Red Hat / Fedora :: How To Update Clamav Virus Definitions
Jun 14, 2009
I have installed clamav antivirus,and while scanning it shows the following warning
LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
And so i have tried to update the virus database as root,using this command
# freshclam
bash: freshclam: command not found
but i cant,can you pls say me how to update the virus database...
I was curious if anyone has attempted or successfully converted a kaspersky virus signature file to clamav signature? During a trial period using kaspersky anti virus for our web server I successfully petitioned them to write signatures for some nasty php web-shell hacks, and now that the trial period has expired I don't have the ability to scan for the files anymore (I know I am cheap!). The first hurdle would be finding the correct file, as their signatures are all done in hexadecimal format, and my knowledge for searching through that type of file is very limited.
I have seen that we can scan for viruses and also virus infected files with ClamAV but is there any possibility that ClamAV can repair virus infected files.
I'm having a little trouble with ClamAV. Everytime someone sends me an email I get this error in my Webmin Mail Log. Now the mail works and it goes to the quarantine or to the user mail box but this error fills up my mail log and I'm assuming it is not using ClamAV virus definitions to scan the mail? How would I get rid of this error?
I checked in my /etc/clamd.conf and I have AllowSupplementaryGroups yes. What can be causing this error? I am using ClamAV 0.96.1 Spamassassin 3.3.12 PostFix 2.3.3 CentOS 5.5
when I attempt to scan anything with clamav from a terminal I get the following error:
ERROR: Can't create temporary directory /var/lib/clamav/clamav-da584cb3f4ee38529f0460ad6f7dc632 Hint: The database directory must be writable for UID 999 or GID 100
Which I take to mean that there are no virus definitions installed. I use the "freshclam" command. Which results in the following error:
ERROR: Can't create temporary directory /var/lib/clamav/clamav-da584cb3f4ee38529f0460ad6f7dc632 Hint: The database directory must be writable for UID 999 or GID 100
I have installed CLAMAV in Fedora 11 and when I try to update it says update failed I have tried to find a reason why but unfortunately I am lost. Sony VAIO VGN TXHP1 laptop Fedora 11 Gnome i1568 Wireless connection seems fine.
i was using mandriva before and fedora is new i have installed clamav antivirus but clamav won update i must change clamd.d and maybe freshlam.conf but how do i that under mandriva clamav-freshclam does the job but here it is different
I have a server im trying to use with clamAV to scan it all and with cron job. it worked fine for few days, sending me emails with reports, i was happy. now i get ERR emails and when running manually i get the follwing message output: Script: clamav-cron v. 0.6 - Copyright 2009, Stefano Stagnaro Scanned: /
I am currently working on "Creation of Postmortem data logger in Linux on Intel architecture. Its nothing but core utility creation. how the signal handlers for various signals(SIGSEGV,SIGABRT,SIGFPE etc) which produce core dump upon crashing an application internally implemented in Linux kernel. I need to re-write these signal handlers with my own user specific needs and rebuild the kernel. It makes my kernel producing the core file (upon crashing an application) with user specific needs like showing registers,stackdump and backtrace etc.
My probles consists in that i have no idea on how update the clamav. I downloaded it throu center of software. Butt when i try to upgrade it from the gui the upgrading bar reaches only 15% and desapears. I tried do type freshclam from root command line but it just writes that there is not such command. May be i use incorrectly the command line.
I'm getting an md5 checksum error during updating. Using the update manager. I'll post a snapshot. Screenshot-Changes applied.png (38.46 KiB) Viewed 219 times
I have a server that is installed with clamav but is not directly connected to internet. Is it possible to update the virus database with following command:
clamscan -d daily.cvd
where "daily.cvd" is the current file available from clamav's website.
Would that change the entire virus database to just that file, or will it update incrementally based on what is already in virus database? Do I need to update main.cvd and daily.cvd as well?
Note, using command "freshclam" is out of the question because I cannot directly connect machine to internet.
Im currently trying to update my Suse 11.1 copy of Linux.
I got some messages that Clamav was not up to date.
I tried to use YUM which I installed on the machine but that did nothing.
It seems that I can only update Clamav by using Klamav.
Whats happening is that the system is telling me that its going to recompile Clamav, starts doing various tasks but doesnt really work.
When I use YUM on my CentOS 5.3 server it simply updates Clamav to the current version and then I use Freshclam to update the virus definitionsdone.
My questions is this; is there anyway to get the latest version of Clamav without going through the that Klamav thing. Klamav seems O.K. for updating the virus definitions but thats all.
Whats wrong with all the Linux software people?
Cant they just get their act together and make their software work. Im also trying to set up a mail server on my Suse 11.1 box but between figuring out how to install Postfix, Dovecot, Cirus-IMAP Im not getting anywhere.
As much as I hate to say this, these things only seem to be rocket science on Linux. I have much less problems installing software on Windoz.
Linux software people need to come up with workable install programs for their software products so more people who arent software experts can make Linux really workable.
I am semi new to UBUNTU worked a bit with it in the passed on vps and that. but i am currentaly tring to make a module for *Zpanel* i am making an anti virus module and am going to be using clamav. up to now everything has been going smoothly but i have hit massive problem.
I am tring to do this:
Code:
And i get this in return
Code:
Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
The following information may resolve the situation:
The following packages have unmet dependencies.
I dont get any install. and the information i have collect from people say that and install should not be stopped becuase of an depend
So as any one who is semi new would do i then tried installing the depend
Code:
And i get this in return
Code:
E: Package 'phpapi-20060613+lfs' has no installation candidate
So it look like problem after problem
Does any one know why i can not install php5-clamavlib
I have UBUNTU 11.04 desktop (with zpanel installed on it)
*zpanel an open source web hosting panel for windows and NOW LINUX (zpanel has just been release on UBUNTU ONLY ).
can't seem to get my Linux AntiVirus Live update to download virus defs from my Windows Symantec Update Server?Windows workstations can update and download without a problem?When I run LiveUpdate from the side it errors out with "an error has occurred (code=-2,001)" Also, I'm not sure where the Linux defs are to be placed on my windows side for download from my linux workstations? I've found a couple good articles but everything I've tried hasn't fixed my problem? If I download the virus defs locally to each linux box I can update the virus defs without a problem, not a good option when I have several Linux boxes.
This started happening sometime yesterday afternoon on a server that's been trouble free for years.
My Ubuntu update is scheduled to run every month on the 5th, so this was roughly 10 days after that. So it seems to me it's not update related. The only thing I've done on the server lately is update a spamassassin rule which required an amavis restart. That was done earlier in the week.
I've already reviewed issues at [url] and all the conditions are correct for the more recent How to.
I can also confirm that, in fact, /var/run/clamav/clamd.ctl does not exist.
I have a dual boot computer. The WindowsXP "side" has been infected with a rootkit virus. So far UBUNTU has not been affected to my knowledge. I have not yet removed the virus from the WindowsXP "side". I am thinking of deleting the NTFS partition and have the computer fully dedicated to UBUNTU. Now for my question. Is there a possibility that the virus resides in the MBR and that I need to "rebuild" the MBR to actually remove the virus?
Even more extreme, should I totally re-install UBUNTU in the name of safety and precaution.
Where are the definitions for C library functions located? It was just recently that I realized that header files don't actually define any functions, they merely include their prototypes.
For instance, stdio.h includes the following line:
Code:
This just means that the definition of printf() is located in another file. What file? Is there some kind of default shared object file that is automatically included during compilation?
I have somehow managed to wreck the definitions /paths for my Home and Desktop. If I click on Places I now have a "Home Folder" displayed as "Open Your personal Folder", a "Desktop" displayed as "Open the contents of your Desktop in a folder" and a second "Home Folder" displays as "Open '/home/ian'"....and they all point to the same folder which is my personal user file "ian". This is kind of OK except that every file I have now gets displayed on my screen because "Desktop" has a view of these files. Is there any easy way to reset my file directory ? or do I have to backup my files and reinstall Ubuntu.
I was playing with top to understand ram memory usage of every thread but i am in trouble with some basic questions:
- what difference is between 'thread' and 'process'?
- what does 'virtual image size' means, and Resident size, Shared Mem size, Code size, Data+Stack size, Swapped size? I thought that the only important field is 'Memory usage', but it is represented as a percent value...
I have googled a bit, but nothing really helped me. before opening top i thought that memory is divided in several pages by every process/thread (?) and that this occupied memory would be counted as 'used memory', and nothing else.
I am trying to upgrade my clam AV to latest 0.9.6.1. Last times I just uploaded to the server and used RPM command and it was installing. Now I cant find RPM for this ver. So I guess I need to prepare one.
I used the guide here: Packaging software with RPM, Part 1: Building and distributing packages by IBM Changing all wget -> clamav
But when run this I got: # rpmbuild -v -bb --clean clamav.spec Executing(%prep): /bin/sh -e /var/tmp/rpm-tmp.74542 + umask 022 + cd /home/myclamav/BUILD + cd /home/myclamav/BUILD + rm -rf clamav-0.96.1 + /bin/gzip -dc /home/myclamav/SOURCES/clamav-0.96.1.tar.gz + tar -xf - + STATUS=0 + '[' 0 -ne 0 ']' + cd clamav-0.96.1 ++ /usr/bin/id -u + '[' 0 = 0 ']' + /bin/chown -Rhf root . ++ /usr/bin/id -u + '[' 0 = 0 ']' + /bin/chgrp -Rhf root . + /bin/chmod -Rf a+rX,u+w,g-w,o-w . + $' ' : command not found542: line 35: error: Bad exit status from /var/tmp/rpm-tmp.74542 (%prep) RPM build errors: Bad exit status from /var/tmp/rpm-tmp.74542 (%prep)
Is there a better way to create RPMs? or Where do I get RPM for this version? I couldn't find it through their site.
Is it possible to induce bash to interpret the ${tbl[1]} part to its actual value (1-6) when I reference those particular entries in the arrays? Using this instruction to do so code...