Mailing List Archive

1 2 3 4 5 6 7 8  View All
Re: (no subject) [ In reply to ]
On 03/03/2012 04:44 PM, Jayson Brush wrote:
> Hello
>
> I currently have ClamSMTP and ClamAV 0.97.3 installed on CentOS with
> postfix and dovecot. The setup works and ClamAV properly scans all emails
> and detects viruses. However, I have enabled the DLP module in Clamd to
> detect CC numbers and SSNs and lowered the threshold to 1 for each. When I
> send and SSN number Clam properly logs that there was a SSN attempted to be
> sent. When I send any formatted Credit Card number, ClamAV does not
> recognize that there is a credit card number contained in the body of the
> text or as an attachment.
>
> Does anyone have any knowledge about this? Am I missing something?

By default you need to have at least 3 Credit Card numbers to trigger a detection:

# This option sets the lowest number of Social Security Numbers found
# in a file to generate a detect.
# Default: 3
#StructuredMinSSNCount 5

Best regards,
--Edwin
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Re: (no subject) [ In reply to ]
Correct. I lowered the StructuredMinCreditCardCount from 3 to 1 and sent
five CC#s at a time with no detection. It does detect SSNs fine.

Thanks, any other suggestions?

2012/3/3 Török Edwin <edwin+ml-clamav@etorok.net>

> On 03/03/2012 04:44 PM, Jayson Brush wrote:
> > Hello
> >
> > I currently have ClamSMTP and ClamAV 0.97.3 installed on CentOS with
> > postfix and dovecot. The setup works and ClamAV properly scans all emails
> > and detects viruses. However, I have enabled the DLP module in Clamd to
> > detect CC numbers and SSNs and lowered the threshold to 1 for each. When
> I
> > send and SSN number Clam properly logs that there was a SSN attempted to
> be
> > sent. When I send any formatted Credit Card number, ClamAV does not
> > recognize that there is a credit card number contained in the body of the
> > text or as an attachment.
> >
> > Does anyone have any knowledge about this? Am I missing something?
>
> By default you need to have at least 3 Credit Card numbers to trigger a
> detection:
>
> # This option sets the lowest number of Social Security Numbers found
> # in a file to generate a detect.
> # Default: 3
> #StructuredMinSSNCount 5
>
> Best regards,
> --Edwin
> _______________________________________________
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml
>



--
jayson
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Re: (no subject) [ In reply to ]
Please run freshclam, an update has been pushed.

Joel

On May 11, 2012, at 11:40 AM, Andrew Thompson wrote:

>
> Hello
> We were seeing a number of files being quarantined earlier with the reference
> BC.Exploit.CVE_2012_1847 FOUND and BC.Exploit.CVE_2012_0184 FOUND. The CVE
> numbers point to vulnerabilities found in Microsoft's Excel and Office
> suites. However, the files were not only excel spreadsheets but also some
> .msi files and word .doc files. Our other AV scanners (Sophos and Avira) see
> the files as clean, so is this a false positive ? I'm assuming yes. Also,
> interestingly, a copy of one of the files put back on the affected server has
> not been quarantined again. The various definitions have been updated by
> freshclam, so we are all up to date currently on that score. If someone could
> confirm if this was a signature that was wrong and causing the quarantine,
> that would be great.
>
> Version info below:
> clamscan -V
> ClamAV 0.97.3/14913/Fri May 11 16:03:22 2012
>
> running on a Centos 5.7 box.
>
> Thanks in advance.
>
> Andrew
>
>
>
> --
>
> Andrew Thompson
>
> andrew@x-2.org.uk
> _________________________________________________________
> This mail sent using V-webmail - http://www.v-webmail.org
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Re: (no subject) [ In reply to ]
I sent a note out on this yesterday with reference to most Mac OS X users
who have /usr/php/install-pear-nozlib.phar on their hard drives, having
already submitted the file as an FP. Since then there have been a couple of
other Unix users report similar results and a promise to get back to us, but
nothing yet.

Check the list archive for details.

Whether it's of any consequence or not depends on what version of PHP you
have. The CVE was reported back in January and concerned PHP 5.3.8 which
was apparently patched with PHP 5.4.0, but that's all I can seem to find
out.


-Al-

--
Al Varnell
Mountain View, CA

On 10/17/12 12:11 AM, "Steffen Ewert" wrote:

> Hi,
>
> with the newest DB (updated 4hours ago) I get the following virus detection:
>
> /share/c-on/download/Netzwerk/WebTools/DokuWiki/dokuwiki-2011-05-25a.tgz:
> PHP.Exploit.CVE_2011_4153-2 FOUND
> /share/c-on/download/Netzwerk/WebTools/DokuWiki/dokuwiki-2009-12-25c.tgz:
> PHP.Exploit.CVE_2011_4153-2 FOUND
>
> I assume this must be a wrong detection because both files wasn't changed
> since I had downloaded it (my backup application calc's every night a checksum
> of each file and only if the checksum differs the file will be backup again
> and the last time of the backup of both files was the day I have downloaded
> and stored the files).
>
> May be there are also other DokuWiki tgz files with this virus detection. I
> have only stored this both dokuwiki tgz files on my disk.
>
> Any other there which can confirm this (hopefully) wrong virus detection with
> the newest DB?


_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Re: (no subject) [ In reply to ]
Found your message. Thanks Al!

(and sorry for my forgotten subject ... :-( )

Steffen

> I sent a note out on this yesterday with reference to most Mac OS X users
> who have /usr/php/install-pear-nozlib.phar on their hard drives, having
> already submitted the file as an FP. Since then there have been a couple of
> other Unix users report similar results and a promise to get back to us, but
> nothing yet.
>
> Check the list archive for details.
>
> Whether it's of any consequence or not depends on what version of PHP you
> have. The CVE was reported back in January and concerned PHP 5.3.8 which
> was apparently patched with PHP 5.4.0, but that's all I can seem to find
> out.
>
>
> -Al-
>
> --
> Al Varnell
> Mountain View, CA
>
> On 10/17/12 12:11 AM, "Steffen Ewert" wrote:
>
> > Hi,
> >
> > with the newest DB (updated 4hours ago) I get the following virus detection:
> >
> > /share/c-on/download/Netzwerk/WebTools/DokuWiki/dokuwiki-2011-05-25a.tgz:
> > PHP.Exploit.CVE_2011_4153-2 FOUND
> > /share/c-on/download/Netzwerk/WebTools/DokuWiki/dokuwiki-2009-12-25c.tgz:
> > PHP.Exploit.CVE_2011_4153-2 FOUND
> >
> > I assume this must be a wrong detection because both files wasn't changed
> > since I had downloaded it (my backup application calc's every night a checksum
> > of each file and only if the checksum differs the file will be backup again
> > and the last time of the backup of both files was the day I have downloaded
> > and stored the files).
> >
> > May be there are also other DokuWiki tgz files with this virus detection. I
> > have only stored this both dokuwiki tgz files on my disk.
> >
> > Any other there which can confirm this (hopefully) wrong virus detection with
> > the newest DB?
>
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
> http://www.clamav.net/support/ml
>
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Re: (no subject) [ In reply to ]
The signature has been updated this morning to:

PHP.Exploit.CVE_2011_4153-2:0:*:3c3f{-512}646566696e6528{-20}7374725f72657065617428{-20}2461726776

Please update your signatures to Daily CVD 15471 or later.

Thanks,

- Alain
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Re: (no subject) [ In reply to ]
On Sun, Dec 21, 2014 at 9:04 AM, jpff <jpff@codemist.co.uk> wrote:

> Since building 0.98.5 I am seeing
>
> ERROR: This tool requires libclamav with functionality level 79 or higher
> (current f-level: 77)
>
> when updating rules. I assume I have some mis-configuration but what?
> ==John ff


Hey John,

You can take a look at this email thread on the clamav-users mailing list
for a solution:
http://lurker.clamav.net/message/20141119.095431.a8b6e9c8.en.html

Thanks,

Shawn
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Thank you Shawn; that fixes it. I did look at the archive but clearly
inadequately

All working at company and university
==John ffitch
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Respected Sir/Madam,

Could you tell me step-wise how to install stable version 0.98.5 from
source code in ubuntu???

---------------

Naresh

On Sun, Dec 28, 2014 at 1:47 AM, jpff <jpff@codemist.co.uk> wrote:

> Thank you Shawn; that fixes it. I did look at the archive but clearly
> inadequately
>
> All working at company and university
> ==John ffitch
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Is the file currently being written to by another process?

dp

On 9/3/16 2:07 AM, Gérard Lemarié wrote:
> Hello,
>
>
> When I run a clamscan on my computer, clamav returns to me an lot of similar error messages :
>
>
> LibClamaV Warning: fmap_readpage : preadfail : asked for 4085 bytes@offset11, got 0
>
>
> Could you help me for this ?
>
> Regards
> Gérard Lemarié
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml


_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
>LibClamaV Warning: fmap_readpage : preadfail : asked for 4085
>bytes@offset11, got 0

An old post but hopefully advice is still sound...

http://www.gossamer-threads.com/lists/clamav/users/50788

Cheers,

Steve
Web : sanesecurity.com
Blog: sanesecurity.blogspot.com
Twitter: @sanesecurity

_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
> ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check
> permissions!).
> ERROR: Problem with internal logger (UpdateLogFile =
> /var/log/clamav/freshclam.log).

I expect you solved this already?

> WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net

Whenever I see this and freshclam cannot resolve it by itself, what I usually do is just remove all signature files (or move them elsewhere) and re-run freshclam. Then it will download all signature files again and be fully updated. I don't know if there's another/better solution; it just works for me.


--
Rob

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Hey,

Firstly, this is a permissions issue with the freshclam.log file. I would verify that clamav can write to the log file and see what you have the permissions of that file as.
IF you created the clamav user when you first installed clamav, you might need to chown the file with the clamav user.

You can also check the freshclam.conf file to verify that it looks good with the logging (pointing in the right location..etc)


Thank you,


Tom M




On 12/6/17, 7:22 AM, "clamav-users on behalf of Rob Sterenborg" <clamav-users-bounces@lists.clamav.net on behalf of r.sterenborg@netmatch.nl> wrote:

>ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check
>permissions!).
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Hello George,

I will look into those mirrors to see if they are down. IF a mirror is not working, it should look to find another one. You could also try 'wget database.clamav.net/main.cvd'
To see if it manually downloads it that way, then drop the file in the location


We have been working hard to correct a lot of mirror issues, but as you can see- we still have a long way to go to make mirrors work better.
It is my hope that I can get the mirrors more stable for everyone moving forward.


Thank you,


Tom M




On 12/6/17, 7:14 AM, "clamav-users on behalf of George" <clamav-users-bounces@lists.clamav.net on behalf of gdparlichev@gmail.com> wrote:

>Dear All,
>
>How do I update my ClamAV database? I can provide the following details
>regarding my problem:
>1. I run ClamAV 0.99.2/24010;
>2. After starting clamscan, I get "The virus database is older than 7 days!
>Please update it as soon as possible."
>3. Ran "sudo /etc/init.d/clamav-freshclam stop; sudo freshclam -v to
>manually update the ClamAV database, however;
>4. The following error keeps repeating:
>
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>...
>Giving up on database.clamav.net...
>
>5. So I restarted the ClamAV daemon:
>user@virus:~$ sudo /etc/init.d/clamav-freshclam start
>[ ok ] Starting clamav-freshclam (via systemctl): clamav-freshclam.service.
>
>After reading the documentation (https://www.clamav.net/documents/) and the
>Archives and finding no solution, I decided to ask the community.
>Please find attached the full Clamscan error log and my trial to update the
>database manually. Please find the log output below (between #START and
>#END). Thanks in advance.
>
>Best regards,
>George
>
>#START
>user@virus:~$ freshclam
>ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check
>permissions!).
>ERROR: Problem with internal logger (UpdateLogFile =
>/var/log/clamav/freshclam.log).
>user@virus:~$ man clamscan
>user@virus:~$ clamscan -r --max-filesize=5 -i --remove /home/user
>LibClamAV Warning: **************************************************
>LibClamAV Warning: *** The virus database is older than 7 days! ***
>LibClamAV Warning: *** Please update it as soon as possible. ***
>LibClamAV Warning: **************************************************
>
>----------- SCAN SUMMARY -----------
>Known viruses: 9515915
>Engine version: 0.99.2
>Scanned directories: 9277
>Scanned files: 73380
>Infected files: 0
>Total errors: 2
>Data scanned: 0.00 MB
>Data read: 44128.53 MB (ratio 0.00:1)
>Time: 324.804 sec (5 m 24 s)
>user@virus:~$ sudo /etc/init.d/clamav-freshclam stop
>[sudo] password for user:
>[ ok ] Stopping clamav-freshclam (via systemctl): clamav-freshclam.service.
>user@virus:~$ freshclam
>ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check
>permissions!).
>ERROR: Problem with internal logger (UpdateLogFile =
>/var/log/clamav/freshclam.log).
>user@virus:~$ sudo freshclam -v
>Current working dir is /var/lib/clamav
>Max retries == 5
>ClamAV update process started at Tue Nov 21 11:07:07 2017
>Using IPv6 aware code
>Querying current.cvd.clamav.net
>TTL: 1748
>Software version from DNS: 0.99.2
>main.cvd version from DNS: 58
>main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
>sigmgr)
>daily.cvd version from DNS: 24059
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>WARNING: Incremental update failed, trying to download daily.cvd
>Whitelisting short-term blacklisted mirrors
>Retrieving http://db.local.clamav.net/daily.cvd
>Ignoring mirror 193.92.150.194 (due to previous errors)
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: Can't download daily.cvd from db.local.clamav.net
>Trying again in 5 secs...
>ClamAV update process started at Tue Nov 21 11:07:18 2017
>Using IPv6 aware code
>Querying current.cvd.clamav.net
>TTL: 1736
>Software version from DNS: 0.99.2
>main.cvd version from DNS: 58
>main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
>sigmgr)
>daily.cvd version from DNS: 24059
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>WARNING: Incremental update failed, trying to download daily.cvd
>Whitelisting short-term blacklisted mirrors
>Retrieving http://db.local.clamav.net/daily.cvd
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: Can't download daily.cvd from db.local.clamav.net
>Trying again in 5 secs...
>ClamAV update process started at Tue Nov 21 11:07:23 2017
>Using IPv6 aware code
>Querying current.cvd.clamav.net
>TTL: 1731
>Software version from DNS: 0.99.2
>main.cvd version from DNS: 58
>main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
>sigmgr)
>daily.cvd version from DNS: 24059
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>WARNING: Incremental update failed, trying to download daily.cvd
>Whitelisting short-term blacklisted mirrors
>Retrieving http://db.local.clamav.net/daily.cvd
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: Can't download daily.cvd from db.local.clamav.net
>Trying again in 5 secs...
>ClamAV update process started at Tue Nov 21 11:07:29 2017
>Using IPv6 aware code
>Querying current.cvd.clamav.net
>TTL: 1726
>Software version from DNS: 0.99.2
>main.cvd version from DNS: 58
>main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
>sigmgr)
>daily.cvd version from DNS: 24059
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>WARNING: Incremental update failed, trying to download daily.cvd
>Whitelisting short-term blacklisted mirrors
>Retrieving http://db.local.clamav.net/daily.cvd
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: Can't download daily.cvd from db.local.clamav.net
>Trying again in 5 secs...
>ClamAV update process started at Tue Nov 21 11:07:34 2017
>Using IPv6 aware code
>Querying current.cvd.clamav.net
>TTL: 1720
>Software version from DNS: 0.99.2
>main.cvd version from DNS: 58
>main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
>sigmgr)
>daily.cvd version from DNS: 24059
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>Retrieving http://db.local.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>ERROR: getpatch: Can't download daily-24011.cdiff from db.local.clamav.net
>WARNING: Incremental update failed, trying to download daily.cvd
>Whitelisting short-term blacklisted mirrors
>Retrieving http://db.local.clamav.net/daily.cvd
>Ignoring mirror 193.92.150.194 (due to previous errors)
>ERROR: Can't download daily.cvd from db.local.clamav.net
>Giving up on db.local.clamav.net...
>ClamAV update process started at Tue Nov 21 11:07:34 2017
>Using IPv6 aware code
>Querying current.cvd.clamav.net
>TTL: 1720
>Software version from DNS: 0.99.2
>main.cvd version from DNS: 58
>main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
>sigmgr)
>daily.cvd version from DNS: 24059
>Retrieving http://database.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from database.clamav.net
>Retrieving http://database.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from database.clamav.net
>Retrieving http://database.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from database.clamav.net
>Retrieving http://database.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>WARNING: getpatch: Can't download daily-24011.cdiff from database.clamav.net
>Retrieving http://database.clamav.net/daily-24011.cdiff
>Ignoring mirror 193.92.150.194 (due to previous errors)
>ERROR: getpatch: Can't download daily-24011.cdiff from database.clamav.net
>WARNING: Incremental update failed, trying to download daily.cvd
>Whitelisting short-term blacklisted mirrors
>Retrieving http://database.clamav.net/daily.cvd
>Ignoring mirror 193.92.150.194 (due to previous errors)
>ERROR: Can't download daily.cvd from database.clamav.net
>Giving up on database.clamav.net...
>Update failed. Your network may be down or none of the mirrors listed in
>/etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/
>mirrors-faq.html for possible reasons.
>user@virus:~$ sudo /etc/init.d/clamav-freshclam start
>[ ok ] Starting clamav-freshclam (via systemctl): clamav-freshclam.service.
>user@virus:~$
>
>#END
>_______________________________________________
>clamav-users mailing list
>clamav-users@lists.clamav.net
>http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
>Help us build a comprehensive ClamAV guide:
>https://github.com/vrtadmin/clamav-faq
>
>http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Hi Tom,

Thanks for this timely reply. Could you provide a solution or link to
update the database by myself?

Best regards,
George


2017-12-06 16:57 GMT+02:00 Thomas McCourt (tmccourt) <tmccourt@cisco.com>:

> Hello George,
>
> I will look into those mirrors to see if they are down. IF a mirror is not
> working, it should look to find another one. You could also try 'wget
> database.clamav.net/main.cvd'
> To see if it manually downloads it that way, then drop the file in the
> location
>
>
> We have been working hard to correct a lot of mirror issues, but as you
> can see- we still have a long way to go to make mirrors work better.
> It is my hope that I can get the mirrors more stable for everyone moving
> forward.
>
>
> Thank you,
>
>
> Tom M
>
>
>
>
> On 12/6/17, 7:14 AM, "clamav-users on behalf of George" <
> clamav-users-bounces@lists.clamav.net on behalf of gdparlichev@gmail.com>
> wrote:
>
> >Dear All,
> >
> >How do I update my ClamAV database? I can provide the following details
> >regarding my problem:
> >1. I run ClamAV 0.99.2/24010;
> >2. After starting clamscan, I get "The virus database is older than 7
> days!
> >Please update it as soon as possible."
> >3. Ran "sudo /etc/init.d/clamav-freshclam stop; sudo freshclam -v to
> >manually update the ClamAV database, however;
> >4. The following error keeps repeating:
> >
> >Retrieving http://db.local.clamav.net/daily-24011.cdiff
> >Ignoring mirror 193.92.150.194 (due to previous errors)
> >Ignoring mirror 193.92.150.194 (due to previous errors)
> >WARNING: getpatch: Can't download daily-24011.cdiff from
> db.local.clamav.net
> >...
> >Giving up on database.clamav.net...
> >
> >5. So I restarted the ClamAV daemon:
> >user@virus:~$ sudo /etc/init.d/clamav-freshclam start
> >[ ok ] Starting clamav-freshclam (via systemctl):
> clamav-freshclam.service.
> >
> >After reading the documentation (https://www.clamav.net/documents/) and
> the
> >Archives and finding no solution, I decided to ask the community.
> >Please find attached the full Clamscan error log and my trial to update
> the
> >database manually. Please find the log output below (between #START and
> >#END). Thanks in advance.
> >
> >Best regards,
> >George
> >
>
>I deleted the rest of the message
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Hello,

Yeah, run the wget command

Wget database.clamav.net/main.cvd
That should download it


Thanks,


Tom





On 12/6/17, 11:18 AM, "clamav-users on behalf of George" <clamav-users-bounces@lists.clamav.net on behalf of gdparlichev@gmail.com> wrote:

>wget
>database.clamav.net/main.cvd'
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Thanks, but this doesn't update the daily.cvd. Should I wait for you to fix
the mirros or can I do something myself? Sorry for bothering you, but if
there was some guide on what to do in such cases, I would use it myself.

Best regards,
George

2017-12-06 18:32 GMT+02:00 Thomas McCourt (tmccourt) <tmccourt@cisco.com>:

> Hello,
>
> Yeah, run the wget command
>
> Wget database.clamav.net/main.cvd
> That should download it
>
>
> Thanks,
>
>
> Tom
>
>
>
>
>
> On 12/6/17, 11:18 AM, "clamav-users on behalf of George" <
> clamav-users-bounces@lists.clamav.net on behalf of gdparlichev@gmail.com>
> wrote:
>
> >wget
> >database.clamav.net/main.cvd'
> _______________________________________________
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
wget database.clamav.net/daily.cvd for the daily updates.

On 12/6/2017 12:03 PM, George wrote:
> Thanks, but this doesn't update the daily.cvd. Should I wait for you to fix
> the mirros or can I do something myself? Sorry for bothering you, but if
> there was some guide on what to do in such cases, I would use it myself.
>
> Best regards,
> George
>
> 2017-12-06 18:32 GMT+02:00 Thomas McCourt (tmccourt) <tmccourt@cisco.com>:
>
>> Hello,
>>
>> Yeah, run the wget command
>>
>> Wget database.clamav.net/main.cvd
>> That should download it
>>
>>
>> Thanks,
>>
>>
>> Tom
>>
>>
>>
>>
>>
>> On 12/6/17, 11:18 AM, "clamav-users on behalf of George" <
>> clamav-users-bounces@lists.clamav.net on behalf of gdparlichev@gmail.com>
>> wrote:
>>
>>> wget
>>> database.clamav.net/main.cvd'
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users@lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
> _______________________________________________
> clamav-users mailing list
> clamav-users@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
Re: (no subject) [ In reply to ]
for the sake of archives and readers:

can mailing lists please start to reject posts with braindead "(no
subject)" and people learn to compose readable mails where answers are
not randomly on top, bottom and dozen times signatures quoted?

i could puke each time someone replies to this thread
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (no subject) [ In reply to ]
Welcome

1. Please see the documentation:
https://www.clamav.net/documents/installing-clamav
bash # yum install -y epel-release # yum install -y clamav

2. This is not clamav related. Though: You can use " yum install yum-plugin-downloadonly" to enable you to download the packages on another system, put it on a stick or dvd if you like and create a new repo locally on your offline system.
Much easier ould be to configure your iptables.



-----Original Message-----
From: clamav-users [mailto:clamav-users-bounces@lists.clamav.net] On Behalf Of Robert Huth
Sent: Friday, April 20, 2018 1:49 PM
To: clamav-users@lists.clamav.net
Subject: [clamav-users] (no subject)

Hello,

I am new to the Linux world and I am learning as I go. I have a couple of
issues that I would like to get resolved. Please feel free to provide me
answers as to how can I resolved these on my own.


My issues are as follow.

1. I am not able to install ClamAV 0.100.0. I have installed epel v7 with
no issue. When i usethe following command "yum install ClamAV" (File name)
the installation starts and then list errors (see attachment). The errors
look as if a previous version is trying to install.
2. How will I be able to install updates to the system. The laptop will
not be allow to connected to other networks or the internet once it is
approved for processing information. This will be a standalone PC. Is there
any solution such as a CD/ DVD that can be used to download and tranfer the
definitions to the PC? If so what is the process for getting the updated
definitions.


System Configuration
One standalone laptop
Running Windows 10 (Host OS)
VMWare Pro 14 with RHEL 6.9 install as the guest
Clam AV version used is ClamAV 0.100.0


Thanks,
Robert
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
________________________________________________________________________
The information contained in this e-mail is for the exclusive use of the
intended recipient(s) and may be confidential, proprietary, and/or
legally privileged. Inadvertent disclosure of this message does not
constitute a waiver of any privilege. If you receive this message in
error, please do not directly or indirectly use, print, copy, forward,
or disclose any part of this message. Please also delete this e-mail
and all copies and notify the sender. Thank you.
________________________________________________________________________
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Re: (No Subject) [ In reply to ]
I'm told that the current implementation for VirusEvent in clamd doesn't play well with OnAccess scanning due to the way clamd and OnAccess use threads and the way the current VirusEvent feature relies on forking. VirusEvent was disabled when used with OnAccess until a better implementation can be implemented.

We have a bugzilla ticket here to track the issue: https://bugzilla.clamav.net/show_bug.cgi?id=12152.

Regards,
Micah

Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Aug 3, 2018, at 10:38 PM, greengrasseyes <greengrasseyes@protonmail.com<mailto:greengrasseyes@protonmail.com>> wrote:

I am having a similar issue can anyone confirm or deny this is the
reason for issue:

https://bbs.archlinux.org/viewtopic.php?id=237489

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

1 2 3 4 5 6 7 8  View All