[prev in list] [next in list] [prev in thread] [next in thread] 

List:       clamav-users
Subject:    Re: [clamav-users] Potentially False Positive, but I lost the file!
From:       Reindl Harald <h.reindl () thelounge ! net>
Date:       2017-01-22 12:51:40
Message-ID: f8a0d810-7972-b8c0-ca37-72b87f51530f () thelounge ! net
[Download RAW message or body]



Am 22.01.2017 um 12:40 schrieb Groach:
> On 21/01/2017 23:27, Joel Esler (jesler) wrote:
>> But the amount of offlist email I receive about your communication.....
> A good try, Joel.
>
> If this was designed to make me think people are upset by my negative
> feedbacks about Clam signatures then you have failed.  I am more than
> happy to tell people I am majorly disappointed (at best) about them and
> that people that THINK they are protecting their systems are leaving
> themselves wide open to infection based on a false security belief.  I
> am not the one to feel guilty about this being said, but those that lead
> the public to the contrary should feel guilty for giving out their false
> securities (selling Clam sigs as being safe and reliable) they give out.

fact is that you can completly purge them and i did so which resluted 
also is some hundret MB less RAM wasted - god save admin machines doing 
updates and finally deploy the result via rsync...

the first is the clamav-milter instance which is allowed to reject (and 
in teh past had the official signatures) and the second one is only used 
by spamasassin to add 5.5 points (in fact the reject instance is also 
included in pamassassin to add 9.5 points and at the ned of the day 
since months nothing bad made it to the clamav-milter at all)
__________________________________________________________________

ls /var/lib/clamav
-rw-r--r-- 1 clamupdate clamupdate  77K 2017-01-19 09:53 
foxhole_filename.cdb
-rw-r--r-- 1 clamupdate clamupdate  44K 2017-01-19 09:53 foxhole_generic.cdb
-rw-r--r-- 1 clamupdate clamupdate 4,1K 2016-06-18 16:55 
thelounge_blocked_extensions.cdb
-rw-r--r-- 1 clamupdate clamupdate  11K 2016-10-18 15:56 sanesecurity.ftm
-rw-r--r-- 1 clamupdate clamupdate 103K 2017-01-22 12:49 
bofhland_malware_attach.hdb
-rw-r--r-- 1 clamupdate clamupdate   82 2016-07-13 21:44 crdfam.clamav.hdb
-rw-r--r-- 1 clamupdate clamupdate  18K 2017-01-19 13:54 rogue.hdb
-rw-r--r-- 1 clamupdate clamupdate  60K 2017-01-22 12:45 
winnow_extended_malware.hdb
-rw-r--r-- 1 clamupdate clamupdate 288K 2017-01-22 12:45 winnow_malware.hdb
-rw-r--r-- 1 clamupdate clamupdate  48K 2015-08-05 09:24 hackingteam.hsb
-rw-r--r-- 1 clamupdate clamupdate  15K 2016-08-10 15:06 malwarehash.hsb
-rw-r--r-- 1 clamupdate clamupdate  12K 2017-01-22 12:46 porcupine.hsb
-rw-r--r-- 1 clamupdate clamupdate 6,8K 2017-01-06 12:56 sigwhitelist.ign2
-rw-r--r-- 1 clamupdate clamupdate  196 2016-08-10 09:57 
thelounge_whitelist.ign2
-rw-r--r-- 1 clamupdate clamupdate  57K 2017-01-20 09:24 badmacro.ndb
-rw-r--r-- 1 clamupdate clamupdate 179K 2017-01-22 12:56 blurl.ndb
-rw-r--r-- 1 clamupdate clamupdate 2,7K 2017-01-22 12:49 
bofhland_malware_URL.ndb
-rw-r--r-- 1 clamupdate clamupdate 335K 2017-01-22 12:46 porcupine.ndb
-rw-r--r-- 1 clamupdate clamupdate   61 2016-10-10 19:47 
thelounge_custom_sigs.ndb
-rw-r--r-- 1 clamupdate clamupdate 1,3M 2017-01-22 12:45 
winnow_malware_links.ndb
__________________________________________________________________

ls /var/lib/clamav-spam/
insgesamt 133M
-rw-r--r-- 1 clamupdate clamupdate 9,1K 2016-11-28 16:00 foxhole_all.cdb
-rw-r--r-- 1 clamupdate clamupdate 2,7K 2016-12-06 09:52 foxhole_js.cdb
-rw-r--r-- 1 clamupdate clamupdate 5,7K 2016-06-18 16:55 
thelounge_tagged_extensions.cdb
-rw-r--r-- 1 clamupdate clamupdate  99M 2017-01-22 13:25 safebrowsing.cld
-rw-r--r-- 1 clamupdate clamupdate  11K 2016-10-18 15:56 sanesecurity.ftm
-rw-r--r-- 1 clamupdate clamupdate 1,3K 2016-12-12 16:53 spamattach.hdb
-rw-r--r-- 1 clamupdate clamupdate 6,0K 2016-12-08 10:53 spamimg.hdb
-rw-r--r-- 1 clamupdate clamupdate 515K 2017-01-22 12:45 
winnow.attachments.hdb
-rw-r--r-- 1 clamupdate clamupdate   66 2017-01-22 12:45 winnow_bad_cw.hdb
-rw-r--r-- 1 clamupdate clamupdate 6,8K 2017-01-06 12:56 sigwhitelist.ign2
-rw-r--r-- 1 clamupdate clamupdate  196 2016-08-10 09:57 
thelounge_whitelist.ign2
-rw-r--r-- 1 clamupdate clamupdate 1011 2016-11-29 17:56 shelter.ldb
-rw-r--r-- 1 clamupdate clamupdate  556 2016-10-06 15:53 spam.ldb
-rw-r--r-- 1 clamupdate clamupdate  660 2017-01-22 12:45 
winnow.complex.patterns.ldb
-rw-r--r-- 1 clamupdate clamupdate 179K 2017-01-22 12:56 blurl.ndb
-rw-r--r-- 1 clamupdate clamupdate 1,2K 2017-01-22 12:49 
bofhland_cracked_URL.ndb
-rw-r--r-- 1 clamupdate clamupdate 2,7K 2017-01-22 12:49 
bofhland_malware_URL.ndb
-rw-r--r-- 1 clamupdate clamupdate  31K 2017-01-22 12:49 
bofhland_phishing_URL.ndb
-rw-r--r-- 1 clamupdate clamupdate 5,7K 2016-11-21 09:55 foxhole_all.ndb
-rw-r--r-- 1 clamupdate clamupdate  230 2016-11-21 09:55 foxhole_js.ndb
-rw-r--r-- 1 clamupdate clamupdate 6,5M 2017-01-19 11:54 junk.ndb
-rw-r--r-- 1 clamupdate clamupdate 349K 2017-01-22 12:56 jurlbla.ndb
-rw-r--r-- 1 clamupdate clamupdate 269K 2017-01-22 12:56 jurlbl.ndb
-rw-r--r-- 1 clamupdate clamupdate 240K 2016-07-29 18:20 lott.ndb
-rw-r--r-- 1 clamupdate clamupdate 3,8M 2017-01-19 16:54 phish.ndb
-rw-r--r-- 1 clamupdate clamupdate 3,3M 2017-01-22 12:46 phishtank.ndb
-rw-r--r-- 1 clamupdate clamupdate  14M 2017-01-22 12:45 scamnailer.ndb
-rw-r--r-- 1 clamupdate clamupdate 1,8M 2017-01-06 19:51 scam.ndb
-rw-r--r-- 1 clamupdate clamupdate  44K 2017-01-21 00:56 spearl.ndb
-rw-r--r-- 1 clamupdate clamupdate 2,0M 2017-01-21 00:52 spear.ndb
-rw-r--r-- 1 clamupdate clamupdate   61 2016-10-10 19:47 
thelounge_custom_sigs.ndb
-rw-r--r-- 1 clamupdate clamupdate  159 2017-01-22 12:45 
winnow_extended_malware_links.ndb
-rw-r--r-- 1 clamupdate clamupdate 1,3M 2017-01-22 12:45 
winnow_malware_links.ndb
-rw-r--r-- 1 clamupdate clamupdate 234K 2017-01-22 12:45 
winnow_phish_complete.ndb
-rw-r--r-- 1 clamupdate clamupdate 155K 2017-01-22 12:45 
winnow_spam_complete.ndb
-rw-r--r-- 1 clamupdate clamupdate 1,5K 2015-07-01 14:54 
Sanesecurity_sigtest.yara
-rw-r--r-- 1 clamupdate clamupdate 1,3K 2016-02-22 13:21 
Sanesecurity_spam.yara
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
[prev in list] [next in list] [prev in thread] [next in thread]