CentOS 5 Server :: ClamAV - All Primary Virus Scanners Failed
Jun 21, 2010
I'm having a little trouble with ClamAV. Everytime someone sends me an email I get this error in my Webmin Mail Log. Now the mail works and it goes to the quarantine or to the user mail box but this error fills up my mail log and I'm assuming it is not using ClamAV virus definitions to scan the mail? How would I get rid of this error?
I checked in my /etc/clamd.conf and I have AllowSupplementaryGroups yes. What can be causing this error?
I am using ClamAV 0.96.1
Spamassassin 3.3.12
PostFix 2.3.3
CentOS 5.5
I'm planning to setup an FTP folder which will be public facing, this will mostly be Windows document (e.g .doc files, .exe files etc) I do not want my folder to have any Windows based viruses (or linux ones for that matter), thus I need a way to prevent infected files being distributed via my FTP. Can anyone recommend a linux virus scanner which will remove windows viruses.
I have installed clamav antivirus,and while scanning it shows the following warning
LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: **************************************************
And so i have tried to update the virus database as root,using this command
# freshclam bash: freshclam: command not found
but i cant,can you pls say me how to update the virus database...
I was curious if anyone has attempted or successfully converted a kaspersky virus signature file to clamav signature? During a trial period using kaspersky anti virus for our web server I successfully petitioned them to write signatures for some nasty php web-shell hacks, and now that the trial period has expired I don't have the ability to scan for the files anymore (I know I am cheap!). The first hurdle would be finding the correct file, as their signatures are all done in hexadecimal format, and my knowledge for searching through that type of file is very limited.
I have seen that we can scan for viruses and also virus infected files with ClamAV but is there any possibility that ClamAV can repair virus infected files.
when I attempt to scan anything with clamav from a terminal I get the following error:
ERROR: Can't create temporary directory /var/lib/clamav/clamav-da584cb3f4ee38529f0460ad6f7dc632 Hint: The database directory must be writable for UID 999 or GID 100
Which I take to mean that there are no virus definitions installed. I use the "freshclam" command. Which results in the following error:
ERROR: Can't create temporary directory /var/lib/clamav/clamav-da584cb3f4ee38529f0460ad6f7dc632 Hint: The database directory must be writable for UID 999 or GID 100
After the EOL of 0.94 clamav, I removed it stopped amavisd from having my mail scanned, and installed the new version of clamav 0.96. But, when I try to start amavisd and send a test mail these bunch of errors appears:
[code]....
I've read some posts that had no reply, someone tried to telnet to 127.0.0.1:3110 "the default port of clamd". I tried that but I got connection refused.
I have a server Linux/Centos 5.3 who I have formed it like server of data with samba for a network with 5 Windows XP terminals; desire to know if it is also possible to form this equipment like server anti-virus multiplatform so that it can look for virus (and clean) to the terminals win xp.
I was looking for by the network on this subject, but I have not had favorable results, please if somebody could help with some Link or tutorial me that has found.
Is set up a postfix, dovecot + clamav server as described in the wiki. I also use the freshclam update script in /etc/cron.daily/freshclam. But my problem is i get this error message every day:
/etc/cron.daily/freshclam:
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log). ERROR: /var/log/clamav/freshclam.log is locked by another process
I'm wondering why we can't received email when our primary DNS went down. We have slave DNS but don't know why we can't receive emails. Internet is working properly. The mail file in /etc/configuration on slave dns are there & the zone file is added. I edited the mail zone file to see if it works & restarted the named service. But still we can't received emails using the slave DNS. Do I need to reboot the server?
I'm trying to setup a Centos 5.6 Squid Proxy Server with Content Filtering & Antivirus Scanning Incoming HTTP Traffic from the Internet
I then proceeded to setup an configure the Proxy Server, i was able to test and confirm that Squid and Dansguardian Content Filter is working, however i dont know if Clamav is scanning HTTP traffic before it hits the client/server. Is there a way i can check if the Antivirus scanning is working.. is there some log file or real world test i can i can do to confirm that Clamav is scanning incoming traffic or even blocking potential viruses ??
Anyone who has squid proxy server with Clamav configured and its working can share there settings/setup with me and how they tested it ??
I am trying to set up a Mail Server -- Virtual Users with Postfix, PostfixAdmin, Courier, Mailscanner, ClamAV On CentOS 5.5 using this guide. These are the version and softwares I have used till now:-
I have a Cent OS dedicated server, not sure what version though as I'm new to Linux. How do I find out what version I have? Is there an anti virus or security package that I can install on my server which can use Cron Jobs to do a scan every 12 hours.
I've had fail2ban setup for awhile for my SSH server, and that works beautifully (I had someone I knew attempt to access it and get banned) however I then tried to set it up to ban people scanning my webserver for lots of other pages which dont exist (and have never been linked to) such as phpMyAdmin.
In my jail.conf I have:
Code:
However Looking at this I realise I need to edit the filter.d/apache-error.conf
I'm not sure exactly how to setup the regex to ban the correct hosts
I am semi new to UBUNTU worked a bit with it in the passed on vps and that. but i am currentaly tring to make a module for *Zpanel* i am making an anti virus module and am going to be using clamav. up to now everything has been going smoothly but i have hit massive problem.
I am tring to do this:
Code:
And i get this in return
Code:
Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
The following information may resolve the situation:
The following packages have unmet dependencies.
I dont get any install. and the information i have collect from people say that and install should not be stopped becuase of an depend
So as any one who is semi new would do i then tried installing the depend
Code:
And i get this in return
Code:
E: Package 'phpapi-20060613+lfs' has no installation candidate
So it look like problem after problem
Does any one know why i can not install php5-clamavlib
I have UBUNTU 11.04 desktop (with zpanel installed on it)
*zpanel an open source web hosting panel for windows and NOW LINUX (zpanel has just been release on UBUNTU ONLY ).
I recently did a fresh install of squeeze. I have the stock 32 kernel along with the 34 from experimental (it is listed as stable by kernel.org). I installed version 195.36.24 of the Nvidia driver using the Nvidia installer, and after starting X the system became unresponsive.
grep '^(E' /var/log/Xorg.0.log (EE) May 21 11:28:50 NVIDIA(0): Failed to allocate primary buffer: out of memory. (EE) NVIDIA(0): *** Aborting ***
I find this strange considering that I have used this driver with no problem on a 33 kernel and the same video card:
01:00.0 VGA compatible controller [0300]: nVidia Corporation G72M [Quadro NVS 110M/GeForce Go 7300] [10de:01d7] (rev a1) (prog-if 00 [VGA controller]) Subsystem: ASUSTeK Computer Inc. Device [1043:1212] Flags: bus master, fast devsel, latency 0, IRQ 16
[code]....
I believe it has 256MB of video memory, and I have 1GB of system memory. Is this just a problem with the 34 kernel?
I have this problem and the workstation is on windows 7 and the domain is on samba. My Xp computers are connecting fine just the windows 7 ones.i've even tried to do the registry edit and its not working.
I tried to install php from source file on centos server and i got the error as # ./configure --with-apxs2=/usr/local/packages/apache/bin/apxs --with-mysql --prefix=/usr/local/packages/apache/php --enable-force-cgi-redirect --disable-cgi --with-zlib --with-gettext --with-gdbm
checking for specified location of the MySQL UNIX socket... no checking for MySQL UNIX socket location... /var/lib/mysql/mysql.sock checking for mysql_close in -lmysqlclient... no checking for mysql_error in -lmysqlclient... no configure: error: mysql configure failed. Please check config.log for more information.
after upgrading ClamAV to version 0.97.1 and run the command Code: clamscan -r -i / --exclude-dir=^/sys --exclude-dir=^/dev --exclude-dir=^/proc | mail -s "clamav scan report XYSERVER" xy@mail.com the following errors appeared:
We have a CentOS server which has beed restarted due to some reason. Now we have ping to the server and we can reboot it via KVM, but the server loads to some messaageThis is filter.unknown_domain (Linux ...)Filter Login:and then it stops. Do you have an idea what might be the problem and how can we fix it?
I am trying to install proftpd from source with the mod_clamav-0.10. I am using CentOS 5.5. I would love to get proftpd with clamav working. I had it installed previously through yum and uninstalled it before trying to do reinstall it through source. yum erase proftpd
I am running Zimbra 5.0.2 with ClamAV and I need to upgrade clam anti virus. It's for a Centos 5.4, Dell PE 2950 machine. On their Wiki for upgrades at [URL]. They recommended either of the Red hat versions - Redhat 5.x 32-bit or the Redhat 5.x 64-bit. Are there any known problems using either of these two versions on my Centos machine? Also, want to make sure, I am assuming I need the 32 bit version, is this correct? I am asking because in the past I have learned sometimes it's better to not go with the RH versions on Centos, can't remember where I heard that, so I want to make sure before I do the install.
A simple FTP server which allows me to acces the /var/www/html directory to upload new files for my apache webserver.
What are my problems:
When trying to login it says the following:
***Begin*** [root@ICT2-Gateway ~]# ftp 127.0.0.1 Connected to 127.0.0.1. 220 FTP Server ready. 500 AUTH not understood
[Code]....
As you can see this has nothing to do with faulty firewall settings since i'm only trying this locally. Futhermore the password is 100% correct (and keyboard layout).
Since I've changed alot in my config file it thought it's not worth mentioning here, I'm reverting back to default.
I got CentOS 5.4 with LAMP. Installed Plesk, tried to configure it, and then error - Quote:Unable to restart Named: dnsmng failed: dnsmng failed: dnsmng: Service /etc/init.d/named failed to restart
