[clamav-users] 0.99.3 upgrade

2018-02-01 Thread Eric Broch
Hello list, I have user who has upgraded clamav to the most recent version (0.99.3) but is still getting the warning when doing 'freshclam' as below: WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.99.1 Recommended version: 0.99.3 There are no other version of clamav

Re: [clamav-users] 0.99.3 upgrade

2018-02-01 Thread Andreas Schulze
Am 01.02.2018 um 14:35 schrieb Eric Broch: > Hello list, > > I have user who has upgraded clamav to the most recent version (0.99.3) but > is still getting the warning when doing 'freshclam' as below: > > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.99.1 Recommended

[clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Chris
First of all regarding my previous post - "Cannot connect to unix socket '/var/lib/clamav/clamd.socket': connect: No such file or directory" on Tuesday, I at least have that working. However, now whenever an update is done to a database I'm seeing - ERROR: NotifyClamd: Can't connect to clamd on 127

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Dennis Peterson
Use the nc tool to connect to that port. If you get a connection then type PING. It should return PONG and disconnect. If that doesn't happen you have a config misunderstanding. dp On 2/1/18 6:49 AM, Chris wrote: First of all regarding my previous post - "Cannot connect to unix socket '/var/l

Re: [clamav-users] 0.99.3 upgrade

2018-02-01 Thread Thomas McCourt (tmccourt)
Eric, What do they get when they do a freshclam —version What operating system? Thanks, Tom McCourt On 2/1/18, 8:35 AM, "clamav-users on behalf of Eric Broch" wrote: >Hello list, > >I have user who has upgraded clamav to the most recent version (0.99.3) >but is still getting the warnin

Re: [clamav-users] 0.99.3 upgrade

2018-02-01 Thread Reindl Harald
Am 01.02.2018 um 14:35 schrieb Eric Broch: I have user who has upgraded clamav to the most recent version (0.99.3) but is still getting the warning when doing 'freshclam' as below: *how* did he upgrade WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.99.1 Recommended

Re: [clamav-users] 0.99.3 upgrade

2018-02-01 Thread Eric Broch
I don't know, but thank you for all the helpful info! On 2/1/2018 9:09 AM, Reindl Harald wrote: *how* did he upgrade -- Eric Broch White Horse Technical Consulting (WHTC) ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clam

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Chris
On Thu, 2018-02-01 at 07:51 -0800, Dennis Peterson wrote: > Use the nc tool to connect to that port. If you get a connection then > type PING.  > It should return PONG and disconnect. If that doesn't happen you have > a config  > misunderstanding. > > dp Thanks Dennis, I used nc -zv to try and co

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Reindl Harald
Am 01.02.2018 um 18:23 schrieb Chris: nc -zv 127.0.0.1 3300-3400 nc: connect to 127.0.0.1 port 3300 (tcp) failed: Connection refused nc: connect to 127.0.0.1 port 3301 (tcp) failed: Connection refused nc: connect to 127.0.0.1 port 3302 (tcp) failed: Connection refused nc: connect to 127.0.0.1 p

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Benny Pedersen
Chris skrev den 2018-02-01 18:23: nc -zv 127.0.0.1 3300-3400 nc: connect to 127.0.0.1 port 3300 (tcp) failed: Connection refused clamd does not listen by default on inet, its default only unix socket if you want both, configure it :=) see clamd.conf more help ?, clamconf output for clamd.co

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Dennis Peterson
If you can successfully run nc -l 3310 then clamd is not using the port. Check lsof -i |grep clam and examine the clamd.conf file. Something you're sure of is wrong. dp On 2/1/18 9:23 AM, Chris wrote: On Thu, 2018-02-01 at 07:51 -0800, Dennis Peterson wrote: Use the nc tool to connect to tha

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Chris
On Thu, 2018-02-01 at 18:28 +0100, Reindl Harald wrote: > > Am 01.02.2018 um 18:23 schrieb Chris: > > > > nc -zv 127.0.0.1 3300-3400 > > nc: connect to 127.0.0.1 port 3300 (tcp) failed: Connection refused > > nc: connect to 127.0.0.1 port 3301 (tcp) failed: Connection refused > > nc: connect to 1

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Kris Deugau
Chris wrote: Using nc -l 3310 in one terminal and nc 127.0.0.1 3310 I get: nc -l 3310 test this is a test  nc 127.0.0.1 3310 test this is a test So, IIUC I can talk to port 3310 with 127.0.0.1 or am I incorrect? nc -l should have returned an error if clamd was actually listening on that po

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Reindl Harald
Am 01.02.2018 um 19:49 schrieb Chris: I'm not sure if that's correct or not since I never had a reason to monitor the start of the clamav-daemon before. Doing more Googling I came across https://serverfault.com/questions/798587/debian-8-cant-get- clamav-to-listen-on-tcp-3310 which is somewhat l

Re: [clamav-users] ERROR: NotifyClamd: Can't connect to clamd on 127.0.0.1:3310: Connection refused

2018-02-01 Thread Chris
On Thu, 2018-02-01 at 07:51 -0800, Dennis Peterson wrote: > Use the nc tool to connect to that port. If you get a connection then > type PING.  > It should return PONG and disconnect. If that doesn't happen you have > a config  > misunderstanding. > > dp > Dennis, Reindl, Benny, Kris - It's worki

Re: [clamav-users] Source for virus definitions?

2018-02-01 Thread Orion Poplawski
Thaks for that. Took me a bit to realize I had to unpack the .ppam file to find the match. I'm still curious to know why that file got marked as bad. If there is a specific cause for concern - or just that it is a 'suspicious' set of macros as olevba shows: | Suspicious | Kill |