In addition to what has been discussed, the selfcheck that clamd does can
overlap a freshclam or other signature process and produce the same warning.
This is particularly true for signature installers or admins that don't do
atomic file operations. That is to say, if you scp/sftp/mv/copy files
Forgot to respond to this earlier - this can happen if an update begins before a
previous update finishes. And this can happen if you have multiple scripts
fetching signatures from multiple vendors. Some scripts have a built in random
delay that attempts to prevent every user from updating on th
Hi,
On Mon, Feb 22, 2016 at 1:57 PM, Joel Esler (jesler) wrote:
> Gentlemen. We get the point. We’re working on it. I had a conversation
> with the malware lead
> last week to see what we can do here.
Can you help with my original question about:
clamd server '/var/run/clamd.amavisd/clamd.s
Gentlemen. We get the point. We’re working on it. I had a conversation with
the malware lead last week to see what we can do here.
--
Joel Esler
Manager, Talos Group
On Feb 22, 2016, at 12:06 PM, Groach
mailto:groachmail-stopspammin...@yahoo.com>>
wrote:
I dont think there is any 'caus
# grep FOUND /var/log/clamav/clamd.log* |grep -c UNOFFICIAL
80
# grep FOUND /var/log/clamav/clamd.log* |grep -v -c UNOFFICIAL
0
# grep FOUND /var/log/clamav/clamd.log* |grep -c -i sanesecurity
38
# grep FOUND /var/log/clamav/clamd.log* |grep -c -i winnow
42
My logs go back only to January, but th
FWIW, if I may offer opinion: I would agree with Alex with the need to
source out better unofficial databases (such as sanesecurity,
securiteinfo etc): clam definitions are inherently slow on the uptake
of new threats, taking a day or more (at best) and in some cases never
(ive demonstrated t
Hi,
> Can’t be of much help with your primary issue, but to answer one or your
> questions, the official ClamAV database is a bit over 4 million. I can’t
> conceive of a situation where you would need every conceivable unofficial
> database, but then I have no idea what you are doing with your
Can’t be of much help with your primary issue, but to answer one or your
questions, the official ClamAV database is a bit over 4 million. I can’t
conceive of a situation where you would need every conceivable unofficial
database, but then I have no idea what you are doing with your setup, other
Hi,
I have a clamav-0.99-2 installation on fedora23 and periodically I
receive a message when running clamav-notify-servers after having run
freshclam that reports:
# clamav-notify-servers
clamd server '/var/run/clamd.amavisd/clamd.sock' gave '' response
I have a script that periodically rsyncs
