At 13:04 31-03-2008, Dennis Peterson wrote:
>How are able to determine that? There's nothing in the connection
>information or in the message that identifies the source OS, hardware,
>or MTA. Everything in a message can be spoofed as can the sending
Passive OS fingerprinting. That only works if t
On Die, 2008-04-01 at 16:21 +1300, Steve Holdoway wrote:
[...]
> Well, ignoring the ensuing flame war as to whether a worm is a virus
> ( it certainly is in this context! ), the first ever virus was unix
> based. And Microsoft Windows hadn't been invented yet. Or linux.
But the Unix world learned
Hi all, some days ago I installed the latest HAVP compiled with libclamav
0.92.1,
apparently it works, but sporadically I get this errors on logs:
SCANERROR ClamAV: Unable to create temporary directory
SCANERROR ClamAV: Input/Output error.
I know this are libclamav errors but doesnt know how to
Hello,
what's about my question? (I wrote 23 March)
After the full system scan I've got console reports as follows:
LibClamAV Warning: cli_utf16toascii: length < 2
What does it mean? Is this a bug? How to fix the problem?
Clamav version: 0.92.1
LibClamAV version: 0.92.1~dfsg-1volatile1
OS: De
Steve Holdoway wrote:
> Well, ignoring the ensuing flame war as to whether a worm is a virus
> ( it certainly is in this context! ), the first ever virus was unix
> based.
Actually, I believe CHRISTMA EXEC predated the Morris worm, and that
was on IBM System/370. http://en.wikipedia.org/wiki/Chri
Mishustin Alexey wrote:
> Hello,
>
> what's about my question? (I wrote 23 March)
>
> After the full system scan I've got console reports as follows:
>
> LibClamAV Warning: cli_utf16toascii: length < 2
>
> What does it mean? Is this a bug? How to fix the problem?
I am no expert but if I had to
Anyone hear what is up with this issue?
I used to get it maybe 6 to a dozen times per day. Now, I am at
almost that many an hour. Is this a known bug? Is it a known
configuration issue? Anyone?
Dave
___
Help us build a comprehensive ClamAV gu
Hello,
Is MailFollowURLs option working for anyone?
I'm testing it with 0.92.1 and 0.93rc1 (on Linux and on Solaris) and
either one is not scanning URLs found from mails, anti-phishing code is
detecting URLs just fine.
Below is boolean options from my 0.92.1 config.
LogTime yes
LogSyslog yes
Jan-Pieter Cornet wrote:
> Why go through all the trouble of creating a linux virus, when there
> are tons of readily exploitable php out there?
Like I said, because of the publicity value. There are some virus writers
out there who do it for the "fame".
Regards,
David.
___
On Tue, Apr 01, 2008 at 08:38:26AM -0400, David F. Skoll wrote:
> > I am absolutely certain that, once there's a market for it,
> > non-windows viruses will appear.
>
> There *is* already a huge market for a Linux virus. The market is different
> from the Windows market. In the Windows world, th
On Tue, Apr 01, 2008 at 11:43:27AM +0200, Luis Miguel R. wrote:
> Hi all, some days ago I installed the latest HAVP compiled with libclamav
> 0.92.1,
> apparently it works, but sporadically I get this errors on logs:
>
> SCANERROR ClamAV: Unable to create temporary directory
> SCANERROR ClamAV: I
David F. Skoll wrote:
> The Morris worm did not propagate via file sharing or e-mail;
That's not entirely true. The Morris worm used multiple techniques to
infiltrate a system, one of which was a common "hole" that sendmail
systems used which allowed an external sender to specify a file or
pr
John Rudd wrote:
> What Unix-like systems have going for them IS NOT privilege separation,
> it is that the *nix culture is much more aggressive/responsive when it
> comes to generating patches for vulnerabilities ... getting them out
> more frequently than Windows service packs. But that depe
Quoting Joe Sloan <[EMAIL PROTECTED]>:
> It's rather simple. Every single one of the viruses we looked at has
> been a windows executable, therefore could not have possibly infected a
> non windows platform.
You've never seen a macro virus???
What OS they execute on isn't really the point. The
On Tue, 01 Apr 2008 10:47:39 -0400
"David F. Skoll" <[EMAIL PROTECTED]> wrote:
> Jan-Pieter Cornet wrote:
>
> > Why go through all the trouble of creating a linux virus, when there
> > are tons of readily exploitable php out there?
>
> Like I said, because of the publicity value. There are some
Eric Rostetter wrote:
> You've never seen a macro virus???
Not lately. Have you? They seem to have fallen out of favour.
Regards,
David.
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clama
[EMAIL PROTECTED] wrote:
> Mishustin Alexey wrote:
>
>> Hello,
>>
>> what's about my question? (I wrote 23 March)
>>
>> After the full system scan I've got console reports as follows:
>>
>> LibClamAV Warning: cli_utf16toascii: length < 2
>>
>> What does it mean? Is this a bug? How to fix the pro
David Cunningham wrote:
> Anyone hear what is up with this issue?
>
> I used to get it maybe 6 to a dozen times per day. Now, I am at
> almost that many an hour. Is this a known bug? Is it a known
> configuration issue? Anyone?
Which ClamAV version are you using?
Does 'ScanPDF no' in clam
Hi there,
Short subject lines are acceptable. :)
On Tue, 1 Apr 2008 Randal Hicks wrote:
> Would anyone else care to share their statistics or how they are
> protecting themselves (and thereby others)? Not just mail, but
> other vectors as well. Maybe an experience you had where you
> learned a
Quoting "David F. Skoll" <[EMAIL PROTECTED]>:
> Eric Rostetter wrote:
>
>> You've never seen a macro virus???
>
> Not lately. Have you? They seem to have fallen out of favour.
Last one I know of was May 2007, but I don't really watch for them so
there may or may not have been any since then tha
Tomi Hakala wrote:
> Hello,
>
> Is MailFollowURLs option working for anyone?
>
> I'm testing it with 0.92.1 and 0.93rc1 (on Linux and on Solaris) and
> either one is not scanning URLs found from mails, anti-phishing code is
> detecting URLs just fine.
>
Please open a bugreport and attach a sa
David Cunningham wrote:
> Anyone hear what is up with this issue?
>
> I used to get it maybe 6 to a dozen times per day. Now, I am at
> almost that many an hour.
At one time I used to get it twice a day, exactly.
On investigation it turned out to be an attachment which was a pdf file
written
> I've had to repair or replace a number of "Contact Us" and
> feedback type php scripts that were incredibly easy to
> exploit and in fact actually were exploited. More than once
> one of my own systems was spewing spam from badly crafted web
> pages. Many of these would never be found except
Seemingly, it may not be directly related to this forum but the debate going
on in tidbits should be of interest to posters here who by the look of it
are in the thick of it all and probably experts in the field. They should
look especially at item 23 by Randy B Singer of March 31, 2008. Althou
24 matches
Mail list logo
