[prev in list] [next in list] [prev in thread] [next in thread]
List: clamav-users
Subject: Re: [clamav-users] freshclam -V output
From: Sean Clark via clamav-users <clamav-users () lists ! clamav ! net>
Date: 2019-03-20 14:24:16
Message-ID: FC857196-7A7A-4A84-A7E7-8616D00F1572 () servicenow ! com
[Download RAW message or body]
[Attachment #2 (text/plain)]
Arnaud,
I now understand that we do not run the daemon. We update and scan from cron. I \
stumbled on a work around I *think*
$ sigtool --version
ClamAV 0.99.4/25394/Wed Mar 20 07:52:02 2019
VS
$freshclam -V
ClamAV 0.99.4
Thanks,
Sean Clark <> Sr Network Engineer
"An ounce of prevention is worth a pound of cure"
ServiceNow <> office 425-305-2269
From: Arnaud Jacques <webmaster@securiteinfo.com>
Date: Wednesday, March 20, 2019 at 9:32 AM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: Sean Clark <Sean.Clark@servicenow.com>, Alexandru Cojan \
<alexandru.cojan@servicenow.com>
Subject: Re: [clamav-users] freshclam -V output
[External Email]
Sean,
Here is the resolution I applied when I get this problem (on Debian OS) :
# clamdscan -V
ClamAV 0.100.0
(not information about loaded databases)
vi /etc/systemd/system/clamav-daemon.socket.d/extend.conf
[Socket]
ListenStream=127.0.0.1:3310
(check if the 2 above lines are present)
systemctl --system daemon-reload
systemctl restart clamav-daemon.socket
systemctl restart clamav-daemon.service
vi /etc/clamav/clamd.conf
TCPSocket 3310
TCPAddr 127.0.0.1
/etc/init.d/clamav-daemon restart
(it worked at this point).
Hope it helps....
Le 20/03/2019 à 13:12, Sean Clark via clamav-users a écrit :
Arnaud,
Thank you so much for the direction! I am still having problems. I get a server \
working, but I try to apply what I thought was the fix to other servers and it does \
not work. I am missing the target 😃 Could you/or someone help me with the failure \
scenarios?
* the virus database is not (already) loaded in memory
How do I verify for this?
* when clamdscan client cannot connect to clamd daemon
$ps -aux | grep clam
sean.cl+ 372 0.0 0.0 13136 1052 pts/0 S+ 11:48 0:00 grep clam
$ freshclam -V
ClamAV 0.100.2
I don't see any daemon running on the servers that are working and not working. What \
are the connection details for this? Just to recap the problem statement is that \
‘freshclam -V' does not have the right output.
Thanks,
Sean Clark <> Sr Network Engineer
"An ounce of prevention is worth a pound of cure"
ServiceNow <> office 425-305-2269
From: clamav-users <clamav-users-bounces@lists.clamav.net><mailto:clamav-users-bounces@lists.clamav.net> \
on behalf of Arnaud Jacques \
<webmaster@securiteinfo.com><mailto:webmaster@securiteinfo.com>
Reply-To: ClamAV users ML \
<clamav-users@lists.clamav.net><mailto:clamav-users@lists.clamav.net>
Date: Thursday, March 14, 2019 at 9:43 AM
To: "clamav-users@lists.clamav.net"<mailto:clamav-users@lists.clamav.net> \
<clamav-users@lists.clamav.net><mailto:clamav-users@lists.clamav.net>
Subject: Re: [clamav-users] freshclam -V output
[External Email]
Hello Sean,
Le 14/03/2019 à 13:53, Sean Clark via clamav-users a écrit :
Hello,
I have read through the archives and could not find a solution. Also I apologize in \
advance as this might be dumb question. We have our monitoring setup to check the \
update status from the output of `freshclam -V`. We are using clamav on Ubuntu and \
CentOS. We cannot figure out what controls the output behavior described below.
This is what we have always seen:
(CentOS Linux release 7.4.1708 (Core))
$ freshclam -V
ClamAV 0.98.7/25387/Wed Mar 13 11:24:46 2019
This is the problem we are facing when porting over to Ubuntu
(Ubuntu 18.04.1 LTS)
$ freshclam -V
ClamAV 0.99.4
OR
$ freshclam -V
ClamAV 0.100.2
As you can see its lacking what we believe is the ‘latest definitions update time'. \
I see the man page says `-V` should just be version so I am not sure how we are \
getting that time stamp. Any thoughts on this?
It happens when the virus database is not (already) loaded in memory and/or when \
clamdscan client cannot connect to clamd daemon (tcp or socket problem).
--
Cordialement / Best regards,
Arnaud Jacques
Gérant de SecuriteInfo.com
Téléphone : +33-(0)3.44.39.76.46
E-mail : aj@securiteinfo.com<mailto:aj@securiteinfo.com>
Site web : https://www.securiteinfo.com<https://urldefense.proofpoint.com/v2/url?u=htt \
ps-3A__www.securiteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=b \
sOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=uB7EYN5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZqonXU&s=gxkxeXtiQ-oISdE05ScylHwhsRgiuRnGyE5Lfc21DAU&e=>
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286<https://urld \
efense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_pages_SecuriteInfocom_132872 \
523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB \
9huubhS2KF5MoFEHyC01Cs0w&m=uB7EYN5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZqonXU&s=9EskCuuMdLCkfRpJPI7CAhohVsNrxuyxaRJmb_8z4zg&e=>
Twitter : @SecuriteInfoCom
Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://lists.clamav.net/mailman/listinfo/clamav-users<https://urldefense.proofpoint.c \
om/v2/url?u=https-3A__lists.clamav.net_mailman_listinfo_clamav-2Dusers&d=DwMDaQ&c=Zok6 \
nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w& \
m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=fM6L3oZACYTt5SXv6ulyy7fNtLKYlqqg1zV3nWFE26g&e=>
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq<https://urldefense.proofpoint.com/v2/url?u=http \
s-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6 \
G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=8SYyct6OU5VhYQwtHh784OV3oQ_EPU-HKaBbo_Nbd3A&e=>
http://www.clamav.net/contact.html#ml<https://urldefense.proofpoint.com/v2/url?u=http- \
3A__www.clamav.net_contact.html-23ml&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G0 \
1cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=22C6LsJ90dQuGrcS3I9rKD6e3IWh-bnWhGoGd_Gu1d0&e=>
--
Cordialement / Best regards,
Arnaud Jacques
Gérant de SecuriteInfo.com
Téléphone : +33-(0)3.44.39.76.46
E-mail : aj@securiteinfo.com<mailto:aj@securiteinfo.com>
Site web : https://www.securiteinfo.com<https://urldefense.proofpoint.com/v2/url?u=htt \
ps-3A__www.securiteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=b \
sOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=t5dQmObPUgd1ob-duCMIrjrvcaAih_2d81WOoDbUD3M&e=>
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286<https://urld \
efense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_pages_SecuriteInfocom_132872 \
523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB \
9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=54VWLBtUaz6p1yVq6BDZ4qq70dNAki-fens_w2ek2VE&e=>
Twitter : @SecuriteInfoCom
Securiteinfo.com
La Sécurité Informatique - La Sécurité des Informations.
266, rue de Villers
60123 Bonneuil en Valois
[Attachment #3 (text/html)]
<html xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Apple Color Emoji";
panose-1:0 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1073241142;
mso-list-template-ids:-1719116738;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1
{mso-list-id:1464617192;
mso-list-template-ids:1811214490;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2
{mso-list-id:1979992702;
mso-list-type:hybrid;
mso-list-template-ids:-1988600850 -325813702 67698691 67698693 67698689 67698691 \
67698693 67698689 67698691 67698693;} @list l2:level1
{mso-level-start-at:0;
mso-level-number-format:bullet;
mso-level-text:-;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Calibri",sans-serif;
mso-fareast-font-family:Calibri;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:ï‚·;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style>
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal">Arnaud,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I now understand that we do not run the daemon. We update and \
scan from cron. I stumbled on a work around I *<b>think</b>*<o:p></o:p></p> <p \
class="MsoNormal"><o:p> </o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">$ sigtool \
--version<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">ClamAV \
0.99.4/25394/Wed Mar 20 07:52:02 2019</span><span \
style="font-size:11.0pt"><o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt"><o:p> </o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt">VS<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt"><o:p> </o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">$freshclam \
-V<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">ClamAV \
0.99.4</span><span style="font-size:11.0pt"><o:p></o:p></span></p> <p \
class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p> <div>
<p class="MsoNormal"><span \
style="font-size:11.0pt;color:black">Thanks,<o:p></o:p></span></p> <p \
class="MsoNormal"><span \
style="font-size:11.0pt;color:black"><o:p> </o:p></span></p> <p \
class="MsoNormal"><span style="font-size:11.0pt;color:black">Sean Clark <> \
Sr Network Engineer<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;color:black">"An ounce of prevention is worth a pound of \
cure"<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;color:black">ServiceNow <> office \
425-305-2269</span><span style="font-size:11.0pt"><o:p></o:p></span></p> </div>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:black">From: </span></b><span \
style="color:black">Arnaud Jacques <webmaster@securiteinfo.com><br> <b>Date: \
</b>Wednesday, March 20, 2019 at 9:32 AM<br> <b>To: </b>ClamAV users ML \
<clamav-users@lists.clamav.net><br> <b>Cc: </b>Sean Clark \
<Sean.Clark@servicenow.com>, Alexandru Cojan \
<alexandru.cojan@servicenow.com><br> <b>Subject: </b>Re: [clamav-users] \
freshclam -V output<o:p></o:p></span></p> </div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:14.0pt;background:yellow">[External Email]</span></b><o:p></o:p></p> \
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:13.0pt"> </span></b><o:p></o:p></p> </div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Sean,<br>
<br>
Here is the resolution I applied when I get this problem (on Debian OS) :<br>
<br>
# clamdscan -V<br>
ClamAV 0.100.0<br>
(not information about loaded databases)<br>
<br>
vi /etc/systemd/system/clamav-daemon.socket.d/extend.conf<br>
[Socket]<br>
ListenStream=127.0.0.1:3310<br>
(check if the 2 above lines are present)<br>
<br>
systemctl --system daemon-reload<br>
systemctl restart clamav-daemon.socket<br>
systemctl restart clamav-daemon.service<br>
<br>
vi /etc/clamav/clamd.conf<br>
TCPSocket 3310<br>
TCPAddr 127.0.0.1<br>
<br>
/etc/init.d/clamav-daemon restart<br>
(it worked at this point).<br>
<br>
Hope it helps....<br>
<br>
<o:p></o:p></p>
<div>
<p class="MsoNormal">Le 20/03/2019 Ã 13:12, Sean Clark via clamav-users a \
écrit :<o:p></o:p></p> </div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal">Arnaud,<o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal">Thank you so much for the direction! I am still having problems. \
I get a server working, but I try to apply what I thought was the fix to other \
servers and it does not work. I am missing the target <span \
style="font-family:"Apple Color Emoji"">😃</span> Could you/or \
someone help me with the failure scenarios? <o:p></o:p></p>
<p class="MsoNormal"> <o:p></o:p></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoListParagraph" style="margin-left:0in;mso-list:l2 level1 lfo3"><span \
style="font-size:11.0pt">the virus database is not (already) loaded in \
memory</span><o:p></o:p></li></ul> <p class="MsoListParagraph"><span \
style="font-size:11.0pt">How do I verify for this?</span><o:p></o:p></p> <p \
class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p> <ul \
style="margin-top:0in" type="disc"> <li class="MsoListParagraph" \
style="margin-left:0in;mso-list:l2 level1 lfo3"><span style="font-size:11.0pt">when \
clamdscan client cannot connect to clamd daemon</span><o:p></o:p></li></ul> <p \
class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">$ps -aux | grep \
clam</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">sean.cl+ \
372 0.0 0.0 13136 1052 pts/0 \
S+ 11:48 0:00 grep clam</span><o:p></o:p></p> <p \
class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">$ freshclam \
-V</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">ClamAV \
0.100.2</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt"> </span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt">I don't see any daemon running on the servers that are \
working and not working. What are the connection details for this? Just to recap the \
problem statement is that ‘<span \
style="background:silver;mso-highlight:silver">freshclam
-V</span>' does not have the right output. </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span \
style="font-size:11.0pt;color:black">Thanks,</span><o:p></o:p></p> <p \
class="MsoNormal"><span \
style="font-size:11.0pt;color:black"> </span><o:p></o:p></p> <p \
class="MsoNormal"><span style="font-size:11.0pt;color:black">Sean Clark <> \
Sr Network Engineer</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;color:black">"An ounce of prevention is worth a pound of \
cure"</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;color:black">ServiceNow <> office \
425-305-2269</span><o:p></o:p></p> </div>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:black">From: </span></b><span \
style="color:black">clamav-users <a \
href="mailto:clamav-users-bounces@lists.clamav.net"><clamav-users-bounces@lists.clamav.net></a> \
on behalf of Arnaud Jacques <a \
href="mailto:webmaster@securiteinfo.com"><webmaster@securiteinfo.com></a><br> \
<b>Reply-To: </b>ClamAV users ML <a \
href="mailto:clamav-users@lists.clamav.net"><clamav-users@lists.clamav.net></a><br>
<b>Date: </b>Thursday, March 14, 2019 at 9:43 AM<br>
<b>To: </b><a href="mailto:clamav-users@lists.clamav.net">"clamav-users@lists.clamav.net"</a>
<a href="mailto:clamav-users@lists.clamav.net"><clamav-users@lists.clamav.net></a><br>
<b>Subject: </b>Re: [clamav-users] freshclam -V output</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:14.0pt;background:yellow">[External Email]</span></b><o:p></o:p></p> \
<p class="MsoNormal" \
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><span \
style="font-size:13.0pt"> </span></b><o:p></o:p></p> </div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Hello Sean,<br>
<br>
<br>
<o:p></o:p></p>
<div>
<p class="MsoNormal">Le 14/03/2019 Ã 13:53, Sean Clark via clamav-users a \
écrit :<o:p></o:p></p> </div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="font-size:11.0pt">Hello,</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I have read through the archives \
and could not find a solution. Also I apologize in advance as this might be dumb \
question. We have our monitoring setup to check the update status from the \
output of `freshclam
-V`. We are using clamav on Ubuntu and CentOS. We cannot figure out what controls \
the output behavior described below. </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><b><span style="font-size:11.0pt">This is what we have always \
seen:</span></b><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt">(CentOS Linux release 7.4.1708 (Core))</span><o:p></o:p></p> \
<p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">$ freshclam \
-V</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">ClamAV \
0.98.7/25387/Wed Mar 13 11:24:46 2019</span><o:p></o:p></p> <p \
class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p> <p \
class="MsoNormal"><b><span style="font-size:11.0pt">This is the problem we are facing \
when porting over to Ubuntu</span></b><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt">(Ubuntu 18.04.1 LTS)</span><o:p></o:p></p> <p \
class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">$ freshclam -V \
</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">ClamAV \
0.99.4</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt"> </span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt">OR</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">$ freshclam -V \
</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;background:silver;mso-highlight:silver">ClamAV \
0.100.2</span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt"> </span><o:p></o:p></p> <p class="MsoNormal"><span \
style="font-size:11.0pt">As you can see its lacking what we believe is the ‘latest \
definitions update time'. I see the man page says `-V` should just be version so I am \
not sure how we are getting that time stamp. Any thoughts on \
this?</span><o:p></o:p></p> </blockquote>
<p class="MsoNormal"><span style="font-size:11.0pt"><br>
It happens when the virus database is not (already) loaded in memory and/or when \
clamdscan client cannot connect to clamd daemon (tcp or socket problem).<br> <br>
<br>
<br>
</span><o:p></o:p></p>
<pre>-- <o:p></o:p></pre>
<pre>Cordialement / Best regards,<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>Arnaud Jacques<o:p></o:p></pre>
<pre>Gérant de SecuriteInfo.com<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>Téléphone : +33-(0)3.44.39.76.46<o:p></o:p></pre>
<pre>E-mail : <a href="mailto:aj@securiteinfo.com">aj@securiteinfo.com</a><o:p></o:p></pre>
<pre>Site web : <a href="www.sec" rel="nofollow">https://urldefense.proofpoint.com/v2/url?u=https-3A__www.sec> \
uriteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsO \
GoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=uB7EYN5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZq \
onXU&s=gxkxeXtiQ-oISdE05ScylHwhsRgiuRnGyE5Lfc21DAU&e=">https://www.securiteinfo.com</a><o:p></o:p></pre>
<pre>Facebook : <a href="www.fac" rel="nofollow">https://urldefense.proofpoint.com/v2/url?u=https-3A__www.fac> \
ebook.com_pages_SecuriteInfocom_132872523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh \
3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=uB7EY \
N5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZqonXU&s=9EskCuuMdLCkfRpJPI7CAhohVsNrxuyxaRJmb_8z4 \
zg&e=">https://www.facebook.com/pages/SecuriteInfocom/132872523492286</a><o:p></o:p></pre>
<pre>Twitter : @SecuriteInfoCom<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>Securiteinfo.com<o:p></o:p></pre>
<pre>La Sécurité Informatique - La Sécurité des Informations.<o:p></o:p></pre>
<pre>266, rue de Villers<o:p></o:p></pre>
<pre>60123 Bonneuil en Valois<o:p></o:p></pre>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt"><br>
<br>
<o:p></o:p></span></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>clamav-users mailing list<o:p></o:p></pre>
<pre><a href="mailto:clamav-users@lists.clamav.net">clamav-users@lists.clamav.net</a><o:p></o:p></pre>
<pre><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.clamav.net_m \
ailman_listinfo_clamav-2Dusers&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6 \
G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8 \
AxpVcN-pZ9cgtDYBWmkyY&s=fM6L3oZACYTt5SXv6ulyy7fNtLKYlqqg1zV3nWFE26g&e=">https://lists.clamav.net/mailman/listinfo/clamav-users</a><o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Help us build a comprehensive ClamAV guide:<o:p></o:p></pre>
<pre><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin \
_clamav-2Dfaq&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsO \
GoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBW \
mkyY&s=8SYyct6OU5VhYQwtHh784OV3oQ_EPU-HKaBbo_Nbd3A&e=">https://github.com/vrtadmin/clamav-faq</a><o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre><a href="www.clamav.net_conta" rel="nofollow">https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_conta> \
ct.html-23ml&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOG \
oFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWm \
kyY&s=22C6LsJ90dQuGrcS3I9rKD6e3IWh-bnWhGoGd_Gu1d0&e=">http://www.clamav.net/contact.html#ml</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span style="font-size:11.0pt"><br>
<br>
<o:p></o:p></span></p>
<pre>-- <o:p></o:p></pre>
<pre>Cordialement / Best regards,<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Arnaud Jacques<o:p></o:p></pre>
<pre>Gérant de SecuriteInfo.com<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Téléphone : +33-(0)3.44.39.76.46<o:p></o:p></pre>
<pre>E-mail : <a href="mailto:aj@securiteinfo.com">aj@securiteinfo.com</a><o:p></o:p></pre>
<pre>Site web : <a href="www.sec" rel="nofollow">https://urldefense.proofpoint.com/v2/url?u=https-3A__www.sec> \
uriteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsO \
GoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBW \
mkyY&s=t5dQmObPUgd1ob-duCMIrjrvcaAih_2d81WOoDbUD3M&e=">https://www.securiteinfo.com</a><o:p></o:p></pre>
<pre>Facebook : <a href="www.fac" rel="nofollow">https://urldefense.proofpoint.com/v2/url?u=https-3A__www.fac> \
ebook.com_pages_SecuriteInfocom_132872523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh \
3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_V \
t35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=54VWLBtUaz6p1yVq6BDZ4qq70dNAki-fens_w2ek2 \
VE&e=">https://www.facebook.com/pages/SecuriteInfocom/132872523492286</a><o:p></o:p></pre>
<pre>Twitter : @SecuriteInfoCom<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Securiteinfo.com<o:p></o:p></pre>
<pre>La Sécurité Informatique - La Sécurité des Informations.<o:p></o:p></pre>
<pre>266, rue de Villers<o:p></o:p></pre>
<pre>60123 Bonneuil en Valois<o:p></o:p></pre>
</div>
</div>
</body>
</html>
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
--===============6722576036166215517==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic