Amit Keshan said:
> Hi!
>
> I installed Clam on my server and realized that it is not allowing emails
> to be send if a passowrd protected zip file is attached. One of my esteem
> client is really upset with it and is planning to shift his hosting within
> a day or two if this issue is not resolve
Hi
See
man clamav.conf
exspecially
ArchiveBlockEncrypted
Regards,
Steffen
smime.p7s
Description: S/MIME cryptographic signature
Hi!
I installed Clam on my server and realized that
it is not allowing emails to be send if a passowrd protected zip
file is attached. One of my esteem client
is really upset with it and is planning to shift his hosting within a day or two
if this issue is not resolved. Please help.
Tha
On Tue, 16 Mar 2004 11:55:33 +1100
Jonathan Trott <[EMAIL PROTECTED]> wrote:
> Tomasz Kojm <[EMAIL PROTECTED]> wrote on 12/03/2004 00:07:01:
>
> > On Thu, 11 Mar 2004 12:49:36 +1100
> > Jonathan Trott <[EMAIL PROTECTED]> wrote:
> >
> > > At the moment, if you put any virus inside an encrypted zi
Tomasz Kojm <[EMAIL PROTECTED]> wrote on 12/03/2004 00:07:01:
> On Thu, 11 Mar 2004 12:49:36 +1100
> Jonathan Trott <[EMAIL PROTECTED]> wrote:
>
> > At the moment, if you put any virus inside an encrypted zip file,
> > clamav reports that there isn't a virus in there, which is a false
> > negat
On Thu, 11 Mar 2004 12:49:36 +1100
Jonathan Trott <[EMAIL PROTECTED]> wrote:
> At the moment, if you put any virus inside an encrypted zip file,
> clamav reports that there isn't a virus in there, which is a false
> negative. Better to report that it couldn't be scanned than there
> wasn't a vi
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:clamav-users-
> [EMAIL PROTECTED] On Behalf Of Erik Corry
> Sent: 2. marts 2004 09:10
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] password protected zip file
>
> On Tue, Mar 02, 2004 at 03:07:31
On Fri, 5 Mar 2004 13:31:35 -0800 (PST)
[EMAIL PROTECTED] wrote:
>
> uvscan is detecting zipped/passworded bagle zip's as
> Worm.Bagle.Gen-zippwd. Any ideas as to how they might be doing this?
Please don't top post.
That's not your uvscan but ClamAV detecting the worm.
--
oo.
uvscan is detecting zipped/passworded bagle zip's as
Worm.Bagle.Gen-zippwd. Any ideas as to how they might be doing this?
-Eric
On Wed, 3 Mar 2004, Lucas Albers wrote:
> Tomasz Papszun said:
> >WE ASK USERS TO NOT SUBMIT naked zip files IF their contents is DETECTED
> >as infected by ClamAV A
Tomasz Papszun said:
>WE ASK USERS TO NOT SUBMIT naked zip files IF their contents is DETECTED
>as infected by ClamAV AFTER UNZIPPING. It's a utter waste of our time,
>which results in delays in processing really significant samples!
Why not add this on the web submittal nag screen?
Luke Compute
There used to be a utility, way back in my OS/2 days, I think it was called
Stripper or something like that. It removed the HTML crap from files
leaving only the plain text...
Shawn
On Wed, 03 Mar 2004 07:43:35 + Chris Meadors <[EMAIL PROTECTED]>
exclaimed:
> Good point. That should take
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:clamav-users-
> [EMAIL PROTECTED] On Behalf Of Jesper Juhl
> Sent: 3. marts 2004 02:55
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] Password-protected .zip file viruses
>
> What I'm thinking is; W
On Tue, 02 Mar 2004 at 18:24:27 -0700, Charlie Watts wrote:
> Clearly the virus DB maintainers are inundated with password-protected
> .zip files with viruses inside.
Indeed :-( .
> I think I understand the technical impossibility of making a signature for
> these - the .zip header is the same, a
Jesper Juhl wrote:
What I'm thinking is; Would it be feasible to add an option to attempt to
brute-force-crack the passwords on zip files when scanning them?
Yes, it would slow down scanning immensely, and there's *no* way it should
ever be a default option, but zip file passwords are /resonably/
But...
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Chris
> Meadors
> Sent: Tuesday, March 02, 2004 11:44 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] Password-protected .zip file viruses
>
>
> Paul Bov
Paul Boven wrote:
How about only trying every word in the mail-body as a key to try,
instead of brute-forcing? The virus(-writer) cannot afford to fudge the
password in the mail-body: One would hope that the subset of users that
is clever enough to reconstruct the password, yet stupid enough to
Hi List,
Chris Meadors wrote:
Jesper Juhl wrote:
What I'm thinking is; Would it be feasible to add an option to attempt to
brute-force-crack the passwords on zip files when scanning them?
I don't think it can be in reasonable time. My 700 MHz machine takes
about 15 minutes to crack a .zip when
March 02, 2004 5:55 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] Password-protected .zip file viruses
>
>
> On Tue, 2 Mar 2004, Charlie Watts wrote:
>
> > Clearly the virus DB maintainers are inundated with password-protected
> > .zip files with viruses i
On Wed, 3 Mar 2004, Rembrandt wrote:
> On Wed, 3 Mar 2004 02:54:35 +0100 (CET)
> [EMAIL PROTECTED] (Jesper Juhl) wrote:
>
> > On Tue, 2 Mar 2004, Charlie Watts wrote:
> >
> > > Clearly the virus DB maintainers are inundated with
> > > password-protected.zip files with viruses inside.
> > >
> > > I
Jesper Juhl wrote:
What I'm thinking is; Would it be feasible to add an option to attempt to
brute-force-crack the passwords on zip files when scanning them?
Yes, it would slow down scanning immensely, and there's *no* way it should
ever be a default option, but zip file passwords are /resonably/
On Wed, 3 Mar 2004 02:54:35 +0100 (CET)
[EMAIL PROTECTED] (Jesper Juhl) wrote:
> On Tue, 2 Mar 2004, Charlie Watts wrote:
>
> > Clearly the virus DB maintainers are inundated with
> > password-protected.zip files with viruses inside.
> >
> > I think I understand the technical impossibility of mak
On Tue, 2 Mar 2004, Charlie Watts wrote:
> Clearly the virus DB maintainers are inundated with password-protected
> .zip files with viruses inside.
>
> I think I understand the technical impossibility of making a signature for
> these - the .zip header is the same, and then the filenames inside ar
Clearly the virus DB maintainers are inundated with password-protected
.zip files with viruses inside.
I think I understand the technical impossibility of making a signature for
these - the .zip header is the same, and then the filenames inside are
randomized, as is the password, and thus the encr
Erik Corry wrote:
Hi, Can clamav detected those virus that is protected by a password in a zipped file?
No
Generally no, except in the case of Worm.Bagle.F-zippwd (Trend Micro
identifies it as Worm.Bagle.F-1).
There's another thread about it (password-protected Worm.Bagle.F). See
archiv
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:clamav-users-
> [EMAIL PROTECTED] On Behalf Of Erik Corry
> Sent: 2. marts 2004 09:10
> To: [EMAIL PROTECTED]
> Subject: Re: [Clamav-users] password protected zip file
>
> On Tue, Mar 02, 2004 at 03:07:31
On Tue, Mar 02, 2004 at 03:07:31PM +0800, kengheng wrote:
> Hi, Can clamav detected those virus that is protected by a password in a zipped file?
No
--
Erik Corry I'd be a Libertarian, if they weren't all a
[EMAIL PROTECTED] bunch of tax-dodging professional whiners. - B. Breathed.
Hi, Can clamav detected those virus that is
protected by a password in a zipped file?
Thanks
27 matches
Mail list logo
