vant.
Specifically, "misunderstanding" configuration options have led to
interesting & publicly undisclosed discoveries useful to pen testers.
:-)
--
Sincerely,
Nathan Gibbs
On 9/28/2017 17:45, Mickey Sola wrote:
> That's because you've gotten to the heart of the ma
If anyone here is using the mon software,
http://mon.wiki.kernel.org/
There is a clamd monitor at
http://www.cmpublishers.com/oss/
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
___
Help us build a
Is the Wiki having issues or is it just me.
I haven't been able to access it since last night.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
When setting up a local mirror of the signature db's, do scripted
updates have to be turned off on the master freshclam as well as the slaves?
I looked at the faq entry and it seemed to indicate the slaves only, but
checking the List archives it looks like you need to do that with the
master also.
In the process of rolling out the new 0.95.3 upgrade, we noticed several
error messages about the virus DB's being out of date. This was odd as
our clam engines update from a local mirror that pulls updates from the
clamav infrastructure approx. every hour. Upon further investigation,
the outdate
* Tomasz Kojm wrote:
> On Thu, 29 Oct 2009 09:26:47 -0500 Nathan Gibbs
> wrote:
>
>> In the process of rolling out the new 0.95.3 upgrade, we noticed
>> several error messages about the virus DB's being out of date.
>> This was odd as our clam engines update f
* Nathan Gibbs wrote:
> OK, will do.
>
>
Bug 1739.
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Besides the Virus Name %v
Are there any other details from the running scanner that can be
exported to a VirusEvent Script?
Thanks
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
* Tomasz Kojm wrote:
> On Thu, 05 Nov 2009 15:14:19 -0500
> Nathan Gibbs wrote:
>
>> Besides the Virus Name %v
>>
>> Are there any other details from the running scanner that can be
>> exported to a VirusEvent Script?
>
> Inside the script itself yo
* Nathan Gibbs wrote:
> * Tomasz Kojm wrote:
>> On Thu, 05 Nov 2009 15:14:19 -0500
>> Nathan Gibbs wrote:
>>
>>> Besides the Virus Name %v
>>>
>>> Are there any other details from the running scanner that can be
>>> exported to a Viru
ix it, report that its broken.
If possible Where is it broken, why is it borken, and how it might be fixed.
If you can't do that, Get a commercial solution.
Freedom isn't free. ( from effort or errors )
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www
* G.W. Haywood wrote:
> Hi there,
>
> On Fri, 6 Nov 2009 Nathan Gibbs wrote:
>
>> Cut these guys some slack. They can't do everything.
>
> This isn't about cutting slack, or for that matter pointing fingers.
> It's about contributing. I'm contri
#x27;s fault not yours.
However, form a user's perspective, if the old version did, and the
upgrade can't, then the upgrade was a downgrade. At which point a
different solution may need to be considered.
Its very hard to claim that you CAN'T fly, when a user base of sev
* G.W. Haywood wrote:
> Hi there,
>
> It should come as no surprise to anyone that having read the message,
> it's possible to store it somewhere in the filesystem, e.g. for later
> analysis, despite the fact that the message is to be rejected.
>
:-)
>> Does anyone know a way to make sendmail r
There is a VirusEvent Script at
http://www.cmpublishers.com/oss/
Enjoy.
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a
eam could do something
like this in C.
Thoughts.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
* Dennis Peterson wrote:
> On 3/2/10 7:58 AM, Nathan Gibbs wrote:
>
>>
>> Question.
>> Why does freshclam suggest checking
>>
>> http://www.clamav.net/support/mirror-problem
>>
>> for possible problems with a a LOCAL MIRROR when it KNOWS that its
&
* Dennis Peterson wrote:
> On 3/2/10 10:14 AM, Nathan Gibbs wrote:
>
>> Not functional issues, just a couple rough edges that could use sanding.
>
> You have an idea and the source code - implement it and submit the
> change.
If I knew what I was doing in C, I'd be d
he Event caller
already has under the hood. )
If the ClamAV Team add that capability to the milter, I'll build the
Event Script.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
__
* aCaB wrote:
> Guys, please open a ticket. It's too late for 0.96, but will likely make
> it into 0.96.1.
>
Done Bug 1867
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP dig
mmandReadTimeout 30
>
I get those errors with these clamd settings
CommandReadTimeout 120
ReadTimeout 900
This is with the milter load balancing across 5 nodes.
Cheap, Fast, & Right, pick two.
Obviously, fast didn't get on the list.
--
Sincerely,
Nathan Gibbs
Systems Administrator
* Steve Holdoway wrote:
> On Sat, 2010-03-13 at 08:25 -0500, Nathan Gibbs wrote:
>> I get those errors with these clamd settings
>>
>> CommandReadTimeout 120
>> ReadTimeout 900
>>
>> This is with the milter load balancing across 5 nodes.
>>
>> Ch
les,
> they still persist that anyone disagreeing with their "we did nothing
> wrong" stance are a bunch of whining losers.
>
> That's how it comes across to me anyway.
>
Unfortunately.
If an old Clamav was installed on a system that did a vital task, but could
basica
.
However, the level of the farm's protection is my responsibility not theirs.
With the public demo of a kill sig capability, I learn that they CAN & WILL
mess with something that is my responsibility.
Tactically my "kingdom" could be invaded by the ClamAV Team at any time, &
better choice?
This thread is a perfect example, and Steve Basford made the right choice.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
oper of clamd.monitor a monitor compatible with the mon software.
That checks the Clam Antivirus Service.
http://www.cmpublishers.com/oss/
Your message inspired me to add that function to the monitor. I plan to
release in the next hours. Would you like the credit for the idea?
--
Sincerely,
* Nathan Gibbs wrote:
>
> Blah Blah Blah
>
Sorry all,
Didn't intend to do that on list.
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP dig
* Scott Mohnkern wrote:
> Are you on Windows or linux machines?
>
>
That all depends on where I'm sitting
Why?
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
___
Help us build a compre
amAV Team won't even consider it.
ClamAV Team, to feature request, or not to feature request?
That is the question.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
m ( informally ) consider implementing such an option?
If ( Yes ) {
I'll fill in the formal "paperwork" on their bugzilla.
}else{
I'll leave them alone and find something else to do.
}
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishe
ply that the
name caller is the moron.
We may never decide if the glass is half full or half empty, but we can
disagree and be nice about it.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digit
* Török Edwin wrote:
> On 05/14/2010 09:42 PM, Nathan Gibbs wrote:
>>
>> 1. Is moving updates over https a good idea? For the ClamAV update
>> infrastructure at large, probably not.
>
> For the public mirrors no. https has extra overhead (ssl setup),
Thats what I th
* Chuck Swiger wrote:
> On May 14, 2010, at 11:42 AM, Nathan Gibbs wrote:
>>
>> In summary I refuse to waste my time and the ClamAV Team's time
>> submitting a feature request that they will refuse to implement.
>
> While I have concerns and even complaints that
* Török Edwin wrote:
> On 05/15/2010 01:34 AM, Nathan Gibbs wrote:
>>
>> At our site, the "update server" hosts clamav DBs, snort rules, some conf
>> files, etc. The ability to protect the other data would be a plus. It would
>> add another layer of d
* Matus UHLAR - fantomas wrote:
>> * Matus UHLAR - fantomas wrote:
>>> Why? is there an aggresive firewall on the machine? Or is the machine
>>> maintained by a moron?
>
> On 14.05.10 14:50, Nathan Gibbs wrote:
>> Blah, Blah, Bl;ah.
>
> I have asked w
like it does now
( with everything in the DB, I assume. )
}
Although, I'm known for coming up with hair brained ideas, so this one might
go to /dev/null
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
D
* Török Edwin wrote:
> On 05/23/2010 02:46 AM, Nathan Gibbs wrote:
>> I've wondered about a similar idea for speeding up file scanning.
>> Especially in regards to daily system scans,
>>
>> After an initial scan, record a file's name, checksum, and time
>
>> So what exactly is the use-case for this, other than doing full system
>> scans more frequently than signature updates?
>
>
> however some initial tests have showed improved performance for nearly any
> kind of scan (system, mails, home, etc.)
>
Yes, the scans
* Török Edwin wrote:
> On 05/24/2010 05:28 AM, Nathan Gibbs wrote:
>> 2.
>> Store an array of pointers to sigs needed to do a partial scan.
>> Hand the engine the list on partial scans.
>> That might be the more elegant solution.
>
> It might be possible to do thi
* Török Edwin wrote:
> On 2010-05-24 22:00, Nathan Gibbs wrote:
>> OK, so an AC trie gets built and used until a DB reload.
>> Am I understanding correctly?
>
> Yes.
>
Man, that does make it complicated.
>> H'mm, That might work.
>> The corner cases bei
by the ClamAV Team.
:-)
I though about it, but figured there'd be a card up a sleeve somewhere.
That was great, esp since I would have tried the same thing a few months back.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Descrip
* Török Edwin wrote:
> On 2010-05-24 23:37, Nathan Gibbs wrote:
>> Here is about as far as my feature req would get.
>>
>> Leverage a checksum/hashing algorithm & partial DB's to speed up scheduled
>> system scans.
>>
See, I told you I didn't know
t of this thread.
I think the count is at 2 already.
:-)
LOL
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
s won't get fixed. I sincerely hope the "good guys"
build it first.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Hel
* Török Edwin wrote:
> On 05/25/2010 08:21 PM, Nathan Gibbs wrote:
>> The question isn't, why was this created?
>
> For hash collisions it matters how it was created. A lot.
> If you create two files A and B with the same hash, that is a hash
> collision.
Right.
> I
d to work with mon, but could be run from cron to watch your
installation.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehe
* Török Edwin wrote:
>
> I opened #2045.
>
So much for that, as it is now unplanned.
ARGH!!!
Thats all I'm going to say about that.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP dig
* aCaB wrote:
> Nathan Gibbs wrote:
>> Pointless & idiotic raving.
>
> Nathan,
>
> After a release, when we see see the bug flow stopping or calming down
> slightly all bugs (except those already clearly evaluated) are moved to
> unplanned.
> Shortly after (in t
* Jason Englander wrote:
> On Fri, 14 May 2010, Nathan Gibbs wrote:
>
>> I would like the option to use the https protocol with freshclam in a
>> local
>> mirror setup.
>
> Sorry to reply to a month-old post. I skimmed the thread, minus the
> bickering,
:-)
&
* aCaB wrote:
>
> So there's nothing to ARGH about... yet! :)
>
Bug 2045 RESOLVED/WONTFIX.
Now can I ARGH ?
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP dig
As of July last year we had a running clamav 0.95.2 compiled on gcc 2.96.
However that machine was retired.
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
ironment.
A virusevent script can be found at
http://www.cmpublishers.com/oss
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
well as the DB, but currently that doesn't happen.
> And as a follow-up, the VirusEvent will run a console app.
>
> I am grateful for the help, thank you!
>
Thats what we're here for.
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpubli
what would be required to port it to nagios.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
* Nathan Gibbs wrote:
>
> However, I'll look into what would be required to port it to nagios.
>
This may be what you need.
http://exchange.nagios.org/directory/Plugins/Anti%252DVirus/ClamAV/ClamAV-check-plugin/details
It can't query remote systems like clamd.monitor,
w I would forget to do it by time 0.96.1 came out?
:-(
Sorry folks.
Chris, could you send me your code?
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
usr/local/sbin/virusaction "-option value"
VirusAction /usr/local/sbin/virusaction -option "value"
Any ideas?
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
_
* Nathan Gibbs wrote:
> How can I get the clamav-milter to call a virusaction scipt that accepts a cmd
> line argument?
>
SNIP
>
> Any ideas?
>
>
OK, I have a few.
It doesn't appear that clamav-milter allows additional args to be passed to
the virusaction scr
A script to handle all external events in a ClamAV installation.
Well, almost, there is a wrapper for the messed up VirusAction also.
http://www.cmpublishers.com/oss/
Enjoy.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
* Bowie Bailey wrote:
> On 9/15/2010 12:47 PM, Török Edwin wrote:
>> On Tue, 14 Sep 2010 19:41:59 -0400
>> Nathan Gibbs wrote:
>>
>>> A script to handle all external events in a ClamAV installation.
>>>
>>> Well, almost, there is a wrapper
ing new ground.
Final opinion about how to do the common task.
Use execle to call the script directly, and hand it a common Environment.
Do this for all external events.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description:
expect to.
Is this a bug or a feature?
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: vis
* Nathan Gibbs wrote:
>
> In Conclusion
> I can think of at least three more CLmaAV events that it would be nice to be
> notified on.
> However, I feel that it is important to decide how to do one common task
> before covering new ground.
>
> Final opinion about how to d
* Dennis Peterson wrote:
> On 9/21/10 9:55 PM, Nathan Gibbs wrote:
>>
>> Now will the REAL C CODERS PLEASE STAND UP! Do it right and show me how
>> its done. Better yet, just do it right the first time, and I won't say a
>> thing.
>
> Got your ECR submitt
* Nathan Gibbs wrote:
>
> In Conclusion
> I can think of at least three more CLmaAV events that it would be nice to be
> notified on.
> However, I feel that it is important to decide how to do one common task
> before covering new ground.
>
> Final opinion about how to d
* Nathan Gibbs wrote:
>
> In Conclusion
> I can think of at least three more CLmaAV events that it would be nice to be
> notified on.
> However, I feel that it is important to decide how to do one common task
> before covering new ground.
>
> Final opinion about how to d
* Dennis Peterson wrote:
> On 9/22/10 6:58 AM, Nathan Gibbs wrote:
>
>> Those guys could do this better than me any day of the week. They
>> could code
>> circles around me, but so far they won't. what does that tell you?
>
> They have higher priorities.
>
letely work. One of them could have done it in
a couple of hours and it would have worked.
Why should I not be disgusted?
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
* aCaB wrote:
> Nathan Gibbs wrote:
>> Here is my working "test" implementation for the milter
>>
>> http://www.cmpublishers.com/oss/clamfi.c
>
> Hi Nathan,
>
> awsome spirit!
> I'd love to say "awesome code" too but I haven't h
nt OnOutdatedExecute never gets called on error
> conditions.
>
Ok, that makes sense.
Thanks
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Hel
blishers.com/oss/
One of my coding disasters.
:-)
> Second question, is it possible to configure ClamAV as an 'AV-Proxy Web'
> ? To verify if a virus/malware is present on the website ?
>
HAVP
http://www.server-side.de/
I don't know much about it, but it might be what y
n layer is in its current state of disarray.
My 2 cents.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensi
in my 2 cents
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
mutter, mutter, mutter...
Now where did I put that c++ chainsaw?
Evil laugh...
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us b
ClamAV is backwards compatibility.
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http
* Nathan Gibbs wrote:
> Clamav Common Execution Environment patch set
>
Added additional logging to the clamd & freshclam patch.
Now when LogVerbose = Yes
All three should produce similar output.
http://www.cmpublishers.com/oss/ccee-0.96.4.1.tar.gz
Enjoy.
--
The only compatib
* Michael Orlitzky wrote:
> On 10/26/2010 01:18 PM, Nathan Gibbs wrote:
>> Clamav Common Execution Environment patch set
>>
>> http://www.cmpublishers.com/oss/ccee-0.96.4.tar.gz
>>
>> Clamav Unified Event System
>> Upgrade to work with the above patch s
Clamav Common Execution Environment patch set
http://www.cmpublishers.com/oss/ccee-0.96.5.tar.gz
Enjoy :-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
he treatment of the user base leaves somewhat to be
desired.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide:
* Török Edwin wrote:
> On 2011-02-28 18:29, Nathan Gibbs wrote:
>> * Török Edwin wrote:
>>> but apparently people running 0.95 care more about clamd "working" than
>>> actually detecting malware.
>>>
>> 0.95 working equals more protection than
* Jerry wrote:
> On Mon, 28 Feb 2011 11:29:17 -0500 Nathan Gibbs
> articulated:
>
>> A flag day now and then (0.94.x DB issue) is OK, but not as a regularly
>> scheduled event. Whats the point of putting the latest Clamav on a system
>> when the Dev team is going
em to the
> "real" database dir and signal clamd.
There might be something to that idea.
If someone implements it, I'll consider adding it to CLUES and or CCEE.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http
command that will
> generate these numbers based on signature files in the DataDictionary
> directory?
>
Do you mean sig counts per DB in the DB directory?
The next release of CCEE will have that capability.
However, life has been getting in the way of that project lately.
:-)
--
Sincer
://www.cmpublishers.com/oss/ccee-0.97.tar.gz
Enjoy :-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit http
igs?
http://www.cmpublishers.com/oss/ccee-0.97.0.1.tar.gz
Enjoy :-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
expert in coding,
> where can I get a sample script file for VirusAction that I can modify
> it to meet my needs ? Thank you for your assistance.
Clamav Unified Event System (CLUES)
http://www.cmpublishers.com/oss
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Ch
* Dennis Peterson wrote:
> It's Unix - you're allowed to think.
>
Awesome statement,
:-D
That made my day, Dennis.
Thanks.
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
___
ing it into the next
CCEE patch set.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build a comprehensive ClamAV guide: visit ht
ixes on.
:-)
Thanks for the idea, its a good one, now if I can just catch it.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Help us build
l cause clamd to to emit the .UNOFFICIAL
output without loading any 3rd party DB's
Thanks.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
Hel
it escapes from libclamav.
I don't see it being used in the higher level programs, so there is no example
to learn from.
As I've said before, I am not a c or c++ coder.
btw.
I did find cl_countsigs while looking through libclamav.
That'll make the next CCEE patchset simpler.
Thank
* aCaB wrote:
> On 04/16/11 06:14, Nathan Gibbs wrote:
>> Is there some test data that will cause clamd to to emit the .UNOFFICIAL
>> output without loading any 3rd party DB's
>
> Just load any db file in non cvd/cld format.
>
> -aCaB
>
>
Do you mean so
* Török Edwin wrote:
> On 2011-04-16 17:06, Nathan Gibbs wrote:
>>
>> I'm guessing that clcb_post_scan can be used to ambush the virus name
>> soon after it escapes from libclamav.
>
> It allows you to get a callback
Whatever that is.
:-)
> for every file
* aCaB wrote:
> On 04/16/11 16:48, Nathan Gibbs wrote:
>> Do you mean something like.
>>
>> cat daily.cvd | sigtool -mdb > daily.mdb
>
> That won't work. If you want to use an official db you should you
> "sigtool --unpack".
>
> Altern
it. I've gotten more out of the experience
than I've put in yet. You can bet I'm going to finish this.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
___
ple that can do something
> about it.
>
Good idea, so even if the users don't know where the sig comes from, an FP
submitted to the wrong place would eventually get to the right place.
I'm glad someone is thinking about the right way to do this.
--
Sincerely,
Nathan Gibbs
Syste
t; And when you tell them they can buy support, what do you suppose the
> response is? Buy support for an open source product? Are you crazy?
>
They would do it for an inferior commercial product too.
Thats the funny / sad part.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Chris
done in this release.
However, I don't have the hardware to do much in the line of testing.
Could somebody make sure that our 0.97.x enhancements work as expected?
http://www.cmpublishers.com/oss/#ccee
Enjoy:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
e you're familiar with it, it's
> often the first choice for quick and dirty hacks.
>
LOL, Starting the chainsaw!
:-)
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Descr
akes more sense in the long
run anyways. I do value his input especially when I get annoyed with the
Clamav Team.
--
Sincerely,
Nathan Gibbs
Systems Administrator
Christ Media
http://www.cmpublishers.com
signature.asc
Description: OpenPGP digital signature
1 - 100 of 142 matches
Mail list logo
