[clamav-users] virusnames .UNOFFICIAL

Did somone already implemented such feature? Thanks Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg,

[clamav-users] SOLVED: freshclam checks database every time

Am 21.06.2013 13:28 schrieb Andreas Schulze: > Am 10.04.2013 15:05 schrieb Andreas Schulze: > > > symptom: freshclam needs 3..4 seconds to finish also in the case where *no* > > updates are available. > Thats worse because freshclam still steal cputime here :-( I finaly fou

Re: [clamav-users] sigwhitelist.ign2 whitelist not working

ries: $ clamscan --debug /tmp/falsepositive 2>&1 | grep -e 'local.ign2' -e 'Ignoring signature' LibClamAV debug: /var/lib/clamav/local.ign2 loaded LibClamAV debug: Ignoring signature Eicar-Test-Signature Any hints/ideas? Thanks -- Andreas Schulze Internetdienste | P

Re: [clamav-users] sigwhitelist.ign2 whitelist not working

ake sure you don't have a space at the end of the sig name in the .ign2 > file: > > "Sanesecurity.Malware.22454.ZipHeur" works > "Sanesecurity.Malware.22454.ZipHeur " fails yes, we doublechecked that and there is no space. -- Andreas Schulze Internetdienste | P2

[clamav-users] How is Worm.Bagle.H-zippwd-1 detected? (was: sigwhitelist.ign2 whitelist not working)

Am 12.11.2013 12:39 schrieb Andreas Schulze: > > > We added a file "local.ign2" containing one line: "Worm.Bagle.H-zippwd-1" > > > clamscan called again and - nothing changed. Still marked as virus... > > > Any hints/ideas? I found a fantastic fact!

Re: [clamav-users] How is Worm.Bagle.H-zippwd-1 detected? (was: sigwhitelist.ign2 whitelist not working)

Am 12.11.2013 12:59 schrieb Andreas Schulze: > I found a fantastic fact! +1 other samplemessage: $ clamdscan falsepositive falsepositive.ok /tmp/falsepositive: Worm.Bagle.H-zippwd-1 FOUND /tmp/falsepositive.ok: OK --- SCAN SUMMARY --- Infected files: 1 Time: 0.061 sec (0 m

Re: [clamav-users] Introducing OpenSSL as a dependency to ClamAV

Am 03.03.2014 08:38, schrieb Paul Kosinski: > There are only a few of reasons I can imagine that SSL (OpenSSL) > would be a *required* addition to ClamAV: Hello, I thinks that's the keyquestion. *Which* problem should SSL solve. Focus the problem, not one possible solution ... Btw. my clamav bin

Re: [clamav-users] ClamAV®: ClamAV 0.98.4rc1 is now available!

t's not the point here. I would like to update too but it's simply no option. -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Regist

Re: [clamav-users] ClamAV®: ClamAV 0.98.4rc1 is now available!

create a patch ClamAV to > have it > work with obsolete versions of OpenSSL. normaly the server in question don't use ssl at all. for that reason they still run. But no clamav uses parts of openssl and I run into that problem. Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG

[clamav-users] libclamunrar_iface.so

many lower version run fine without that link. ( I had only /usr/lib/libclamunrar_iface.so.6 and /usr/lib/libclamunrar_iface.so.6.1.* ) Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet

Re: [clamav-users] libclamunrar_iface.so

package" and other errors clearly say "including the missing lint is wrong -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Regi

[clamav-users] build a CVD file using sigtool

atio 0.00:1) Time: 0.002 sec (0 m 0 s) what's wrong here Btw: could someone explain the difference between cvd, cld and cud ? Thanks, Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de

Re: [clamav-users] libclamunrar_iface.so

Am 30.05.2014 23:15, schrieb Shawn Webb: > This will be resolved in the upcoming 0.98.4 release. is a release date known? Andreas ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml

Re: [clamav-users] ClamAV®: The new ClamAV.net is here!

Am 26.08.2014 20:56, schrieb Joel Esler (jesler): > * Simple Navigation > "Thanks" for the next site only usable with mainstream browsers and JavaScript enabled :-/ > * Elimination of dead links and pages > I was told the old website contained the current patternversion somewhere.

Re: [clamav-users] ClamAV®: The new ClamAV.net is here!

y: good job! Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail i...@datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg Nr.70 Vorstand Prof. D

[clamav-users] clamav-milter & logrotation

* clamav-milter on logrotation. Did I missed something? Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail i...@datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg

Re: [clamav-users] clamav-milter & logrotation

he logger will be automatically disabled if the file is greater) -> disabled LogSyslog -> disabled But notthing for rotation. Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail i...@datev.de | Internet ww

[clamav-users] format of current.cvd.clamav.net

Filed4: 1424766540 -> timestamp for what ? ... Thanks Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail i...@datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, G

Re: [clamav-users] format of current.cvd.clamav.net

ytecode) > Field 7 ? > Field 8 is the bytecode.cvd version number Field 7 looks like the safebrowsing.cvd version number ... -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail i...@datev.de | Internet www.datev.de

Re: [clamav-users] DB update and clamav-milter delay

Am 29.09.2015 09:31 schrieb Marco: > With this installation, after every freshclam update session, clamd is > forced to read the DB: I had a similar issue. I call freshclam once a minute and the db reload generate a significant load. I fixed it with ithe attached patch. -- Andreas S

Re: [clamav-users] DB update and clamav-milter delay

Am 29.09.2015 um 12:41 schrieb Joel Esler (jesler): > Once a minute? That’s fairly excessive. > Once an hour is appropriate… Overdoing it, but more appropriate. Keep in > mind that the mirrors are donated to ClamAV and the bandwidth you are > consuming is probably fairly heavy. I see it relaxe

[clamav-users] clamscan: exludes and includes

Hello, I like to scan directories recursive. Of course I have to exclude some subdirs. But somewhere deeper one special dir should be included again... $ find /foo -type d /foo /foo/bar /foo/bar/buzz /foo/bar/mumble /foo/bar/random /foo/bar/special /foo/other_dir Everything under /foo should be

Re: [clamav-users] clamscan: exludes and includes

Am 27.11.2015 um 14:15 schrieb Matus UHLAR - fantomas: > run clam(d)scan on the "included" again well... simple idea! thanks! -- A. Schulze DATEV eG ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.cla

Re: [clamav-users] clamav ignoring HTTPProxyServer/HTTPProxyPort in freshclam.conf?

Am 17.02.2016 um 19:34 schrieb Kevin Kretz: > I posted earlier this month, but maybe my subject wasn't informative enough. > > We use ClamAV as part of Zimbra. In freshclam.conf I have HTTPProxyServer > and HTTPProxyPort set. But I still see DNS lookups to hostnames like > > daily.21375.77.1.0

Re: [clamav-users] clamav-milter reject and quarantine?

Am 18.02.2016 um 14:14 schrieb Michael Grant: > Using clamav-milter, is there anyway to reject virus infected messages AND > put them into a quarantine directory? > > The reason I want to do this is that I want to reject virus messages while > the smtp connection is still alive, but after the fact

[clamav-users] freshclam --show-progress

Hello, the parameter seem to be new in freshclam Version 0.99.1 but download progress percentage is shown here in earlier versions too. what's the intended usage? -- A. Schulze DATEV eG ___ Help us build a comprehensive ClamAV guide: https://github.co

Re: [clamav-users] freshclam --show-progress

Am 03.03.2016 um 11:53 schrieb Mark Allan: > There was a change in 0.99 which meant if the freshclam tool was called from > something other than a terminal (tty), > the progress percentage wouldn't be shown. The intended usage with the new > --show-progress flag is to force the progress percentag

Re: [clamav-users] Eicar test string now returning Win.Trojan.Trojan-605

Am 18.05.2016 um 06:27 schrieb Helmut Hullen: > LibClamAV Warning: cli_loadldb: logical signature for Win.Trojan.ssid18332-1 > uses PCREs but support is disabled, skipping > LibClamAV Warning: cli_loadldb: logical signature for Win.Ransomware.Locky-4 > uses PCREs but support is disabled, skipping

Re: [clamav-users] clamav users break dkim signed mails

Dennis Peterson: > I'm not aware of a way to send a signed message to a list then have the list > resend it to all members while preserving the dkim signature. Yes, but exactly this is the way to go: add 3 lines in mm_cfg.py DEFAULT_SUBJECT_PREFIX = "" DEFAULT_MSG_HEADER = "" DEFAULT_MSG_

[clamav-users] another outdated link on freshclams ExtraDatabase option

man 5 freshclam.conf: ExtraDatabase STRING Download an additional 3rd party signature database distributed through the ClamAV mirrors. This option can be used multiple times. Here you can find a list of available databases:

[clamav-users] freshclam exit codes

Hello, consider this setup. the goal is to run a separate clamav instance using *only* our database files to speedup clamav reload times. # cat custom-freshclam.conf DatabaseCustomURL http://our.clamav.mirror/local_foo.ndb DatabaseDirectory /path/to/custom_clamdir/ # req

Re: [clamav-users] freshclam exit codes

Am 16.02.2017 um 17:29 schrieb Steven Morgan: > It looks like return code 1 means the virus database is up to date (#define > FC_UPTODATE 1 from freshclamcodes.h). Please advise if this is incorrect or > inconsistent. The man page needs to be updated. I wrote a one line patch to let freshclam beh

Re: [clamav-users] freshclam exit codes

Am 05.04.2017 um 12:52 schrieb Benny Pedersen: > I get Access denied, can login OK, but cant see any problems at all, is there > a point with open source on closed bugzillas? maybe you've simple to create an account? -- A. Schulze DATEV eG ___ clamav-

Re: [clamav-users] New Main.cvd coming

Am 17.05.2017 um 11:45 schrieb Mark Allan: > I spotted this yesterday on the ClamAV blog and was waiting for Joel (or > someone else) to mention it here, but that may or may not happen, so... > > http://blog.clamav.net/2017/05/clamav-will-be-publishing-new-maincvd.html Mark, thanks for the

Re: [clamav-users] ClamAV® blog: ClamAV will be publishing a new Main.cvd on Wednesday, June 7th, 2017

Am 17.05.2017 um 16:56 schrieb Joel Esler (jesler): > We are currently planning on cutting a new Main.cvd on Wednesday, June 7th, > 2017. > We will post an estimated size in an updated post. Is the release canceled? -- A. Schulze DATEV eG ___ clamav-u

Re: [clamav-users] Freshclam failure - Still ongoing???

Am 25.08.2017 um 22:44 schrieb Joel Esler (jesler): We are working on ways to not only fix the on going mirror issues, but prevent them in the future, as well as bring back the Mirror page on ClamAV.net at some point soon. Joel, expect a mirror monitoring would make visible

[Clamav-users] patch to dedect encrypted pdf

f"; > return CL_VIRUS; > } else { > cli_dbgmsg("cli_pdf: Encrypted PDF files not yet > supported\n"); > return CL_CLEAN; > } --- snap may the a fault inside ? -- Andreas Sch

[Clamav-users] clamav-0.96rc1 classified as Trojan horse TR/Crypt.XPACK.Gen

0 quarantined:0 warnings:2 scan time: 00:00:17 -- Thank you for using AntiVir. -- Andreas Schulze Internetdienste | P532 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz:

[Clamav-users] 0.96rc2 failed to compile

ecursive] Fehler 1 make[1]: Leaving directory `/usr/src/packages/BUILD/clamav-0.96rc2' make: *** [all] Fehler 2 error: Bad exit status from /var/tmp/rpm-tmp.28193 (%build) This problem is new in 0.96rc2. rc1 doas compile an run with these settings. Any Hints !? -- Andreas Schulze Internet

Re: [Clamav-users] 0.96rc2 failed to compile

Hello Edwin, I put all information you asked for at http://postmaster.datev.de/clamav-0.96rc2/ hope that helps ... Andreas -- Andreas Schulze Internetdienste | P532 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz

[Clamav-users] HTTPUserAgent must be disabled for SubmitDetectionStats

suggest to transfer the hostid into an X-Subisstion-HostID header as part of the http-request and *not* as part of the useragent header. -- Andreas Schulze Internetdienste | P532 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de

Re: [Clamav-users] 0.96rc2 failed to compile

Am 26.03.2010 10:45 schrieb Török Edwin: > So try doing this before invoking configure in your build script: > export CXXFLAGS="$CFLAGS". that was the trick. it compiles :-) -- Andreas Schulze Internetdienste | P532 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +4

Re: [Clamav-users] HTTPUserAgent must be disabled for SubmitDetectionStats

rt of the useragent header. -- Andreas Schulze Internetdienste | P532 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg Nr.70 Vorstand Prof. Die

[Clamav-users] handling encrypted pdf

st/Adobe/Gallery/anon21jul01-pdf-encryption.txt Is any programmer able to implement a more correct Encryption detection? Thanks. -- Andreas Schulze Internetdienste | P532 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz:

[clamav-users] ClamAV 0.97.4 - 2 notices

a and got the response that their av-envine finds "unusual runtime compression tool" commonly used by malware :-( Andreas (*) depends how aggressive the scanner is configured -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49

[clamav-users] freshclam checks database every time

0 13212 3256 2588 R 100 0.0 0:01.35 freshclam As you see freshclam uses 13 MB memory and 100% cpu ... I looked in the source but did not found a relevant place to disable that behaviour. A patches or a pointer into the source would be nice :-) Thanks Andreas -- Andreas Schulze Internetdie

Re: [clamav-users] freshclam checks database every time

Am 10.04.2013 17:39, schrieb Al Varnell: > I thought the limit was four times an hour. Is that only for mirror servers? cat /etc/cron.d/clamav * * * * * root freshclam :-) ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http

Re: [clamav-users] freshclam checks database every time

Am 11.04.2013 15:50, schrieb Greg Folkert: Is that checking your *OWN* mirror? If not, you are being throttled. sure, I ask my own server of course. But back to my main problem. clamscan wastes 3 seconts time loading the complete engine every time it is called. Notice the timestamps! # echo

Re: [clamav-users] freshclam checks database every time

Am 12.04.2013 20:27 schrieb Matus UHLAR - fantomas: > On 12.04.13 19:58, Andreas Schulze wrote: > >But back to my main problem. clamscan wastes 3 seconts time > >loading the complete engine every time it is called. > > loading virus databage to memory and parsing it is

Re: [clamav-users] freshclam checks database every time

between - new pattern is available on $my_local_update_mirror - new pattern is used on $my_local_clamd ?? Thanks Andreas -- Andreas Schulze Internetdienste | P252 DATEV eG 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196 E-Mail info @datev.de | Internet www.datev.de Sitz:

Re: [clamav-users] freshclam checks database every time

Am 10.04.2013 15:05 schrieb Andreas Schulze: > symptom: freshclam needs 3..4 seconds to finish also in the case where *no* > updates are available. No comments on this topic anymore... Thats worse because freshclam still steal cputime here :-( To dive into the problem I describe the p

[Clamav-users] ClamAV acceleration with NodalCore

. ( too much support expected ) Any experiences - -- Andreas Schulze DATEV eG | Internet-/Security-Dienste | +49(911)276-2648 DATEV eG 90329 Nürnberg | Telefon +49(911)276-0 | Telefax +49(911)276-3196 E-Mail [EMAIL PROTECTED] | Internet http://www.datev.de Sitz: Nürnberg

[Clamav-users] NodalCore cards in use ?

hello, anybody on the list uses NodalCore cards to accelerate ClamAV ? I tried to get a sample card from sensorynetworks via a german distributor. But this failed because sensorynetworks expected too much support :-( Any experiences ? -- Andreas Schulze Internet-/Security-Dienste

Re: [Clamav-users] NodalCore cards in use ?

Hello, realy nobody has used an ClamAV-Accelerator ? So the sourcecode contains code which nobody uses ? what about http://sensorynetworks.com/Partners/Application/ who wrote this peise of source ? Andreas On Mon, Sep 08, 2008 at 01:23:07PM +0200, Andreas Schulze wrote: > anybody on

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 beta2 has been released!

Am 18.12.2017 um 18:06 schrieb Joel Esler (jesler): >> ClamAV 0.99.3 beta2 has been released! hello, I upgraded some lab servers from beta1 to beta2. Now I receive messages from cron containing the text "degug enabled" That happen on reloads where yara rules are active. I found the string in "li

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 beta2 has been released!

Am 18.12.2017 um 18:06 schrieb Joel Esler (jesler): >> ClamAV 0.99.3 beta2 has been released! hello, I upgraded some lab servers from beta1 to beta2. Now I receive messages from cron containing the text "debug enabled" That happen on reloads where yara rules are active. I found the string in "li

Re: [clamav-users] Using a file to list exclusions for on-demand search?

Am 04.01.2018 um 19:37 schrieb Paul B.: Hi, I just installed ClamAv on a desktop Linux machine. I would like to set it up using aliases in the bashrc file, so I can do various kinds of file and directory scans from the command line. Rather than an unwieldy string of exclusions in the alias' comma

Re: [clamav-users] Detected duplicate databases

Am 22.01.2018 um 10:46 schrieb Hugo Deprez: > I reported a bug : https://bugzilla.clamav.net/show_bug.cgi?id=12009 @admins: even as registered user I can't access https://bugzilla.clamav.net/show_bug.cgi?id=12009 any reasons against "bugs are readable for registered users (or public)" by defaul

Re: [clamav-users] URGENT: Clamd is wedged on multiple installations

Am 26.01.2018 um 10:01 schrieb Ralf Hildebrandt: > * Reindl Harald : > >> sounds like an issue with the official signatures given that you are not the >> first reporter and that we don't use them and have no problems > > Thought so. Must be a recent signature in daily.cvd. just updated to 0.99.3

Re: [clamav-users] URGENT: Clamd is wedged on multiple installations

Am 26.01.2018 um 11:48 schrieb Ralf Hildebrandt: >> Arguably if a bug in the signatures can lead to such massive problems >> then that is in itself a bug in the software, which might be (but >> apparently so far isn't) fixed in a later version. > > Amen to that. the former 0.99.3beta2 don't crash

Re: [clamav-users] URGENT: Clamd is wedged on multiple installations

Am 26.01.2018 um 13:50 schrieb Ralf Hildebrandt: > If I had to guess: they used the beta for testing, but the release > versions (both 0.99.2 and 0.99.3!) fail to operate properly... yes, it's the explanation the matches best to the observed fallout :-/ usually there is a "official" announcement a

[clamav-users] Announcement missing

Am 26.01.2018 um 14:09 schrieb Tobi: > Do you mean this one ? > http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html @Cisco: is it so hard to use http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-announce -- A. Schulze DATEV eG _

Re: [clamav-users] Announcement without access to linked information

Am 26.01.2018 um 14:22 schrieb Andreas Schulze: > Am 26.01.2018 um 14:09 schrieb Tobi: >> Do you mean this one ? >> http://blog.clamav.net/2018/01/clamav-0993-has-been-released.html > > @Cisco: is it so hard to use > http://lists.clamav.net/cgi-bin/mailman/listinfo/cla

Re: [clamav-users] ClamAV® blog: ClamAV 0.99.3 has been released!

Am 26.01.2018 um 16:06 schrieb Tobi: As far as I understand the release notes of 99.3 its a security fix which has nothing to do with former 99.3 beta. The former beta now is 0.100 (http://blog.clamav.net/2018/01/clamav-version-number-adjustment.html). So at least for me it makes sense that you

Re: [clamav-users] 0.99.3 upgrade

Am 01.02.2018 um 14:35 schrieb Eric Broch: > Hello list, > > I have user who has upgraded clamav to the most recent version (0.99.3) but > is still getting the warning when doing 'freshclam' as below: > > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.99.1 Recommended

Re: [clamav-users] [ext] Re: Question regarding SIGUSR2 and clamd

Am 22.03.2018 um 13:40 schrieb Ralf Hildebrandt: > * Maarten Broekman : >> You might be able to open the socket that clamd is listening on and attempt >> to ping it. I forget if it replies with PONG while it's in the middle of >> reloading. It's been a while since I tried to do that. > > Thanks: >

Re: [clamav-users] Freshclam 0.100.0 returning 1 on up-to-date

Am 10.04.2018 um 10:32 schrieb Pertti Karppinen: > Freshclam seems to be returning 1 on up-to-date situation, but man page > says it should return 0: > 0 : Database is up-to-date or successfully updated. > I think, I had the similar (same?) problem some times ago and fixed it with this patch: De

Re: [clamav-users] Syncing only CustomDatabaseURLs with freshclam

Am 07.09.2018 um 16:42 schrieb Sven Bartscher: > I would like to change this setup, so it only uses the third-party > database and not the original ClamAV database, but I see no way to tell > freshclam not to download the standard main.cvd and friends. "freshclam --update-db=custom" update only th

Re: [clamav-users] Client disconnected (FD 82)

Am 21.09.2018 um 13:21 schrieb Reindl Harald: > > > Am 21.09.18 um 07:07 schrieb ZEMEN Dragana: >> I'd like to know what does this clamav's log message mean: "Client >> disconnected (FD 82)". I suppose the client broke the connection, but what >> is the meaning of "FD 82"? > > https://en.wikip

Re: [clamav-users] OnAccessScan doesn't prevent Access

Am 08.11.18 um 10:25 schrieb vamp898: > This is how the logs looks like when i do this > > Thu Nov  8 10:13:51 2018 -> ScanOnAccess: notifying only for access attempts. > Thu Nov  8 10:13:51 2018 -> ScanOnAccess: Protecting > '/var/www/localhost/htdocs/nextcloud/data' and rest of mount. > Thu Nov

Re: [clamav-users] What is OpenSSL used for in ClamAV?

Am 07.08.19 um 19:52 schrieb Micah Snyder (micasnyd) via clamav-users: > If anyone is interested in reviewing/auditing correct usage of OpenSSL in > ClamAV we always appreciate the help! I'm compiling clamav and use openssl-1.1.1x since last year or so - no trouble. But that's not a revewi/audit.