Hi there,
On Mon, 2 Sep 2019, Thomas Barth via clamav-users wrote:
today I got informed that I should not use the yara rules. They have major
issues with clamav 1.0.1, ie memory leaks and complete failure of clamav.
I see nothing in which refers to such an issue in the ClamAV Bugzilla.
My qu
Hi Joel,
On Mon, 2 Sep 2019, Joel Esler (jesler) wrote:
On Sep 2, 2019, at 05:11, G.W. Haywood via clamav-users ... wrote:
... I'm flagging up quite a few messages which are guaranteed spam,
but which aren't in any of the third-party databases that I'm using
... My milter can very easily proc
Hello Ged,
So I'm flagging up quite a few messages which are guaranteed spam, but
which aren't in any of the third-party databases that I'm using. The
successes are all 'Sanesecurity.Junk.N', where 'N' is usually
a five-digit number beginning with '5'. The detection success rate is
in
update of daily.cvd failed again after being removed. here comes the logs
(syslog vigor2926, freshclam, syslog ubuntu)
Vigor 2926 Syslog
<150>Sep 3 10:41:12 DrayTek: Open port: 188.92.77.12:21585 ->
192.168.1.30:22 (TCP)
<150>Sep 3 10:41:16 DrayTek: Open port: 112.85.42.229:14305 ->
192.168.1.30
What's this about?
On Tue, Sep 03, 2019 at 02:02 AM, Birger Birger via clamav-users wrote:
> <166>Sep 3 10:42:59 DrayTek: acme client: Error: DrayDDNS account not exist
-Al-
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.
Is this ok?
Pierre
On 3 Sep 2019 at 11:02, Birger Birger via clamav-users wrote:
Ubuntu Syslog
...
Sep 3 10:41:42 zentyal kernel: [266093.463049] audit: type=1400
audit(1567500102.736:78): apparmor="DENIED" operation="open"
profile="/usr/bin/freshclam" name="/etc/ssl/openssl.cnf" pid=14221
c
Hi there,
On Tue, 3 Sep 2019, Birger Birger via clamav-users wrote:
Sep 3 10:43:22 zentyal kernel: [266193.080510] zentyal-firewall drop IN=
OUT=eth0 SRC=192.168.1.30 DST=104.16.218.84 LEN=40 TOS=0x00 PREC=0x00 TTL=64
ID=52480 DF PROTO=TCP SPT=51666 DPT=80 WINDOW=9057 RES=0x00 ACK FIN URGP=0
Hi there,
On Tue, 3 Sep 2019, Arnaud Jacques via clamav-users wrote:
On Sep 2, 2019, at 05:11, G.W. Haywood via clamav-users wrote:
> ... I'm flagging up quite a few messages which are guaranteed spam,
> but which aren't in any of the third-party databases that I'm using
> ... My milter can ver
Ged,
Did you try spam_marketing.ndb from securiteinfo.com ? We detect many
spams/phishing.
Thanks - no, I don't use that one. It's listed at Sanesecurity as
having a high false positive rate.
As far as I know, this review has not been updated since years.
We fight false positives as soons a
On Tue, Sep 03, 2019 at 01:17:16PM +0200, Arnaud Jacques wrote:
> Ged,
>
> >>Did you try spam_marketing.ndb from securiteinfo.com ? We detect many
> >>spams/phishing.
> >
> >Thanks - no, I don't use that one. It's listed at Sanesecurity as
> >having a high false positive rate.
>
> As far as I kn
As someone else pointed out, it looks like your Ubuntu AppArmor is
denying the process from running properly:
https://wiki.ubuntu.com/AppArmor
https://help.ubuntu.com/lts/serverguide/apparmor.html
https://help.ubuntu.com/community/AppArmor
That's your #1 problem...
As Mr. Haywood pointed out, th
On 9/3/19, 4:15 AM, "clamav-users on behalf of G.W. Haywood via clamav-users"
wrote:
Hi Joel,
On Mon, 2 Sep 2019, Joel Esler (jesler) wrote:
>
>> On Sep 2, 2019, at 05:11, G.W. Haywood via clamav-users ... wrote:
>>
>> ... I'm flagging up quite a few messages whi
Hi there,
On Tue, 3 Sep 2019, Henrik K wrote:
General comment:
Using any third party rules with ClamAV is a gamble, but
Agreed. In fact I'd go further than that. Relying on something like
ClamAV is a gamble. If there's a new 0-day just out, there may be no
chance of spotting it at all. I
Hi Joel,
On Tue, 3 Sep 2019, Joel Esler (jesler) wrote:
On Mon, 2 Sep 2019, Joel Esler (jesler) wrote:
>> On Sep 2, 2019, at 05:11, G.W. Haywood via clamav-users ... wrote:
>>
>> ... I'm flagging up quite a few messages which are guaranteed spam,
>> but which aren't in any of the
On Tuesday 03 September 2019 06:20:58 G.W. Haywood via clamav-users
wrote:
> Hi there,
>
> On Tue, 3 Sep 2019, Birger Birger via clamav-users wrote:
> > Sep 3 10:43:22 zentyal kernel: [266193.080510] zentyal-firewall
> > drop IN= OUT=eth0 SRC=192.168.1.30 DST=104.16.218.84 LEN=40 TOS=0x00
> > PR
SSH Port 22 has been opened by me for purpose of troubleshooting the ClamAV
issues. Will ask for a specific IP from the Zentyal support. Closing it
now.
Den tis 3 sep. 2019 14:48Gene Heskett via clamav-users <
clamav-users@lists.clamav.net> skrev:
> On Tuesday 03 September 2019 06:20:58 G.W. Hayw
/etc/apparmor.d/usr.bin.freshclam
# vim:syntax=apparmor
# Author: Jamie Strandboge
# Last Modified: Sun Aug 3 09:39:03 2008
#include
/usr/bin/freshclam {
#include
#include
#include
capability setgid,
capability setuid,
@{PROC}/filesystems r,
owner @{PROC}/[0-9]*/status r,
Hello all,
I'm experiencing something odd on Ubuntu 18.04. As far as I can tell I
have done everything I am supposed to in order to get OnAccess scanning
working. I've already gotten our RHEL 7 hosts working fine. If anyone
knows what is going wrong here, I would love to hear it. Thank you.
1. Th
Forgot to mention: this is the "0.100.3" version as available via apt on
an otherwise stock Ubuntu 18 host.
On 9/3/2019 5:01 PM, Jeff Blaine via clamav-users wrote:
> Hello all,
>
> I'm experiencing something odd on Ubuntu 18.04. As far as I can tell I
> have done everything I am supposed to in o
19 matches
Mail list logo
