Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: ClamAV: users

(no subject)

 

 

First page Previous page 1 2 3 4 5 6 7 8 Next page Last page  View All ClamAV users RSS feed   Index | Next | Previous | View Threaded


bdm at fenrir

Oct 9, 2005, 3:17 PM

Post #51 of 181 (5472 views)
Permalink
Re: (no subject) [In reply to]

On Sun, 9 Oct 2005 09:45:46 -0700 (PDT) in
44539.192.168.1.1.1128876346.squirrel [at] mail
webmaster [at] kf6plh wrote:

> I am a bit confused. In his repository's the only version of Fedora
> to use this server rpm is FC4.

Yes, this is the case, I looked in the spec file for the rpms and he has
simply provided a server rpm so that installations that don't need clamd
don't install it.

You need it, hence the need to install both rpms now.

--

Brian Morrison

bdm at fenrir dot org dot uk

GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html


jmaul at elih

Jul 26, 2006, 10:35 AM

Post #52 of 181 (5427 views)
Permalink
Re: (no subject) [In reply to]

Tim Jordan wrote:
> Is this really a virus?
>

No, but thats debatable.

> HTML.Phishing.Pay-157
>
> I think its junk mail but CLAMAV reports it as a virus.

What else would clamav report it as? Its a virus scanner. Call it junk
mail, spam, just plain garbage, etc. The point is, its potentially
harmful and as such, clamav detects it.

>
> Thank you,
>
> Tim

-Jim
_______________________________________________
http://lurker.clamav.net/list/clamav-users.html


cswiger at mac

Jul 26, 2006, 10:37 AM

Post #53 of 181 (5429 views)
Permalink
Re: (no subject) [In reply to]

On Jul 26, 2006, at 1:29 PM, Tim Jordan wrote:
> Is this really a virus?
>
> HTML.Phishing.Pay-157
>
> I think its junk mail but CLAMAV reports it as a virus.

It's a phishing scam carried via email which is about as malicious as
a virus is....

--
-Chuck

_______________________________________________
http://lurker.clamav.net/list/clamav-users.html


DStaal at usa

Jul 26, 2006, 10:46 AM

Post #54 of 181 (5423 views)
Permalink
Re: (no subject) [In reply to]

On Wed, July 26, 2006 1:29 pm, Tim Jordan said:
> Is this really a virus?
>
> HTML.Phishing.Pay-157
>
> I think its junk mail but CLAMAV reports it as a virus.

CLAMAV detects phishing spam, and reports it. Since it can only report as
a virus, that's all it can report as.

The next version is scheduled to allow you to turn off the 'phishing'
scans as a run-time option, but until then the only way to disable them is
to remove the signatures from your database file.

Daniel T. Staal

---------------------------------------------------------------
This email copyright the author. Unless otherwise noted, you
are expressly allowed to retransmit, quote, or otherwise use
the contents for non-commercial purposes. This copyright will
expire 5 years after the author's death, or in 30 years,
whichever is longer, unless such a period is in excess of
local copyright law.
---------------------------------------------------------------

_______________________________________________
http://lurker.clamav.net/list/clamav-users.html


fedora at drussell

Jul 26, 2006, 10:48 AM

Post #55 of 181 (5418 views)
Permalink
Re: (no subject) [In reply to]

Tim Jordan wrote:
> Is this really a virus?
>
> HTML.Phishing.Pay-157
>
> I think its junk mail but CLAMAV reports it as a virus.

tom-ay-to, tom-ah-toe :-)

I'm glad clamAV does flag these.... I use a procmail receipe on my mail
server to change the subject accordingly, and a dd a couple of X-
headers to the message...

Keep up the great detection work :-)


_______________________________________________
http://lurker.clamav.net/list/clamav-users.html


oboltus at bigmir

Oct 23, 2007, 12:30 AM

Post #56 of 181 (5136 views)
Permalink
Re: (no subject) [In reply to]

> On 10/16/07, oboltus <oboltus [at] bigmir> wrote:
>> Hello!
>> I address with a question, the answer on which could not find in FAQ. whether can clamav check on viruses outcoming mail? If yes, as it to realize?
>> thank you in advance.

> Yes - the solution of course will depend on your mail server, which
> you make no mention of.

OS - Linux RedHat 7.3
MTA - sendmail


mailto:oboltus [at] bigmir

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


rob.macgregor at gmail

Oct 23, 2007, 1:13 AM

Post #57 of 181 (5158 views)
Permalink
Re: (no subject) [In reply to]

On 10/23/07, oboltus <oboltus [at] bigmir> wrote:
>
> > Yes - the solution of course will depend on your mail server, which
> > you make no mention of.
>
> OS - Linux RedHat 7.3
> MTA - sendmail

Then you have a range of options, including clamav-milter, MIMEDefang
and amavisd-new, to name but a few.

--
Please keep list traffic on the list.

Rob MacGregor
Whoever fights monsters should see to it that in the process he
doesn't become a monster. Friedrich Nietzsche
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


oboltus at bigmir

Oct 23, 2007, 4:18 AM

Post #58 of 181 (5145 views)
Permalink
Re: (no subject) [In reply to]

>> Hello!
>> I address with a question, the answer on which could not find in FAQ. whether can clamav check on viruses outcoming
>> mail? If yes, as it to realize?
>> thank you in advance.

> Yes - the solution of course will depend on your mail server, which
> you make no mention of.

>>OS - Linux RedHat 7.3
>>MTA - sendmail

> Then you have a range of options, including clamav-milter, MIMEDefang
> and amavisd-new, to name but a few.

Could You set an example of practical realization with use clamav-milter?



mailto:oboltus [at] bigmir

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


rob.macgregor at gmail

Oct 23, 2007, 5:00 AM

Post #59 of 181 (5153 views)
Permalink
Re: (no subject) [In reply to]

On 10/23/07, oboltus <oboltus [at] bigmir> wrote:
>
> Could You set an example of practical realization with use clamav-milter?

See the documentation/man page/google.

--
Please keep list traffic on the list.

Rob MacGregor
Whoever fights monsters should see to it that in the process he
doesn't become a monster. Friedrich Nietzsche
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html


edwintorok at gmail

Apr 16, 2010, 12:37 AM

Post #60 of 181 (4843 views)
Permalink
Re: (no subject) [In reply to]

On 04/16/2010 10:21 AM, Dima wrote:
> Hello
>
> Today, after the next regular virus database update antivirus stopped
> working. The following quote log database update and response program.


> Fri Apr 16 10:12:14 2010 -> clamd daemon 0.92.1 (OS: linux-gnu, ARCH:
> i386, CPU: i386)

http://www.clamav.net/eol-clamav-094/

>
> What can you advise?

Upgrade it.
If you use Debian add the volatile repository.

Best regards,
--Edwin
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


steve at greengecko

Apr 16, 2010, 12:54 AM

Post #61 of 181 (4857 views)
Permalink
Re: (no subject) [In reply to]

On Fri, 2010-04-16 at 10:37 +0300, Török Edwin wrote:
> On 04/16/2010 10:21 AM, Dima wrote:
> > Hello
> >
> > Today, after the next regular virus database update antivirus stopped
> > working. The following quote log database update and response program.
>
>
> > Fri Apr 16 10:12:14 2010 -> clamd daemon 0.92.1 (OS: linux-gnu, ARCH:
> > i386, CPU: i386)
>
> http://www.clamav.net/eol-clamav-094/
>
> >
> > What can you advise?
>
> Upgrade it.
> If you use Debian add the volatile repository.
>
> Best regards,
> --Edwin
Shame you haven't talked to to others - like havp for example - before
doing this.


tkojm at clamav

Apr 16, 2010, 2:07 AM

Post #62 of 181 (4863 views)
Permalink
Re: (no subject) [In reply to]

On Fri, 16 Apr 2010 11:58:29 +0300
"Dima" <clamuser [at] visaginas> wrote:

> Hit http://archive.debian.org sarge/volatile/non-free Packages
> Hit http://archive.debian.org sarge/volatile/non-free Release
> Reading Package Lists... Done
> server:/# LANG=C apt-get install clamav clamav-base clamav-daemon
> clamav-freshclam clamav-milter libclamav1 libclamav3
> Reading Package Lists... Done
> Building Dependency Tree... Done
> clamav is already the newest version.
> clamav-base is already the newest version.
> clamav-daemon is already the newest version.
> clamav-freshclam is already the newest version.
> clamav-milter is already the newest version.
> libclamav1 is already the newest version.
> libclamav3 is already the newest version.
> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
>
> There is still a proposal?

Sarge is 5 years old and no longer maintained (including security fixes!)
since 2008. You should really update your OS first.

--
oo ..... Tomasz Kojm <tkojm [at] clamav>
(\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
\..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Fri Apr 16 11:06:50 CEST 2010
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


clamav-users at uchange

Apr 16, 2010, 2:09 AM

Post #63 of 181 (4864 views)
Permalink
Re: (no subject) [In reply to]

On Fri, 16 Apr 2010 11:58:29 +0300, "Dima" <clamuser [at] visaginas> wrote:
>> Upgrade it. If you use Debian add the volatile repository.
> Hit http://archive.debian.org sarge/main Packages
> Hit http://archive.debian.org sarge/main Release
> Hit http://archive.debian.org sarge/contrib Packages
> Hit http://archive.debian.org sarge/contrib Release
> Hit http://archive.debian.org sarge/non-free Packages

> Reading Package Lists... Done
> Building Dependency Tree... Done
> clamav is already the newest version.

> There is still a proposal?

You are running Debian Sarge! That's been EOL and unsupported for over 2
years (March 2008). See here - http://www.debian.org/releases/sarge/

Your best bet is to upgrade to Debian etch:

1) Backup your system (this might break)
2) Edit /etc/apt/sources.list - replace anything that says 'sarge' with
'etch'
3) Run apt-get update
4) Run apt-get dist-upgrade

This chap has a helpful guide:
http://rimuhosting.com/knowledgebase/linux/distros/debian-sarge-to-etch

Hope this helps. You really can't complain at the ClamAV team if you're
running old, outdated systems. They have been warning us for months that
this was going to happen.


Regards


Richard

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


tkojm at clamav

Apr 16, 2010, 2:32 AM

Post #64 of 181 (4866 views)
Permalink
Re: (no subject) [In reply to]

On Fri, 16 Apr 2010 12:28:44 +0300
"Dima" <clamuser [at] visaginas> wrote:

> There is a small problem - until this morning me and tens of thousands of
> other users of this operating system is fully suited for more than 5
> years. Update your operating system is now quick and painless can not
> perform because of very many reasons, such as your - incompatibility (eg
> convert MySQL databases hundreds of thousands of tables in utf8).
> Your suggestion - remove clamav and forget about the antivirus?

You can always try to compile from source

--
oo ..... Tomasz Kojm <tkojm [at] clamav>
(\/)\......... http://www.ClamAV.net/gpg/tkojm.gpg
\..........._ 0DCA5A08407D5288279DB43454822DC8985A444B
//\ /\ Fri Apr 16 11:30:49 CEST 2010
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


edwintorok at gmail

Apr 16, 2010, 3:22 AM

Post #65 of 181 (4856 views)
Permalink
Re: (no subject) [In reply to]

On 04/16/2010 01:07 PM, Dima wrote:
> I have something very much doubt that this can be done on the old compiler
> using libraries of those times.

People have successfully built ClamAV on various old systems, maybe not
with all the features, but it surely built and run.

Just give it a try.

Best regards,
--Edwin
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


linux at thehobsons

Apr 16, 2010, 3:59 AM

Post #66 of 181 (4860 views)
Permalink
Re: (no subject) [In reply to]

Richard Bishop wrote:

>You are running Debian Sarge! That's been EOL and unsupported for over 2
>years (March 2008). See here - http://www.debian.org/releases/sarge/

Yes, I am as well - and for several good reasons.

1) If it aint broke, don't fix it. It works, has worked reliably for
several years, and was working fine yesterday. It's uptime is
currently 405 days, and then the last downtime was to physically move
the server.

2) If it aint broke - don't fix it. There's no way I'd attempt a
major upgrade in-place when it's a live server used 24*7. For various
internal reasons (which I'm sure you can guess) I don't have the
resources to do anything but an in-place upgrade if I want to upgrade.

3) I can accept that software will go out of support - but I never
expected a Miscrosoft-esque remote shutdown.


Recognising that Sarge is quite old, I have in fact got a new server
about ready to go - and I've taken the opportunity to roll in some
better features that the current live one. However, I don't have the
hardware to deploy it with yet - and I probably won't for several
months.

--
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


leolistas at solutti

Apr 16, 2010, 5:15 AM

Post #67 of 181 (4847 views)
Permalink
Re: (no subject) [In reply to]

Em 16/04/2010 07:22, Trk Edwin escreveu:
> On 04/16/2010 01:07 PM, Dima wrote:
>> I have something very much doubt that this can be done on the old
>> compiler
>> using libraries of those times.
>
> People have successfully built ClamAV on various old systems, maybe
> not with all the features, but it surely built and run.

just as example, i could successfully built and get clamav 0.95.3
on a redhat 9 box with GCC 3.2.2. Thats surely an example of OLD system
! It was released in 2003 and its EOL was 2004-04-30.

havent tried clamav 0.96 because i had 0.95 confs ready and had to
upgrade quickly after the kill signature was published yesterday.

[root [at] correi root]# cat /etc/redhat-release
Red Hat Linux release 9 (Shrike)

[root [at] correi root]# gcc --version
gcc (GCC) 3.2.2 20030222 (Red Hat Linux 3.2.2-5)
Copyright (C) 2002 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


[root [at] correi root]# clamd --version
ClamAV 0.95.3-exp/10751/Thu Apr 15 23:23:45 2010


--


Atenciosamente / Sincerily,
Leonardo Rodrigues
Solutti Tecnologia
http://www.solutti.com.br

Minha armadilha de SPAM, NO mandem email
gertrudes [at] solutti
My SPAMTRAP, do not email it




_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


francis.stevens at bristow

Apr 16, 2010, 6:10 AM

Post #68 of 181 (4872 views)
Permalink
Re: (no subject) [In reply to]

Leonardo Rodrigues wrote:
> Em 16/04/2010 07:22, Trk Edwin escreveu:
>> On 04/16/2010 01:07 PM, Dima wrote:
>>> I have something very much doubt that this can be done on the old
>>> compiler
>>> using libraries of those times.
>>
>> People have successfully built ClamAV on various old systems, maybe
>> not with all the features, but it surely built and run.
>
> just as example, i could successfully built and get clamav 0.95.3 on a
> redhat 9 box with GCC 3.2.2. Thats surely an example of OLD system ! It
> was released in 2003 and its EOL was 2004-04-30.

I've even managed to build 0.96 on a Redhat 7.2 based system, gcc 2.96
(Redhat patched version), though I did have to update zlib manually to
get "make check" to pass.

>
> havent tried clamav 0.96 because i had 0.95 confs ready and had to
> upgrade quickly after the kill signature was published yesterday.
>
> [root [at] correi root]# cat /etc/redhat-release
> Red Hat Linux release 9 (Shrike)
>
> [root [at] correi root]# gcc --version
> gcc (GCC) 3.2.2 20030222 (Red Hat Linux 3.2.2-5)
> Copyright (C) 2002 Free Software Foundation, Inc.
> This is free software; see the source for copying conditions. There is NO
> warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
>
>
> [root [at] correi root]# clamd --version
> ClamAV 0.95.3-exp/10751/Thu Apr 15 23:23:45 2010
>
>
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


spiro at knossos

Apr 18, 2010, 1:27 PM

Post #69 of 181 (4820 views)
Permalink
Re: (no subject) [In reply to]

> Shame you haven't talked to to others - like havp for example - before
> doing this.

The announcement to EOL the old releases was made at the start of
october last year. If people using clam as an integral part of their
software don't read announcements, what fault is that of the clam
developers?

They had 6 months to sort it out.

--
Spiro Harvey Knossos Networks Ltd
021-295-1923 www.knossos.net.nz
Attachments: signature.asc (0.19 KB)


spiro at knossos

Apr 18, 2010, 1:38 PM

Post #70 of 181 (4805 views)
Permalink
Re: (no subject) [In reply to]

> 1) If it aint broke, don't fix it. It works, has worked reliably for
> several years, and was working fine yesterday. It's uptime is

And now it's broken. So you have to fix it. Life on the edge is scary
for some sysadmins, eh?

> currently 405 days, and then the last downtime was to physically move
> the server.

So for 405 days you've done no kernel patches? Awesome. I bet that
server's a bunch of remote exploits waiting to happen (if they haven't
already).

Using massive uptimes to prove how cool your server is actually just
shows that you're not doing the right maintenance.

> 2) If it aint broke - don't fix it. There's no way I'd attempt a
> major upgrade in-place when it's a live server used 24*7. For various
> internal reasons (which I'm sure you can guess) I don't have the
> resources to do anything but an in-place upgrade if I want to upgrade.

Well if they don't want patches on it, and they're not prepared to give
you money to have a backup server to do upgrades on, then it can't be
as critical as they're telling you.

> 3) I can accept that software will go out of support - but I never
> expected a Miscrosoft-esque remote shutdown.

You should have expected it 6 months ago when the announcement was made.
Attachments: signature.asc (0.19 KB)


bitfuzzy at campbus

Apr 18, 2010, 1:40 PM

Post #71 of 181 (4799 views)
Permalink
Re: (no subject) [In reply to]

Shhhhh

They've simmered down, I don't need the issue stirred up again

Spiro Harvey wrote:
>> Shame you haven't talked to to others - like havp for example - before
>> doing this.
>>
>
> The announcement to EOL the old releases was made at the start of
> october last year. If people using clam as an integral part of their
> software don't read announcements, what fault is that of the clam
> developers?
>
> They had 6 months to sort it out.
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


dennispe at inetnw

Apr 18, 2010, 1:43 PM

Post #72 of 181 (4813 views)
Permalink
Re: (no subject) [In reply to]

On 4/18/10 1:27 PM, Spiro Harvey wrote:
>> Shame you haven't talked to to others - like havp for example - before
>> doing this.
>
> The announcement to EOL the old releases was made at the start of
> october last year. If people using clam as an integral part of their
> software don't read announcements, what fault is that of the clam
> developers?
>
> They had 6 months to sort it out.

The people that had problems probably download signatures straight into the
signature directory that clamd uses. I drop mine into a holding directory where
I can test them first. Yes, I know that is all built into freshclam, but I'd
rather know ahead of time if a sig is going to be harmful. I use the exact same
process for checking SaneSecurity and other third-party signatures. I didn't
need it this time because I'd upgraded long ago, but it's not a bad process.

dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


jimlinux at commspeed

Apr 18, 2010, 2:03 PM

Post #73 of 181 (4811 views)
Permalink
Re: (no subject) [In reply to]

On Apr 18, 2010, at 1:40 PM, Ken Campney wrote:

> Shhhhh
>
> They've simmered down, I don't need the issue stirred up again
>
> Spiro Harvey wrote:
>>> Shame you haven't talked to to others - like havp for example -
>>> before
>>> doing this.
>>>
>>
>> The announcement to EOL the old releases was made at the start of
>> october last year. If people using clam as an integral part of their
>> software don't read announcements, what fault is that of the clam
>> developers?
>>
>> They had 6 months to sort it out.
>>
>>
>> ------------------------------------------------------------------------
>>

And you run the risk of being called the "most arrogant and ignorant
person on the Internet"....... Oh my....

Jim
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


bitfuzzy at campbus

Apr 18, 2010, 2:39 PM

Post #74 of 181 (4816 views)
Permalink
Re: (no subject) [In reply to]

yup, that's me, though in all honesty the comment was supposed to read
"They've simmered down, I don't "think the issue needs stirring up again"

Proof reading is a wonderful thing when not practiced in moderation :\

>
> And you run the risk of being called the "most arrogant and ignorant
> person on the Internet"....... Oh my....
>
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


jimlinux at commspeed

Apr 18, 2010, 2:45 PM

Post #75 of 181 (4792 views)
Permalink
Re: (no subject) [In reply to]

On Apr 18, 2010, at 2:39 PM, Ken Campney wrote:

> yup, that's me, though in all honesty the comment was supposed to
> read "They've simmered down, I don't "think the issue needs stirring
> up again"
>
> Proof reading is a wonderful thing when not practiced in moderation :\
>
>>
>> And you run the risk of being called the "most arrogant and
>> ignorant person on the Internet"....... Oh my....
>>

No, I was referring to personal attacks against me and my
contributions to the fray Fri and Sat....

Jim

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

First page Previous page 1 2 3 4 5 6 7 8 Next page Last page  View All ClamAV users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.