daemon registers for file access notifications from the
> Linux kernel and in response, submits scan
point, can it get infected? If yes, and if this file executable, can it
get executed _along with it's infected code_ **without being closed**?
Thanks in advance,
-Neel.
From: Ralf Hildebrandt via clamav-users <clamav-users@lists.clamav.net>
Sent: Thu, 05 Dec 2024 16:05:32
open?
Thanks in advance,
-Neel.
From: Ralf Hildebrandt via clamav-users <clamav-users@lists.clamav.net>
Sent: Thu, 05 Dec 2024 16:05:32
To: clamav-users@lists.clamav.net
Cc: Ralf Hildebrandt <ralf.hildebra...@charite.de>
Subject: Re: [clamav-users] [ext] Scanning memory mapped files
fanotify) doesn't detect any change,
and thus the file wont be in the list passed to clamscan or clamdscan.
> Now my assumption is mmap, msync, munmap deals with memory mapped files. So
> questions I have are:
> "does clamav scan memory mapped files?"
Yes: After all,
; The fanotify API
does not report file accesses and modifications that may occur because of
mmap(2), msync(2), and munmap(2).".
Now my assumption is mmap, msync, munmap deals with memory mapped files. So
questions I have are:
does clamav scan memory mapped
files? Further detail
Hello,
Sorry, I should have given complete information but my thought process was
little slow :) Here is the question as I posted on stackoverflow
(https://superuser.com/questions/1863769/clamav-and-memory-mapped-files):
I am using clamav on Enterprise Linux 9. In order to optimize it&#
Hello,
Does clamav scan memory mapped files? If yes, does it option to scan _just_
memory mapped files?
Thanks in advance,
-Neel.___
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav
I can use somewhere to make
unused strings a warning rather than a hard error? It's a real pain to
comment/uncomment/recomment strings again and again and again while
trying to assemble complex rules like this.)
-kgd
_______
Manage your clamav-us
On Wed, 13 Nov 2024 10:13:13 +0100, Matus UHLAR - fantomas via clamav-users
wrote:
>>>>>On 11/7/2024 3:27 AM, Virgo Pärna via clamav-users wrote:
>>>>>>What about database updates happening at that time? For us even
>>>>>>with ConcurrentDa
On 11/13/2024 1:13 AM, Matus UHLAR - fantomas via clamav-users wrote:
On 11/7/2024 3:27 AM, Virgo Pärna via clamav-users wrote:
What about database updates happening at that time? For us even
with ConcurrentDatabaseReload true Exim sometimes times out scanning
e-mails, when databse update
1 - 100 of 3088 matches
Mail list logo
