> On Mon, 8 Jul 2019 10:47:18 -0500
> "J.R. via clamav-users" wrote:
>
> One way you *could* get an older .cvd file is to extract it from the
> relevant ClamAV package available on many different linux distro's. Be
> sure to disable freshclam though (obviously).
Thanks for the suggestion; I was a
On Mon, 8 Jul 2019 10:47:18 -0500
"J.R. via clamav-users" wrote:
One way you *could* get an older .cvd file is to extract it from the
relevant ClamAV package available on many different linux distro's. Be
sure to disable freshclam though (obviously).
Thanks for the suggestion; I was able to g
Hi,
Is there any user document that shows how to load YARA rules in ClamAV ?
Appreciate any help/pointer.
TIA
Munaf
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a
> Is there any user document that shows how to load YARA rules in ClamAV ?
https://www.clamav.net/documents/using-yara-rules-in-clamav
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
I have uploaded 4 CVDs and 2 CLDs to:
http://iment.com/paste-bin/ClamAV-Sigs/
The names include the dates (and times) they were downloaded.
The reason for CVD vs CLD is that Cloudflare made running our own
"mirror" impractical. The CVD version delivered by Cloudflare's "BOS"
Anycast server was
Over the last few years, Talos has invested significant amounts of time and
effort into improving the infrastructure we use to automate ClamAV
signature creation and testing, and especially within the last 6-9 months,
this has allowed us to push out signatures for known threats much faster
than we
This has been fixed for some time has it not?
> On Jul 9, 2019, at 3:38 PM, Paul Kosinski via clamav-users
> wrote:
>
> The CVD version delivered by Cloudflare's "BOS"
> Anycast server was often behind the version advertised by the DNS TXT.
smime.p7s
Description: S/MIME cryptographic signat
Thank you very much for the detailed replies.
Paul, thanks for providing the old signatures. The .zip files seem to be
throwing 500s though?
Andrew, the details about the hashes and logical signatures make a lot of
sense.
>From looking again at a comparison between clamscan and the daemon, it do
Sorry about the HTTP 500 errors : the "zip" extension had been routed
to a special CGI handler for another purpose (to intercept people who
were downloading some big files over and over and over). I removed that
special treatment from this directory. So it should work now.
On Tue, 9 Jul 2019 23:1
I hadn't looked recently. After I gave up on running a local mirror
and switched to CDIFFs, I also observed that signatures were usually
updated only couple of times per day. So I reduced polling the DNS TXT
record to only twice per hour and only running freshclam if the DNS TXT
record suggested it
Just place the file (with extension .yara) into the .../share/clamav database
directory.
Sent from my iPad
-Al-
On Jul 9, 2019, at 08:54, Munaf Ahmed (ahmedm) via clamav-users
wrote:
> Hi,
>
> Is there any user document that shows how to load YARA rules in ClamAV ?
>
> Appreciate any help/p
You are right. They can change. But it’s dependent on your location. So as
long as you don’t move your position on earth ;), you should be fine. Unless
cloudflare drastically changes things.
Sent from my iPhone
> On Jul 9, 2019, at 18:58, Paul Kosinski wrote:
>
> I hadn't looked recen
Hello,
I'm trying to get some stats on how long a scan takes by different
size, but I encountered an unexpected behavior when scanning a file
generated in a specific way.
A scan for a dummy file filled with /dev/zero takes much longer than
with /dev/urandom. I think the processing time should be t
13 matches
Mail list logo
