Clamav (0.99.2) has reared its head again and found a false posative for th release.
This is with an up to date version of the virus files etc.
Clamav (0.99.2) has reared its head again and found a false posative
for th release.
This is with an up to date version of the virus files etc.
And I have politely emailed them a few times now, filled out forms, submitted every recent release for their review, etc etc.
Crickets chirping.
And I have politely emailed them a few times now, filled out forms, submitted every recent release for their review, etc etc.
Crickets chirping.
maybe there are not enough others reporting the FP??
Ward: clamav can be used on windows xp aswell, to test if you have virus or not, dont blame clamav if you have it
On 03 Dec 17 21:29:56, Vince Coen said the following to Nick Andre:
Clamav (0.99.2) has reared its head again and found a false
posative for th release.
This is with an up to date version of the virus files etc.
And I have politely emailed them a few times now, filled out forms, submitted every recent release for their review, etc etc.
Crickets chirping.
monthly Belgian waffle recipe exchange.
OFFSET: ANY20XC00U?∞?∞
SIGMOD: NONE
DECODED SUBSIGNATURE:
OFFSET: 0MZ{WILDCARD_ANY_STRING(LENGTH<=800)} * SUBSIG ID 2
SIGMOD: NONE
DECODED SUBSIGNATURE:
OFFSET: 0MZ{WILDCARD_ANY_STRING(LENGTH<=800)}@
SIGMOD: NONE
DECODED SUBSIGNATURE:
Clamav (0.99.2) has reared its head again and found a false
posative for th release.
This is with an up to date version of the virus files etc.
And I have politely emailed them a few times now, filled out forms,
submitted every recent release for their review, etc etc.
Crickets chirping.
Yep, cannot say I am impressed by their support and update procedures.
I must try again and see if another virus checker is available for
Linux that is FOC or similar.
On 03 Dec 17 19:59:50, Mark Lewis said the following to Nick
Andre:
And I have politely emailed them a few times now, filled out forms, submitted every recent release for their review, etc etc.
Crickets chirping.
maybe there are not enough others reporting the FP??
A decent anti-virus product should treat every inquiry seriously
and not just when enough people make a case out of something. At
the very least, have a working Contact Us form on its website. But
thats not as amusing as this:
https://www.virustotal.com/#/file/6a7234448baf4c66951528e91b8f73f49 1ae5d9b19b1 0ebb8c131afe455244f1/detection
Nevermind that this piece of crap Clam chowder poor excuse poorly supported "product" gives a false positive, but it gives a false
positive where other WORSE crap poor excuse poorly supported
alternatives PASS the files with no problem.
None of this would be an issue if it wasn't the fact that Clam
Chowder never replies to my repeated messages and Janis at first
treated the Clam results as more accurate than mine - I was told in
no uncertain terms to "clean up my mess" and future hatching on the
NAB would be affected.
On 2017 Dec 03 18:30:32, you wrote to Vince Coen:
Clamav (0.99.2) has reared its head again and found a false posative
for th release.
This is with an up to date version of the virus files etc.
And I have politely emailed them a few times now, filled out forms, submitted every recent release for their review, etc etc.
Crickets chirping.
maybe there are not enough others reporting the FP??
And I have politely emailed them a few times now, filled out forms,
submitted every recent release for their review, etc etc.
Crickets chirping.
Yep, cannot say I am impressed by their support and update procedures.
Their last update was 7 months ago! I guess it's only important to
update definitions, and that's it.
I must try again and see if another virus checker is available for
Linux that is FOC or similar.
The only other scanner I saw on archlinux was p3scan. You can give it
a try but I'm fairly certain clamav is the best if not one of the only scanners for linux.
Hello Vince,
On Mon Dec 04 2017 17:06:02, Vince Coen wrote to Nick Andre:
Clamav (0.99.2) has reared its head again and found a false
posative for th release.
This is with an up to date version of the virus files etc.
And I have politely emailed them a few times now, filled out
forms, submitted every recent release for their review, etc etc.
Crickets chirping.
Yep, cannot say I am impressed by their support and update
procedures.
Their last update was 7 months ago! I guess it's only important to
update definitions, and that's it.
I must try again and see if another virus checker is available
for Linux that is FOC or similar.
The only other scanner I saw on archlinux was p3scan. You can give it
a try but I'm fairly certain clamav is the best if not one of the only scanners for linux.
However, since you know DB's false positive is a non-issue, why not
just put it in the ignore file? I'm sure you can wildcard the version
number or something.
Hello Vince,
On Mon Dec 04 2017 17:06:02, Vince Coen wrote to Nick Andre:
Clamav (0.99.2) has reared its head again and found a false
posative for th release.
This is with an up to date version of the virus files etc.
And I have politely emailed them a few times now, filled out
forms, submitted every recent release for their review, etc etc.
Crickets chirping.
Yep, cannot say I am impressed by their support and update
procedures.
Their last update was 7 months ago! I guess it's only important to
update definitions, and that's it.
I must try again and see if another virus checker is available
for Linux that is FOC or similar.
The only other scanner I saw on archlinux was p3scan. You can give it
a try but I'm fairly certain clamav is the best if not one of the only scanners for linux.
However, since you know DB's false positive is a non-issue, why not
just put it in the ignore file? I'm sure you can wildcard the version
number or something.
Regards,
Nick
... "Не знаю. Я здесь только работаю."
Their last update was 7 months ago! I guess it's only important
to update definitions, and that's it.
the signatures are the really important part, after all... but i have
to wonder why does the binary need to be updated when it is working as designed?
Yep, that did it - HOW :
Go to the directory containing the clamd DB in my case it is /var/lib/clamav
Create a file called whitelist.ign2 with ONE line of
Win.Virus.Virut-5914242-0
Make sure you do NOT have a blank line !!! as clam will produce an
error and stop.
Their last update was 7 months ago! I guess it's only important to
update definitions, and that's it.
the signatures are the really important part, after all... but i have
to wonder why does the binary need to be updated when it is working
as designed?
I would think if a false positive shows up, it's *not* working as designed. YMMV, though.
I would think if a false positive shows up, it's *not* working as
designed. YMMV, though.
that's not a bad binary... that's a bad signature...
EPLY: 1:3634/12.73 5a2884ef
SGID: 1:154/10 5a28a974
HRS: UTF-8 4
ZUTC: -0600
ID: hpt/lnx 1.9.0-cur 14-08-16
Hello mark,
On Wed Dec 06 2017 19:01:32, mark lewis wrote to Nicholas Boel:
I would think if a false positive shows up, it's *not* working as NB>NB>> designed. YMMV, though.
that's not a bad binary... that's a bad signature...
Whatever it is, it's not working right.. and they're not answering the requests to fix it. That's a problem.
This isn't meant as a criticism, but why hang your hat on one
antivirus program when there are more of them? I haven't used Linux
since Mandrake, so that's the onlu experience I have with it.
On Fri Dec 08 2017 14:36:46, Roger Nelson wrote to Nicholas Boel:
This isn't meant as a criticism, but why hang your hat on one
antivirus program when there are more of them? I haven't used Linux
since Mandrake, so that's the onlu experience I have with it.
I think we've already been through this. Try to find another FREE antivirus scanner for Linux. It's pretty darn tough! ;)
This isn't meant as a criticism, but why hang your hat on one
antivirus program when there are more of them? I haven't used
Linux since Mandrake, so that's the onlu experience I have with
it.
I think we've already been through this. Try to find another FREE
antivirus scanner for Linux. It's pretty darn tough! ;)
What about AVG? It's free, although I think they want you to register
it yearly. Other than that, there is no cost involved.
I think we've already been through this. Try to find another FREE antivirus scanner for Linux. It's pretty darn tough! ;)
What about AVG? It's free, although I think they want you to register
it yearly. Other than that, there is no cost involved.
On Fri Dec 08 2017 18:38:04, Roger Nelson wrote to Nicholas Boel:
This isn't meant as a criticism, but why hang your hat on one
antivirus program when there are more of them? I haven't used
Linux since Mandrake, so that's the onlu experience I have with
it.
I think we've already been through this. Try to find another FREE
antivirus scanner for Linux. It's pretty darn tough! ;)
What about AVG? It's free, although I think they want you to register
it yearly. Other than that, there is no cost involved.
I search for "avg free linux" and any link I go to anything
regarding Linux has been removed. Even AVG's site only seems to
offer a Windows, Mac, and Android version for download. The
sourceforge page that had anything to do with AVG has been removed,
and although I did find a user manual for AVG 8.5 for Linux, the
copyright on the pdf is 2008.
Lastly, the "System requirements" on the actual AVG page, where any outside link for a Linux version goes to (https://www.avg.com/en-us/free-antivirus-download) only lists:
Windows 10, 8, 7 Vista, XP SP3
OSX 10.8 Mountain Lion or above
Android 2.2 or above
Nothing mentioning a Linux version any more. So if you have any information I don't (or even a working link to anything regarding
Linux and AVG), please share as I'd be interested in taking a look
at it even.
08 Dec 2017 18:38, Roger Nelson wrote to Nicholas Boel:
What about AVG? It's free, although I think they want you to register
it yearly. Other than that, there is no cost involved.
AVG is preinstalled on my android phone (DORO 825) waste of missing storage cost nothing :(
it even have a firewall that works if there is root access to a
hacked android device, idiots :=)
all my androids is selinux enforced
I think we've already been through this. Try to find another FREE
antivirus scanner for Linux. It's pretty darn tough! ;)
why ?
you would like to remove linux ?, or your point was another ? :=)
I saw that last night. They simply should remove the links if they
aren't going to support Linux. I'm just now wondering if Torvalds did
the same thing to AVG (and maybe some others) he did to a certain
video card manufacturer.
I'm on the Internet a lot, so if anything pops up for Linux, I'll post
it here.
...We have everything here: tornadoes, tropical storms, hurricanes and snow.
However, a Linux system can host infected files and pass them on to another system without being affected. So as a courtesy, these files should probably be checked before being passed on to your peers.
Not on mine. I had to get it, but I have Malwarebytes on my Android.
Same here, but I prefer the word "Wahnsinn"! (-:
all my androids is selinux enforcedBut can you put that on your computer?
Because us Linux sysops are hosting file servers, that contain files
for both Windows and DOS. Running a scanner on received files is a
good idea.
It has nothing to do with Linux. I know Linux itself does not need antivirus, but any Windows or DOS files hosted on it should probably
be checked. When I run antivirus here, it's only on received files.
I'm not scanning the entire system because it's not needed.
However, a Linux system can host infected files and pass them on to another system without being affected. So as a courtesy, these files should probably be checked before being passed on to your peers.
On Sat Dec 09 2017 07:10:52, Roger Nelson wrote to Nicholas Boel:
I saw that last night. They simply should remove the links if they
aren't going to support Linux. I'm just now wondering if Torvalds did
the same thing to AVG (and maybe some others) he did to a certain
video card manufacturer.
After replying to your message, I kept digging a bit. It almost
seems as though some time in the last 5 years *all* antivirus
providers that supported Linux ended up either completely stopping
the support, or started charging for corporate usage and getting
rid of any "free home" versions.
I'm on the Internet a lot, so if anything pops up for Linux, I'll post
it here.
Thanks. I would be interested in checking them out, however clamav
does indeed work, it just needs to be adjusted to ignore D'Bridge
releases if and until they actually make a real fix for it.
...We have everything here: tornadoes, tropical storms, hurricanes and snow.
I spoke too soon. We have a couple inches on the ground now. I've
had a "cold" for the past month, and it seems to never go away when working outdoors in this weather. :(
However, a Linux system can host infected files and pass them on
to another system without being affected. So as a courtesy, these
files should probably be checked before being passed on to your
peers.
or one might post a disclaimer and put the onus on the downloader to
scan the file on their system before using it...
"You are responsible for taking care that any files you download are
virus free before installing them on your system or making them
available for redistribution."
Because us Linux sysops are hosting file servers, that contain
files for both Windows and DOS. Running a scanner on received
files is a good idea.
yep, my point was that clamwin can do it on windows before hatched
virus to download frinds, should we as downloader disconnect uplinks ?
:=)
"You are responsible for taking care that any files you download are
virus free before installing them on your system or making them
available for redistribution."
Wow. That's about all I can say there.
09 Dec 2017 07:22, Roger Nelson wrote to Benny Pedersen:
Not on mine. I had to get it, but I have Malwarebytes on my Android.
i know that on windows, but its not needed on android, for good
reasons i will make the reader here figure out
Same here, but I prefer the word "Wahnsinn"! (-:
+1
all my androids is selinux enforcedBut can you put that on your computer?
sure, android is based on linux, so why not ?, samsung have droped
knox, seem thay found selinux was good enoug :=)
just still waiting for firmware update that finaly remove knox
support in firmware, but the userland app for knox is now gone, its
just still in firmware :/
"You are responsible for taking care that any files you download
are virus free before installing them on your system or making
them available for redistribution."
Wow. That's about all I can say there.
it is always on "you" (inclusive) to check for virus before installing something on your machine... some folks just need to be reminded...
this goes hand in hand with "use at your risk" type clauses... CYA is real, my friend...
Wow. That's about all I can say there.
it is always on "you" (inclusive) to check for virus before installing
something on your machine... some folks just need to be reminded...
this goes hand in hand with "use at your risk" type clauses... CYA is
real, my friend...
No kidding. But do we really want to be transferring a bunch of infected crap around the filegate because everyone thinks it should be the next guy that checks the stuff they send out to others?
honest question: if the files are scanned at the initial distribution point, why do they need to be scanned again at every intermediate
point? do you trust all of them? do you trust all of their chosen scanners? some choose to validate against virustotal but it is well
known that virustotal doesn't use the newest or even all of the
detection capabilities that are offered by the scanners the scan against...
Some people have absolutely no clue what they're doing, let alone know that their system has ringworm. I'd rather do it myself and be sure I'm not *tha idiot passing on infected files to others, thank you very much!
Some people have absolutely no clue what they're doing, let alone
know that their system has ringworm. I'd rather do it myself and
be sure I'm not *tha idiot passing on infected files to others,
thank you very much!
Ahh c'mon, Fido has had ringworm right from the start ;)
honest question: if the files are scanned at the initial distribution
point, why do they need to be scanned again at every intermediate
point? do you trust all of them? do you trust all of their chosen
scanners? some choose to validate against virustotal but it is well
known that virustotal doesn't use the newest or even all of the
detection capabilities that are offered by the scanners the scan
against...
And an honest answer in question form: How do you know every
intermediate point is clean and clear of virus injection of any kind?
Some people have absolutely no clue what they're doing, let alone know that their system has ringworm.
I'd rather do it myself and be sure I'm not *that* idiot passing on infected files to others, thank you very much!
EPLY: 1:3634/12.73 5a309742
SGID: 1:154/10 5a31bdc0
HRS: UTF-8 4
ZUTC: -0600
ID: hpt/lnx 1.9.0-cur 14-08-16
Hello mark,
On Tue Dec 12 2017 21:54:10, mark lewis wrote to Nicholas Boel:
honest question: if the files are scanned at the initialdistribution
point, why do they need to be scanned again at every intermediate
point? do you trust all of them? do you trust all of their chosen
scanners? some choose to validate against virustotal but it is well NB>ml> known that virustotal doesn't use the newest or even all of the
detection capabilities that are offered by the scanners the scan
against...
And an honest answer in question form: How do you know every intermediate point is clean and clear of virus injection of any kind?
Some people have absolutely no clue what they're doing, let alone know
that their system has ringworm. I'd rather do it myself and be sure I'm
not *that* idiot passing on infected files to others, thank you very
much!
Nat.
...One man with courage is a majority.
Thomas Jefferson
And an honest answer in question form: How do you know every
intermediate point is clean and clear of virus injection of any
kind?
really? when is the last time you've seen a virus inject itself into binaries inside a zip file? are you in the habit of unzipping the
files where a virus can find the binaries and infest them? think about it...
and if you miss then you are *that* one... especially if your chosen tool(s) don't detect something nefarious... the real ugly is that
because you made the effort and missed, it is your responsibility...
this is on the same lines as those ""legal notices"" posted on some
BBSes where they say they will read every message posted looking for illegal activities... that puts them in legal hot water if they miss something... better to not do it at all and be safe... besides,
there's no way to find all possible hidden messages within posts...
that's a chase game just like virus scanning is a chase game... you'll never know you had it until it bites you...
Trust that not everyone is as diligent as the most diligent person in Fidonet.
Trust that not everyone is as diligent as the most diligent person in Fidonet.
Trust is earned, not given out for free.
After some liquid-courage, I'll trust everyone not to trust how or
what I say.
And an honest answer in question form: How do you know every
intermediate point is clean and clear of virus injection of any
kind?
really? when is the last time you've seen a virus inject itself into
binaries inside a zip file? are you in the habit of unzipping the
files where a virus can find the binaries and infest them? think
about it...
Quite a few BBS softwares have an upload checker, which extracts a zip file and injects whatever the sysop defines into it. Think about it.
and if you miss then you are *that* one... especially if your chosen
tool(s) don't detect something nefarious... the real ugly is that
because you made the effort and missed, it is your responsibility...
this is on the same lines as those ""legal notices"" posted on some
BBSes where they say they will read every message posted looking for
illegal activities... that puts them in legal hot water if they miss
something... better to not do it at all and be safe... besides,
there's no way to find all possible hidden messages within posts...
that's a chase game just like virus scanning is a chase game...
you'll never know you had it until it bites you...
I knew you would veer off on a tangent with this. I'll check the files
on my own system, with or without your say-so. Thanks though!
Trust that not everyone is as diligent as the most diligent person
in Fidonet.
Trust is earned, not given out for free.
After some liquid-courage, I'll trust everyone not to trust how or
what I say.
After some liquid-courage, I'll trust everyone not to trust how or what I say.
Sarah Palin mode with guns and roses ? :=)
On Thu Dec 14 2017 06:52:44, Roger Nelson wrote to Nicholas Boel:
Trust that not everyone is as diligent as the most diligent person in Fidonet.
Trust is earned, not given out for free.
On 14 Dec 17 06:52:44, Roger Nelson said the following to Nicholas
Boel:
Nat.
...One man with courage is a majority.
Thomas Jefferson
...A little bit of liquid-courage and the majority is treated like
a minority.
Quite a few BBS softwares have an upload checker, which extracts
a zip file and injects whatever the sysop defines into it. Think
about it.
i have one here... is used only when BBS users upload... it only ""injects"" maybe an NFO file and/or possibly a zip comment... it
cannot execute a binary injection mechanism... however, yes, if the
system is infested, it is possible that one might be... but ummmm... i
run an ""antique OS that you wouldn't run"" and guess what? there's no infesting critters that can work on it so, hummm...
I knew you would veer off on a tangent with this. I'll check the
files on my own system, with or without your say-so. Thanks
though!
no veering... no tangent... certainly not trying to influence you and
your operation... just pointing out another side of the fence ;)
Trust that not everyone is as diligent as the most diligent
person in Fidonet.
Trust is earned, not given out for free.
I didn't give it. Possibly you misread what I wrote.
On Thu Dec 14 2017 18:04:32, Roger Nelson wrote to Nicholas Boel:
Trust that not everyone is as diligent as the most diligent
person in Fidonet.
Trust is earned, not given out for free.
I didn't give it. Possibly you misread what I wrote.
I didn't. I just stated the obvious. Trust goes nowhere until it is earned, even though you told me to trust "something", whether or
not it was about diligent or non-diligent people. You started with
"Trust that..." and I responded, is all. ;)
How about this then?
Beware that not everyone in Fidonet is as diligent as you are when it comes to the quality of files.
Sysop: | digital man |
---|---|
Location: | Riverside County, California |
Users: | 1,036 |
Nodes: | 15 (1 / 14) |
Uptime: | 122:56:17 |
Calls: | 663 |
Calls today: | 11 |
Files: | 95,162 |
D/L today: |
1,673 files (211M bytes) |
Messages: | 299,176 |
Posted today: | 7 |