Koozali.org: home of the SME Server

Clamav control frontend

Linuxnerd

Clamav control frontend
« on: March 27, 2004, 08:54:12 AM »
Hi

Anybody know if any of the clever guys who knock out RPMs for this server have done a front end for the server-manager that enables you to manage Clamav?

I was thinking of a way of deleting quarantined files and releasing emails that are false positives etc...

Anybody point me in the right direction?

Offline raem

  • *
  • 3,972
  • +4/-0
Clamav control frontend
« Reply #1 on: March 27, 2004, 10:43:01 AM »
The latest release from pagefault.org has created a server manager panel with a lot of features to control clamavis. You can see all the quarantined and problem messages and delete them. Reinjection still sneeds to be done at the command prompt though.
You can also schedule scans of the server hard disk, select scanning of incoming and outgoing email messages, select who to send notification messages to, specify how frequently the virus database is updated and a couple of other things that don't immediately come to mind.

You can instal it manually or using yum (which works very sweetly and easily).

Damien has done a great job of this.

If you really want to "tame" viruses and are using v6.x, you should look at virus pattern blocking.
It works great and results in clam having very little to do.

See
http://lists.contribs.org/mailman/public/devinfo/msg07431.html

Regs
Ray
...

Linuxnerd

OK errr... I think!
« Reply #2 on: March 28, 2004, 09:45:31 AM »
Hi

I loaded the pagefault RPMs and it works a treat except I opened up my mail this morning to find a message from Clamav engine saying the following:

//var/spool/squid/00/08/0000080B: Eicar-Test-Signature FOUND
//var/spool/squid/00/08/0000080E: Eicar-Test-Signature FOUND
//var/spool/squid/00/08/0000080F: Eicar-Test-Signature FOUND

----------- SCAN SUMMARY -----------
Known viruses: 20744
Scanned directories: 8197
Scanned files: 33539
Infected files: 3
Data scanned: 723.96 MB
I/O buffer size: 131072 bytes
Time: 1893.090 sec (31 m 33 s)

Which has me slightly concerned!

What is this exactly and should I delete these files right away?

John

Linuxnerd

Eicar test signatures
« Reply #3 on: March 28, 2004, 09:53:45 AM »
Hi

Googled around and found Eicar is some sort of test program used for setting up Clamav.

I understand its not actually a virus so I am less concerned now.

However I would like to remove it?

Do I just delete these 3 files and then its gone?

Cheers

John

ergozd

Clamav control frontend
« Reply #4 on: March 28, 2004, 06:33:43 PM »
Yes, simply delete them...