vinod boppana | 13 Jan 07:43 2016
Picon

Antivirus Un-Killable or Password Protect

Hi,
I had installed ClamAV on few Linux Machines. Is it possible to set the configuration in such a way that a
normal user of the machine cannot kill the AntiVirus process (or even a password protect)?
Thanks & Regards,Vinod Kumar Boppanna
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Istvan Szabo | 12 Jan 13:14 2016
Picon

Stream scanning

Hi,

Is it possible to  handle somehow this request with clamav?

1.
User uploads file to web site
2.
File is loaded into memory (byte stream)
3.
File byte stream is sent to ClamAV for scanning
4.
ClamAV returns OK or VIRUS
5.
If OK, store file in the database, if VIRUS, return error to user

I'd imagine to scan the file ClamAV will need to write the byte stream into a temporary file which then gets
deleted after the scan.

I've got a POC working on a Windows server. You can connect via TCP to the ClamAV daemon and invoke commands.
We'd use the INSTREAM command which sends the file over in a byte stream for scanning.

Is it possible?

Thank you.

This communication and any attachments transmitted with it is intended only for the stated addressee(s)
and may be confidential. Any unauthorised disclosure, use or dissemination, either whole or in part is
prohibited. If you have received this email in error, please notify the SFW IT Support team immediately at
support <at> sfwltd.co.uk and delete, erase or otherwise destroy this email. Opinions expressed in this
email are those of the author and do not necessarily reflect the opinions of SFW Ltd or SFW India Pvt Ltd.
(Continue reading)

Michael K. | 11 Jan 13:14 2016
Picon

some clamd.conf issues

Hello again,

Clamd don't start. "journalctl" tells:

clamd[3379]: ERROR: Incorrect argument format for option PCREMaxFileSize
clamd[3379]: ERROR: Can't open/parse the config
file /etc/clamd.d/clamd.conf

My PCREMaxFileSize in clamd.conf is: 25M (the default size) Why is my
"argument format" incorrect?

the file "clamd.conf" is owned by "root" - this is not correct?

thanks
michael

--

-- 
| Neuer GNUpg Key! = 0xEC54E607 (GnuPG ID)
| Download Public Key = keys.gnupg.net
| B45F 30C4 ED93 FEAF 48E3 0D3B C716 4875 EC54 E607
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
lists | 10 Jan 09:37 2016
Picon

Fw: important message

Hello!

New message, please read <http://c00036.247development.net/gate.php?a>

lists <at> kratzt.net

_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

G.W. Haywood | 5 Jan 18:58 2016
Picon

Re: error notifications received

Hi there,

On Tue, 5 Jan 2016, James Pett wrote:

> I have recently been receiving notifications from my server containing an
> error. The emails content is below:
> ...
> Subject: Cron <root <at> stomp-web> [ ! -f /etc/cron.hourly/0anacron ] && run-parts /etc/cron.daily
> /etc/cron.daily/freshclam:
> ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamd.conf
> ...
> I have contacted my server administrator and they have informed me that this
> is an error caused by a ClamAV update ...

Can you share with us the job description of your server administrator?
I'd expect any administrator I employed to fix this himself, not to lay
blame at the door of some other party.  It is after all likely to be an
extremely simple issue.

> ... is this true?

Your description doesn't really give enough information to answer your
first question.  It seems a strange error to result from any "ClamAV
update" but it isn't beyond the realms of possibility.  If you're
using an operating system 'distribution' it might mean that a package
maintainer for the distribution screwed up.  In that case I'd expect
him to fix it pronto without input from me, as I'd expect legions of
users to be in touch with him fairly soon, and that a newer "ClamAV
update" would fix the problem.

(Continue reading)

im zkoko | 5 Jan 14:58 2016
Picon

Error: cl_load(): No such file or directory

Hello

I asked the following question on github (
https://github.com/vrtadmin/clamav-devel/issues/46 ), and I waited for ~1
month  without receiving any answer. It seems that the community is not
active in this site :)

I installed clamav as mentioned in the section 3.2 Installing on shell
account, using the following commands

 ./configure --prefix=/home/user/programming/clamav --disable-clamav
 make
 make install

As you see it doesn't work for me.

./clamscan ~
LibClamAV Error: cl_load(): No such file or directory:
/home/user/programming/clamav/share/clamav
ERROR: Can't get file status----------- SCAN SUMMARY -----------Known
viruses: 0Engine version: devel-20151207Scanned directories: 0Scanned
files: 0Infected files: 0Data scanned: 0.00 MBData read: 0.00 MB
(ratio 0.00:1)Time: 0.011 sec (0 m 0 s)
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

(Continue reading)

James Pett | 5 Jan 11:24 2016

error notifications received

Hi All,

I have recently been receiving notifications from my server containing an
error. The emails content is below:

Subject: Cron <root <at> stomp-web> [ ! -f /etc/cron.hourly/0anacron ] &&
run-parts /etc/cron.daily

/etc/cron.daily/freshclam:

ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamd.conf

I have contacted my server administrator and they have informed me that this
is an error caused by a ClamAV update, is this true? If this is the case how
does this affect our systems and how do we stop the errors occurring? I
would appreciate any help with this and will give any information needed to
facilitate achieving a fix.

Many thanks,

James Pett

Web development team

Stomp Racing LTD

_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

(Continue reading)

Walter H. | 3 Jan 20:57 2016

SquidClamAV and generic rules ...

Hello,

not only the downloaded content is checked, also the uploaded content, 
as this makes it impossible
uploading a file to VirusTotal, when e.g. the following inside a .cdb is 
active

Sanesecurity.Foxhole.Zip_doc_js:CL_TYPE_ZIP:*:[. -_]([Dd][Oo][Cc])(([. 
_]){1,})([Jj][Ss])$:*:*:*:*:*:*
(Foxhole_generic.cdb)

Greetings,
Walter

Attachment (smime.p7s): application/pkcs7-signature, 5831 bytes
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Andrew Wood | 1 Jan 18:11 2016

ClamAV not detecting viruses

Apologies if Im missing something obvious here but I have some 
attachments (.doc, .xls & .zip files) which came attached to spam emails 
which Im using to test out ClamAV on Debian Jessie (installed from the 
official Debian package).

Windows Defender says that they contain TrojanDownloader:JS/Swabfex.E & 
TrojanDownloader:o97M/Adnel but running clamscan on them says they are 
not infected.

The freshclam log shows that the definitions are being updated every 
hour, but Debian does not ship with a skeleton clamd.conf file and from 
Googling I cant work out if its required or not?

Is there any other reason why those infections would not be being detected?

Thanks
Andrew
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

sebastian@debianfan.de | 30 Dec 20:27 2015
Picon

crdf threatcenter

Hi  <at> all,

does anybody know, whats up with the crdf threatcenter ?

I am not able to download the crdfam.clamav.hdb database.

Thx

Sebastian
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Michael K. | 28 Dec 14:33 2015
Picon

clamav and systemd

Hello, 

I can't start clamAV whit my FC23 system (on boot) my Distro use:
Systemd - i have setup a Fedora23 whit ClamAV
(clamav-scanner-systemd-0.99-2.fc23) 

hint: sudo was *not* installed!

i found a message in a fedora forum (0) that's show me the right way. I
can start freshclam and also clamscan from a (bash) shell. now, i will
enable clamd for "autostart" - have anyone a idea (or link to a
description) how?

on a root shell (bash) i can't enable the clam service: 
> [root <at> fedora]# systemctl enable clamav.service
> Failed to execute operation: No such file or directory

i take a look to systemd services whit: "systemctl list-unit-files"
And i see:

> clamd <at> .service                              static  
> clamd <at> scan.service                          disabled

witch file or directory was needed by clam? and how i can enable clam
scan service?! 

thanks in advanced

regards
michael
(Continue reading)


Gmane