Good Morning folks.
I have an automated scan system set up, and today I got a strange error.
*** stack smashing detected ***: clamscan terminated
First time I've ever seen this error.
So I ran the scan manually. This particular scan was going against root, so I
ran it manually.
after a while
I'll do that tomorrow. But yes I agree it shouldn't trigger that error, which
was the other reason I posted it.
"Török Edvin" <[E
Hello all.
We've had some consultant make the spurious claim that Clam AV only scans for
'windows viruses' and is really only useful for 'scanning email'.
Despite the fact that I know this to be patently false, is there documentation
out there I can slap him with that clearly indicates that the
[EMAIL PROTECTED] wrote on 11/16/2007 02:52:34 PM:
> [EMAIL PROTECTED] wrote:
> > Hello all.
> >
> > We've had some consultant make the spurious claim that Clam AV
> only scans for 'windows viruses' and is really only useful for
> 'scanning email'.
> > Despite the fact that I know this to be pat
[EMAIL PROTECTED] wrote on 11/20/2007 06:29:50 AM:
> [EMAIL PROTECTED] in message 'Re: [Clamav-users] I need to
> refute a 'security expert'' wrote:
> >
> >
> > I wouldn't even be in this situation, except that Symantec AV for
> Linux is a little too fussy about kernel levels and the like to pas
Brandon Perry [EMAIL PROTECTED] wrote on 01/20/2008 09:53:39 PM:
> That still seems a bit "over-the-top". Sure, better safe than sorry, but
> I wouldn't just blindly delete any exe that I come into contact with
No, perhaps not. But would you do a wholesale eradication of and/all suspicious
fil
On a test server after a very long period of not detecting anything CLAM
AV started reporting that it was seeing:
/clamscan/servers/mudlake/opt/Dave/nmap-4.03.tgz: Trojan.Spy-27244 FOUND
/clamscan/servers/mudlake/opt/Dave/nmap-4.03/mswin32/winpcap/Packet.dll:
Trojan.Spy-27244 FOUND
/clamscan/ser
Thanks for the link to virustotal. That is only showing clam AV and a
product called VBA as showing positive.
I suspect both 2744 and 27239 are false positives given what Virus Total
is saying. According to the daily virusDB (6278 and 6275 respectively)
from 3/17 these were added yesterday. In
Is your clam AV version up to date? I sometimes see similar messages when I"m
more than one levelset behind and the mirrors have changed. What does
clamscan -V and freshclam -V reveal?
Nope. You're current. So that isn't the issue.
Alan Stern <[EMAIL PROTECTED]>
I'll wager this person's PC is hijacked and that messag went out to EVERYONE
he/she has ever sent an e-mail to.
Stephen Gran <[EMA
Eggert,
You should update your clam AV version soon after a release, regardless or you
run the risk it not protecting you. There are numerous reasons why this
is so.
I usually give a release a couple weeks to 'bake out', so to speak, so that any
issues that might not have been exposed in releas
Mostly this is an FYI/Heads up for people.
This is ocurring exclusively against:
/usr/lib/mono/gac/Novell.Directory.Ldap/2.0.0.0__0738eb9f132ed756/Novell.Directory.Ldap.dll
on all the servers I
have running SUSE Linux Enterprise Server 10.
I uploaded the file to Virusttotal, which is running C
Just wondering if there's any SLES 10 Folks out there on Clam 0.93 with
daily.cld at level 7386 is seeing this against Novell.Directory.Ldap.dll in
the directory specified in my email below.
I'm not seeing any mentiones of this signature out on google, and i've mailed
the virus signature maintai
And some people's email systems, which are moronically locked down by
management and admins do NOT let you do anything other than top post. Even
though they can.
So sometimes it's not anyone's fault.
I've been weighing the differences of clamscan vs clamdscan via clamd...
and I have encountered something that is eluding me as to what the cause
was
When I invoke clamscan, I get an error that it cannot find the daily.cvd
file. That points to a configuration problem, but the path it tried to
This may be unique to clamscan on linux on z/series.
I cannot provide the access, as this is all internal system stuff, but I'm
willing to grab any files that might shed light on things. Essentially be
the gopher.
Seems to me like Clam AV has a lot of mail filtering capabilities, which is
goodness. I am, however wanting it for real time file system protection. I
presume it can do this, but I am unsure how to make it do so.
To give you an idea of the environment:
SLES8 SP3 (2.4 kernel) is the flavour of Lin
I did read 4.1.1 - It specifically states that "...It is not required to
run clamd - furthermore, you shouldn't run Dazuko on production systems."
So I stopped there. Since I require this on a production system. I was
hoping there was another option other than the Dazuko module. I have qualms
about
I tried... but again I'm dealing with a virtualized environment and penguin
1 cant see if penguin 2 is using 50% of the CPU. Thats all handled by the
VM hipervisor. Never had enough individual system load to make nice show
me any difference. Figured nice was a long shot at best but I do not know
Freshclam via cron
What sort of update intervals are people using, and can someone show me a
working crontab entry? I've tried calling freshclam like this via a crontab
entry
06 0 * * * /usr/local/bin/freshclam
BUt it doesn't seem to work. Which means I'm probably missing somethign
obvious.
Is this possible? Are there any pitfalls in doing this?
___
http://lurker.clamav.net/list/clamav-users.html
IS there a way to specify that clamscan read out of a file for the exclude
lists
I see in the manpage for clamscan there is:
--exclude=PATT, --exclude-dir=PATT
The reason I am asking is this:
I am using an intel based linux server on a gigabit network to access via
NFS, the individual mountpo
23 matches
Mail list logo
