A really poor attempt as a phishing scam came thru our systems. The
URL is blocked by Chrome and Firefox as phishing scams (there are no
plugins enabled for anti malware or anything). Chrome shows the
'Reported Phishing Website Ahead!' for example.
However, running clamscan does not detect it
nuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFD4lzskNLDmnu1kSkRAniWAJ4hAH4tsDH7qFlpDiHhzer6nC990ACeIdyT
> nKe7uo9O5yKDTZDbSBGGQJY=
> =teFj
> -END PGP SIGNATURE-
> --
> Scanned by ClamAV - http://www.clamav.net
--
Paulo Ricardo Bruck - consul
ClamAV users ML
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset=ISO-8859-1
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Paulo Ricardo Bruck wrote:
> > Hi guys
> >
> > environment:
> >
> > Debian Sarge
any user tries to read/receive an email.
Any clues about it? Am I asking at the right list?
openantivir list is out..
thanks in advance
--
Paulo Ricardo Bruck - consultor
signature.asc
Description: Esta é uma parte de mensagem assinada digitalmente
would be.
In my clamd.conf I have:
ScanPE
DetectBrokenExecutables
Its version: ClamAV 0.80/549/Sun Oct 24 21:37:38 2004
It was installed via ports in a freebsd box.
Is there anything i'm missing?
--
Ricardo Campos Passanezi
___
http://lists.cl
i´ve updated my installation and it required no downtime.
it´s really a simple process, once you have all dependecies in place
i've used the RPM file
ricardo
>>What are the consequences of not upgrading? I'd have to
ave put symlinks in the
old locations, not copied executablesthat's a good way to end up
with multiple versions down the line. if you make a symlink, then when
you upgrade in location a, location b now points to the correct
things...
On Monday, April 26, 2004, at 01:02 PM, Ricardo Bernar
uilder:
ccordes)
thanks again
ricardo
---
This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
For a limited time only, get FREE Ground shipping on all orders of $35
or more. Hurry up and shop folks, this offer expires A
looks like that the older version is still on.
what can i do?
thanks
ricardo
- Original Message -
From: "Rob" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 26, 2004 4:33 PM
Subject: RE: [Clamav-users] installation update require - trouble
up to date (version: 282, sigs: 1028, f-level: 2, builder:
ccordes)
WARNING: Your ClamAV installation is OUTDATED - please update immediately !
WARNING: Current functionality level = 1, required = 2
tia
ricardo
- Original Message -
From: "Dave Tiger" <[EMAIL PROTECTED]
-1.i386.rpm
and got
warning: clamav-0.70-1.i386.rpm: V3 DSA signature: NOKEY, key ID 6cdf2cc1
package clamav-0.70-1 is already installed
please help
tia
ricardo
---
This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek
hi
is it possible to stop ClamAV from scanning .zip files?
(RedHat 8; Sendmail; Mailscanner)
thank you
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo tec
s are good and are
.exe
thank you
ricardo
x27;s considered a bad
release?
Which is the latest stable release? Is it 0.70-rc or 0.68 ?
Ricardo
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technol
ssible to ensure that clamdscan times out and
returns some sort of error?
Ricardo
---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies.
>> Hi,
>>
>> Is clamav catching this latest worm that has a password
>> protected zip file?
> Yes, it is.
Thank you. Are there multiple versions of this worm? I have seen some come
into my mailbox and not be detected... but I no longer have the files
Hi,
Is clamav catching this latest worm that has a password
protected zip file?
I've seen a bunch of these come through and it doesn't seem
like clamdscan has caught it. I don't have one of these
messages around to manually test it.
ndering
if there's a fix out there for the DOS, if there's a need
for me to upgrade. I don't want to upgrade unless I really
need to.
Thanks
Ricardo
---
The SF.Net email is sponsored by EclipseCon 2004
Premiere Conference on Open To
Hi,
I use clamav on my linux server...
But of course I want to protect my windows desktop against
viruses and be able to scan my disks. Am I still stuck with
having to pay Norton or whoever else for a windows scanner?
Any open source alternatives?
Thanks
Ricardo
hm/tmp/messages/mime/1517/
/dev/shm/tmp/messages/mime/1517/: Can't access the file
ERROR
--- SCAN SUMMARY ---
Infected files: 0
Time: 0.001 sec (0 m 0 s)
This is happening very consistenly... so virus scanning is
failing for me.
Any ideas what
hm/tmp/messages/mime/1517/
/dev/shm/tmp/messages/mime/1517/: Can't access the file
ERROR
--- SCAN SUMMARY ---
Infected files: 0
Time: 0.001 sec (0 m 0 s)
This is happening very consistenly... so virus scanning is
failing for me.
Any ideas what
Hi all,
I just noticed something strange... I have a virus file that
McAffee VirusScan reports as Swen, and clamd reports as
Worm.Gibe.F
Do those have similar signatures? I wonder why that would
be.
Ricardo
---
This SF.net email is sponsored
x27;ve already sent me, give me
> an indication which one it is please, and I'll retest.
>
Yes, I've sent the file, probably twice. :-) It is called
"virusfile.2.gz", I believe, please let me know if you'd
like me to send it again.
Ricardo
-
which is, itself, another message/rfc822 with a
virus attachment.
This is a test file I've sent out to a couple of you that
passes undetected... I'm just trying to see if this issue
has been resolved?
Thanks
Ricardo
---
This sf.net em
ou able to test this snapshot with the
gzip file I sent you?
Thanks
Ricardo
- Original Message Follows -
> The snapshot doesn't contain the virus databases.
>
> Fri Aug 29 16:32:59 CEST 2003
> -
> * clamav-milter: 0.60d: Removed s
Hello Tomasz,
I do have ScanArchive enabled, and neither clamscan nor
clamdscan catch the virus.
This is an email message file with a virus attachment, that
has been gzip'ed.
If you'd like for me to send it to you, let me know where to
send it.
Thanks
Ricardo
- Original Messa
wever, clamd does not detect the virus inside the
gzip file, so basically it passes through.
How can this problem be solved? Is there an address I can
send this file so clamd can be debugged or fixed to solve
the problem?
Thanks
Ricardo
---
This S
containing the gzip file.
Ricardo
- Original Message Follows -
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Friday 22 Aug 2003 4:10 pm, Ricardo Kleemann wrote:
>
> > I tried sending you a gzip attachment of the message
> > file, and it got
Hi Nigel,
I tried sending you a gzip attachment of the message file,
and it got bounced back with a virus being detected ;-)
So my question is, how do you process the messages?
What can I be doing different that you can catch the virus,
but my clamdscan won't?
Thanks
Ricardo
- Ori
ents. So I'm
dependent on using something like ripmime.
Maybe there's something similar to ripmime, which already
does some sort of recursive extraction?
Thanks for your help.
Ricardo
---
This SF.net email is sponsored by: VM Wa
Thank you!
- Original Message Follows -
> I got this from the clamav-users previously.
>
> Ricardo Kleemann wrote:
>
> >Hi,
> >
> >Does anyone have a linux rc init script for c
Thank you!
- Original Message Follows -
> I got this from the clamav-users previously.
>
> Ricardo Kleemann wrote:
>
> >Hi,
> >
> >Does anyone have a linux rc init script for c
Hi,
Does anyone have a linux rc init script for clamd?
Thanks
Ricardo
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Hi,
Does anyone have a linux rc init script for clamd?
Thanks
Ricardo
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
other instances
where clamscan will fail properly detecting a virus in mime parts.
I've attached the message with uuencoded text (zipped up).
Ricardo
On Sat, 24 May 2003, Nigel Horne
wrote:
> uudecoding is handled by libclamav/message.c
>
> -Nigel
>
>
party.virus.gz
Desc
I don't really have a test suite, I'm assuming ripmime works well.
Anybody have a suite of these kinds of messages to run through?
Ricardo
On Fri, 23 May 2003 21:43:04 +0200 Damjan wrote:
> > The only way I can get it to work well for mime and uuencoded
> messages is
&
d then run clamscan on
the mime parts.
If anyone has a better way of doing it, I'd love to hear it.
Ricardo
On Fri, 23 May 2003 17:43:49 +0100 Sean Rima wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Does clamav (0.54) read understand mime. I am just curious
>
On Wed, 7 May 2003 14:28:00 +0200 (CEST) Tomasz Kojm wrote:
> Please test the newest version from http://clamav.elektrapro.com/snapshot,
> old code is known to ignore some types of attachments.
>
Is the newest version the one from April 3? Is there a newer one somewhere?
Ricardo
this ? This is not produced by clamscan.
It just looks confusing. Those are the filenames in the /tmp/viruses
directory, and clamscan was reporting "OK" for each of the files (which
have the very long filenames). These are maildir files produced by the
courier mail server.
Thanks again
Ricardo
Hi,
I have a folder (mbox folder under PINE) in which I've kept a few virus
messages around to help me with scan testing. There are 8 messages in
there. I currently run RAV antivirus on another box, and if I scan that
folder (the mbox file) with ravav I get this:
/home/r.../viruses->(part0001:)->
Oh, that's great! Good to know that clamscan does MIME processing.
Is anyone aware of known bugs with clamscan's MIME processing?
Thanks for your help, Ed!
Ricardo
On Mon, 5 May 2003 11:58:17 -0400 (EDT) Ed Phillips wrote:
> On Mon, 5 May 2003 [EMAIL PROTECTED] wrote:
>
>
Does clamav not take apart MIME messages?
Is something like MIMEDefang necessary with clamav?
Thanks
Ricardo
On Mon, 5 May 2003 11:45:58 -0400 (EDT) Ed Phillips wrote:
> On Mon, 5 May 2003 [EMAIL PROTECTED] wrote:
>
> > Thanks Ed!
> >
> > So you use clamd + clamd
question, I see clamscan can use "-" to take a file in STDIN, but
it seems clamdscan doesn't have that option?
Thanks
Ricardo
On Sun, 4 May 2003 20:52:15 -0400 (EDT) Ed Phillips wrote:
> Hi,
>
> I got these counts from our clamd log. Each time it finds a virus, it
&g
Even in the summary, it will only say how many were found, but
not the actual type.
Thanks
Ricardo
On Tue, 29 Apr 2003 11:46:24 -0400 (EDT) Ed Phillips wrote:
>2 Joke.CokeGift FOUND
>2 Joke.Schmilz FOUND
>2 Kit/VCL FOUND
>2 TR.IWorm.MTX FOUND
>2 W2000M/Thus.
Hi,
How can I use clamav from withing a filtering program such as procmail or
maildrop? It seems to me that clamscan only takes a file or directory...
Thanks
Ricardo
t; > I ran a simple test to compare the performance.
> > >
> > > I ran clamdscan 5 times on the clamscan install directory, got an
> > average
> > > of 2.22 seconds
> > > Then I ran clamscan 5 times on the same directory, with an
> average of
> &
>
> > I ran clamdscan 5 times on the clamscan install directory, got an
> average
> > of 2.22 seconds
> > Then I ran clamscan 5 times on the same directory, with an average of
> > 1.18 seconds, basically twice as fast!
> >
> > So should clamdscan+clamd on
5 times on the same directory, with an average of
1.18 seconds, basically twice as fast!
So should clamdscan+clamd only be used in scenarios where I have a
central clamav server? Because it seems the regular clamscan is much faster.
Ricardo
On Thu, 01 May 2003 10:01:09 +0200 Andreas Schmitz wrote
#x27;m guessing
clamscan is self-sufficient and doesn't rely on clamd.
If that's the case, then what is the client program for clamd? Is it
clamuko? I didn't quite understand.
How can I get clamav's statistics, I've seen postings of the number of
viruses scanned historically...
Thanks
Ricardo
Hi all,
How stable are the snapshots? Should I go with stable and steer away from
snapshots?
When is 0.55 due to be released?
Thanks
Ricardo
?
Thanks again.
Ricardo
On Tue, 29 Apr 2003 15:29:03 +0100 Robert Harrison wrote:
> Checking for a new database - started at Sat Nov 30 04:00:00 2002
> viruses.db2 is up to date.
> Database updated (containing
Hello David.
I see you're out there. ;-) But do you know the answer to my original
question...?
How many virus signatures does clamav have, how reliable is it, how often
does its database get updated?
I'm trying to compare it to commercial alternatives.
Ricardo
On Tue, 29 Apr
Hi,
Haven't seen any postings since I signed up, other than my one posting,
and no responses... Is anyone out there?
Ricardo
, how quickly will it make it into
clamav's database?
Most commercial AV solutions have daily updates of signatures.
Thanks
Ricardo
54 matches
Mail list logo
