in/bash
export http_proxy="cerebus:800"
/usr/local/bin/freshclam --quiet -l /var/log/clam-update.log
if [ $? -le 1 ]; then
exit 0
else
exit $?
fi
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Ve
day-to-day load on the staff.
So please announce an official end-of-life for the 0.6 version so people
can plan ahead.
Best regards,
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/
routine in
; order to contend with Mimail.q successfully.
Just a thought :
The decryption routine in the virus should be constant, shouldn't it ?
Although matching on this code might lead to false positives on some
cryptographic softwares.
--
Lionel Bouton -
Here's an example that should help :
$viruses_that_fake_sender_re = new_RE(
qr'nimda|hybris|klez|bugbear|yaha|braid|sobig|fizzer|palyh|peido|holar'i,
qr'tanatos|lentin|bridex|mimail|trojan\.dropper|dumaru|gibe\.f'i,
);
--
Lionel Bouton - inet6
--
to handle the file infected case in a
common way that may not be optimal (will you close the connection,
answer a generic content, ...). I'm not an Apache coder, so I can't help
here.
You might want to google around to find if somebody didn't already code
a module like this.
ing crontab put something like 0 * * * * ... The
database mirrors have huge peaks of bandwidth usage each hour (and
what's not good for the mirrors isn't good for the virus db availability).
Something like :
# echo $[ $RANDOM % 3600 ]
0 * * * * sleep ; freshclam --quiet
Best regards,
27;t bring anything to the overall distribution quality too.
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 9215
systems using clamav and want them to be
in sync. So I put some glue around freshclam that compares the cvd
contents before and after a freshclam run and if a diff is found update
the 4 systems using rsync and mail the changes to me (new, removed and
updated entries).
Best regards,
--
Lionel Bouton
st be covered by the GPL too (I think you want to allow people
to use proprietary software to transmit the file for example).
But as I said IANAL, better ask the fsf...
--
Lionel Bouton - inet6
-
o Si
Andrea Trasatti wrote the following on 04/21/2004 10:37 AM :
[...]
As you can see, clamscan catches the worm, while clamdscan doesn't. I checked more
than once and I only have one main.cvd and one daily.cvd. How do I get the database
location of clamdscan? Where should I change it?
Do you us
detection
support, we can live without it for now. Is there something else I missed ?
Best regards,
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 ru
[EMAIL PROTECTED] wrote the following on 05/09/2004 10:33 PM :
[...]
May 9 19:29:28 icebear clamd[30119]:
/var/spool/qmailscan/tmp/icebear.web4.hm10841237574708429/orig-icebear.web4.hm10841237574708429:
Unable to create temporary directory. ERROR
Do somebody know what this means?
I have engough
.
Best regards,
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /_ France
\/ \/_ / /_/ Tel. +33 (0
Marin Alexey wrote the following on 05/07/2004 11:32 AM :
Hello, clamav-users,
I can not find any reference how to get count of known viruses with
any executable of clamav distribution.
sigtool -l | wc -l
---
This SF.Net email is sponsored b
handing it to clamscan --mbox works
here.
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /_ France
visd+clamav howto".
I don't know if you can plug amavisd-new in place of amavisd on your
config, but the former is pretty straightforward to setup. The
configuration file already contains examples for clamdscan and clamscan.
--
Lionel Bouton - inet6
---
Dave Ewart wrote the following on 07/27/2004 02:47 PM :
Don't notify the sender.
You'll just be generating unnecessary mail. In the case of most
virus-generated emails, which are the ones you are going to be
detecting, the sender address will be faked. Therefore, any
notification would go to the
other possibility might be to patch the .cvd file(s)
That was one proposition I made last year. But in practice it seems
there isn't really a pressing need now.
Lionel.
--
Lionel Bouton - inet6
-
o Siege social:
Christopher X. Candreva wrote the following on 08/10/2004 07:40 PM :
If people can't check for database updates more often than once an hour,
then there is a pressing need.
The mirror page talkes about the need for mirrors, about exponential growth,
and how at least a 10mbit pipe is needed to host
Damian Menscher wrote the following on 08/11/2004 04:40 PM :
On Wed, 11 Aug 2004, Lionel Bouton wrote:
Since some time I am thinking of a bittorrent approach too. Bittorrent
is quite efficient at distributing files and there are implementations
allowing multiple trackers to distribute the
se them to use more secure
e-mail clients...
Regards,
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /_
ign of
incompetence ...
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /_ France
\/ \/_ / /_/ Tel. +
ngry people getting virus warnings from your mail server...
Cheers
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresne
earlier on this list.
Anybody with some time to spare ?
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /_
is a file distribution
protocol, ...).
Regards,
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /_ Fr
D requests if DNS doesn't work. Am I right ?
If not, as public DNS isn't allowed, I'll have to hack around more... :-(
Regards,
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresne
Christopher X. Candreva wrote the following on 09/11/2004 03:34 PM :
If public DNS isn't allowed, you aren't going to be able to look up the IP
addresses associated with the database mirrors, so http isn't going to work
either. In fact, without DNS, you don't really have an Internet connection.
GPL context as soon as a program load the content in order to use the
sigs for scanning for viruses.
Isn't it the only matter subject to interpretation ?
Cheers,
--
Lionel Bouton - inet6
-
o Siege social: 51
hey handle viewcvs (probably rsyncing a copy from the
main repositories) but I usually wait around 1 day after commiting
SQLgrey changes on sourceforge to see themapplied in viewcvs.
Anonymous cvs should be ok though.
--
Lionel Bout
BitFuzzy wrote the following on 12/16/2004 03:01 PM :
Is this a joke? "licensed under the GPL" & "not free for commercial
use".
As far as I can tell there is nothing wrong with this. In fact I've
seen this quite alot.
The GPL does not prevent anyone from making money.
Nothing prevents the aut
ving AV solutions as an item among others.
Best regards,
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /
Ted Fines wrote the following on 02/15/2005 02:32 PM :
Hi,
It is not automatically updating because to update, this needs to happen:
1. download source
2. ./configure --with-your-specific-options
3. make
4. stop clam daemon
5. Maybe stop or pause other programs, like amavisd or your mail server
6.
Chris de Vidal wrote the following on 04/28/05 22:09 :
>Matt Fretwell said this while chewing gum:
>
>
>> Scan on an evening when your users are gone?
>>
>>
>
>Thanks for the fast reply!
>
>A 1.25TB Samba server takes several days to do a full scan with clamscan.
>
>
>
You may try to wrap
in production I could probably (have to ask above
me) offer to mirror elektrapro as well. Is there any mirror admin around
here who can tell me the amount of traffic involved ?
LB.
--
Lionel Bouton - inet6
-
o Siege social: 51
Krištof Petr wrote:
Lionel Bouton wrote:
[..]
BTW, are there people interested by RedHat RPMs around here ? I'm in
the process of generating them.
I build them on RedHat 8.0 but at least the src.rpm should be usable
anywhere (in the contrary I'll consider it a bug).
I plan to host t
RPM as cleanly as I can.
LB.
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
/ /\ /_ / /_ France
\/ \/_ / /_
Krištof Petr wrote:
[...]
It doesnt have %preun, %postun scripts to run 'service' command.
Not sure, if this rpm will work via up2date safely.
Im using up2date service to auto update of packages and it take some
time and work to do it right.
This is one of the things I'm currently reusing from y
of files in order to :
- tell us at which point in time our clamav install got a given sig,
- be mailed for each update with the list of changes the update process
we set up did.
Best regards,
--
Lionel Bouton - inet6
-
o
. How do you
configure Apache to share port 80 with rsync servers ?
--
Lionel Bouton - inet6
-
o Siege social: 51, rue de Verdun - 92158 Suresnes
/ _ __ _ Acces Bureaux: 33 rue Benoit Malon - 92150 Suresnes
installation for a secure smtp mailserver with spam
filtering and virus scanning capabilities.
Note: that MailScanner is known to regularly truncate or lose messages
with Postfix, especially on heavily loaded servers...
--
Lionel Bouton - IDEALX
(_) __| | ___ __ _ | |__ __ 15-17 av de Segur
40 matches
Mail list logo
