On Wed, 23 Jun 2010, Nathan Gibbs wrote:
So I'd set it up to have freshclam go through stunnel to the https
server. Have I got the idea right?
Yes. Instead of connecting directly to the remote host, freshclam would
connect to localhost on whatever local non-SSL port you have stunnel
configu
* Jason Englander wrote:
> On Fri, 14 May 2010, Nathan Gibbs wrote:
>
>> I would like the option to use the https protocol with freshclam in a
>> local
>> mirror setup.
>
> Sorry to reply to a month-old post. I skimmed the thread, minus the
> bickering,
:-)
> and if there's a later follow-up,
On Fri, 14 May 2010, Nathan Gibbs wrote:
I would like the option to use the https protocol with freshclam in a local
mirror setup.
Sorry to reply to a month-old post. I skimmed the thread, minus the
bickering, and if there's a later follow-up, I have not seen it yet.
...but if you're doing
denni...@inetnw.com
> To: clamav-users@lists.clamav.net
> Subject: Re: [Clamav-users] Tiered freshclam updates on port443
>
> On 5/21/10 8:33 AM, Freddie Cash wrote:
>
> > It may not have happened on your network, but it's (filtering outbound
> > traffic) saved
On 5/21/10 8:33 AM, Freddie Cash wrote:
It may not have happened on your network, but it's (filtering outbound
traffic) saved our bacon several times over the years, especially back in
the Code Red/Nimda days. And, in an educational setting (I work for a
school district now), you definitely do
On Fri, May 21, 2010 at 7:48 AM, Shawn Bakhtiar wrote:
> I believe each of the points you both made, including OUTBOUND security to
> prevent hackers from using a hacked machine on our network, are very valid
> points. But I have yet to see gateway blocks actually reduce the number of
> infections
.net
> Date: Fri, 21 May 2010 08:46:45 +1200
> Subject: Re: [Clamav-users] Tiered freshclam updates on port443
>
> On Thu, 2010-05-20 at 16:09 -0400, Shawn Bakhtiar wrote:
> > Back to the original issue.
> >
> > I still say having firewalls from higher security
On Thu, 20 May 2010, Simon Hobson wrote:
> Shawn Bakhtiar wrote:
>
> >I still say having firewalls from higher security zones to lower
> >ones, does not make sense. Security is only valid when it is
> >INBOUND. Outbound security is no security at all, just a pain for
> >your users.
>
> I used
On Thu, 2010-05-20 at 16:09 -0400, Shawn Bakhtiar wrote:
> Back to the original issue.
>
> I still say having firewalls from higher security zones to lower ones, does
> not make sense. Security is only valid when it is INBOUND. Outbound security
> is no security at all, just a pain for your user
Shawn Bakhtiar wrote:
I still say having firewalls from higher security zones to lower
ones, does not make sense. Security is only valid when it is
INBOUND. Outbound security is no security at all, just a pain for
your users.
I used to think like that, but now I'd respectfully disagree.
It'
15:22:04 -0400
> From: nat...@cmpublishers.com
> To: clamav-users@lists.clamav.net
> Subject: Re: [Clamav-users] Tiered freshclam updates on port443
>
> * Matus UHLAR - fantomas wrote:
> >> * Matus UHLAR - fantomas wrote:
> >>> Why? is there an aggresiv
* Matus UHLAR - fantomas wrote:
>> * Matus UHLAR - fantomas wrote:
>>> Why? is there an aggresive firewall on the machine? Or is the machine
>>> maintained by a moron?
>
> On 14.05.10 14:50, Nathan Gibbs wrote:
>> Blah, Blah, Bl;ah.
>
> I have asked why it's impossible.
True.
> Having moron sy
> * Matus UHLAR - fantomas wrote:
> >
> > Why? is there an aggresive firewall on the machine?
> > Or is the machine maintained by a moron?
On 14.05.10 14:50, Nathan Gibbs wrote:
> He is no moron who would dream of doing things differently.
> He is just not like you.
I have asked why it's impossi
The best way to protect data is to
keep it binary and OFF port 80 or 443.
This time in my IMNSHO
:oP
> Date: Sun, 16 May 2010 09:29:57 +0300
> From: h...@hege.li
> To: clamav-users@lists.clamav.net
> Subject: Re: [Clamav-users] Tiered freshclam updates on port443
>
> On Fri,
On 5/10/10 8:43 AM, Eddie Ekwo wrote:
Hello Everyone.
I am new to using ClamAV and I have searched through the mail archives for
help/pointers on setting up a tired freshclam update environment.
I have got a server that has access to the internet on port 80, so updates from
internet are not a
On Fri, May 14, 2010 at 06:34:33PM -0400, Nathan Gibbs wrote:
>
> At our site, the "update server" hosts clamav DBs, snort rules, some conf
> files, etc. The ability to protect the other data would be a plus. It would
> add another layer of defense to our setup. However its not workable if
> F
* Török Edwin wrote:
> On 05/15/2010 01:34 AM, Nathan Gibbs wrote:
>>
>> At our site, the "update server" hosts clamav DBs, snort rules, some conf
>> files, etc. The ability to protect the other data would be a plus. It would
>> add another layer of defense to our setup. However its not workabl
On 05/15/2010 01:34 AM, Nathan Gibbs wrote:
> * Török Edwin wrote:
>> On 05/14/2010 09:42 PM, Nathan Gibbs wrote:
>>>
>>> 1. Is moving updates over https a good idea? For the ClamAV update
>>> infrastructure at large, probably not.
>>
>> For the public mirrors no. https has extra overhead (ssl setu
* Chuck Swiger wrote:
> On May 14, 2010, at 11:42 AM, Nathan Gibbs wrote:
>>
>> In summary I refuse to waste my time and the ClamAV Team's time
>> submitting a feature request that they will refuse to implement.
>
> While I have concerns and even complaints that I might make about ClamAV,
> the C
* Török Edwin wrote:
> On 05/14/2010 09:42 PM, Nathan Gibbs wrote:
>>
>> 1. Is moving updates over https a good idea? For the ClamAV update
>> infrastructure at large, probably not.
>
> For the public mirrors no. https has extra overhead (ssl setup),
Thats what I thought, more complicated for yo
On May 14, 2010, at 11:42 AM, Nathan Gibbs wrote:
> * Alain Zidouemba wrote:
>> Feature requests are always welcome.
>
> However a resounding NO after putting in the effort is not.
>
> It has been my experience to post a feature request and be told that.
> 1. The lake & short pier are to your ri
On 05/14/2010 09:42 PM, Nathan Gibbs wrote:
> * Alain Zidouemba wrote:
>> Feature requests are always welcome.
>
> However a resounding NO after putting in the effort is not.
>
> It has been my experience to post a feature request and be told that.
> 1. The lake & short pier are to your right.
>
* Matus UHLAR - fantomas wrote:
>
> Why? is there an aggresive firewall on the machine?
> Or is the machine maintained by a moron?
>
He is no moron who would dream of doing things differently.
He is just not like you.
To call another a moron because they are not like you, would imply that the
na
* Alain Zidouemba wrote:
> Feature requests are always welcome.
However a resounding NO after putting in the effort is not.
It has been my experience to post a feature request and be told that.
1. The lake & short pier are to your right.
2. Take a long walk and or jump.
A better experience has
On 10.05.10 16:43, Eddie Ekwo wrote:
> I am new to using ClamAV and I have searched through the mail archives for
> help/pointers on setting up a tired freshclam update environment.
>
> I have got a server that has access to the internet on port 80, so updates
> from internet are not a problem. I
Feature requests are always welcome. Please enter it/them here:
https://wwws.clamav.net/bugzilla/
Thanks,
-Alain
On Fri, May 14, 2010 at 1:01 PM, Nathan Gibbs wrote:
> * Eddie Ekwo wrote:
>> Hello Everyone.
>>
>> I am new to using ClamAV and I have searched through the mail archives for
>> help
* Eddie Ekwo wrote:
> Hello Everyone.
>
> I am new to using ClamAV and I have searched through the mail archives for
> help/pointers on setting up a tired freshclam update environment.
>
> I have got a server that has access to the internet on port 80, so updates
> from internet are not a problem
27 matches
Mail list logo
