[clamav-users] RHEL 6 (workstation repo) Clam install error
Walker, Jason T
Jason.Walker at gd-ms.com
Thu Nov 16 14:03:56 UTC 2017
Hello Tom,
I used the lowercase...I think it was Outlook that capitalized the first letter of each command. It still isn't working for me. Perhaps it is because I'm using a WORKSTATION version of RHEL 6? FYI This is not a standard RHEL Server version...do you think that may have something to do with it?
With no network connection here is what yum tells me. Note the path to the workstation repository:
[root at ISFAV-Linux Desktop]# yum install -y epel-release
Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security,
: subscription-manager
Setting up Install Process
https://cdn.redhat.com/content/dist/rhel/workstation/6/6Workstation/x86_64/os/repodata/repomd.xml: [Errno 14] PYCURL ERROR 6 - "Couldn't resolve host 'cdn.redhat.com'"
Trying other mirror.
No package epel-release available.
Error: Nothing to do
Here is yum output with network connection:
[root at ISFAV-Linux Desktop]# yum install -y epel-release
Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security,
: subscription-manager
Setting up Install Process
rhel-6-workstation-rpms | 3.5 kB 00:00
rhel-6-workstation-rpms/primary_db | 61 MB 00:55
No package epel-release available.
Error: Nothing to do
[root at ISFAV-Linux Desktop]# yum install -y clamav
Loaded plugins: product-id, refresh-packagekit, search-disabled-repos, security, subscription-manager
Setting up Install Process
No package clamav available.
Error: Nothing to do
Regards
Jason
-----Original Message-----
From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net] On Behalf Of clamav-users-request at lists.clamav.net
Sent: Wednesday, November 15, 2017 12:00 PM
To: clamav-users at lists.clamav.net
Subject: clamav-users Digest, Vol 156, Issue 14
Send clamav-users mailing list submissions to
clamav-users at lists.clamav.net
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
or, via email, send a message with subject or body 'help' to
clamav-users-request at lists.clamav.net
You can reach the person managing the list at
clamav-users-owner at lists.clamav.net
When replying, please edit your Subject line so it is more specific than "Re: Contents of clamav-users digest..."
Today's Topics:
1. RHEL 6 Clam AV Installation (Walker, Jason T)
2. Re: RHEL 6 Clam AV Installation (Thomas McCourt (tmccourt))
3. Re: RHEL 6 Clam AV Installation (Reindl Harald)
4. Re: password protected encrypted .docx files (Al Varnell)
5. Re: password protected encrypted .docx files (Mark Foley)
----------------------------------------------------------------------
Message: 1
Date: Tue, 14 Nov 2017 19:07:33 +0000
From: "Walker, Jason T" <Jason.Walker at gd-ms.com>
To: "clamav-users at lists.clamav.net" <clamav-users at lists.clamav.net>
Subject: [clamav-users] RHEL 6 Clam AV Installation
Message-ID: <64613dda3217475392343571a261a4c0 at VADC-MMB03.GD-MS.US>
Content-Type: text/plain; charset="us-ascii"
Hello,
I'm trying to install your product on a RHEL 6.9 PC. Your documentation refers to the yum repository as a source of the RPM file, however yum replies that the RPMs do not exist for the following packages:
1) Epel-release
2) Clamav
Any assistance on this installation is appreciated.
Regards
Jason
------------------------------
Message: 2
Date: Tue, 14 Nov 2017 19:35:17 +0000
From: "Thomas McCourt (tmccourt)" <tmccourt at cisco.com>
To: ClamAV users ML <clamav-users at lists.clamav.net>
Subject: Re: [clamav-users] RHEL 6 Clam AV Installation
Message-ID: <7DE5892F-0F35-48A3-A5FE-2A7ECDBB0B0B at cisco.com>
Content-Type: text/plain; charset="utf-8"
Hello Jason,
Using Yum, I can do the following command and download both Epel-release and clamav. This of course, downloads 99.2 (not the beta version).
yum install -y epel-release
yum install -y clamav
Duck]# yum install -y epel-release
Loaded plugins: fastestmirror, refresh-packagekit, security Setting up Install Process Loading mirror speeds from cached hostfile
* base: distro.ibiblio.org
* extras: mirror.umd.edu
* updates: mirror.cs.vt.edu
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:6-8 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
epel-release noarch 6-8 extras 14 k
Transaction Summary
================================================================================
Install 1 Package(s)
Total download size: 14 k
Installed size: 22 k
Downloading Packages:
epel-release-6-8.noarch.rpm | 14 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : epel-release-6-8.noarch 1/1
Verifying : epel-release-6-8.noarch 1/1
Installed:
epel-release.noarch 0:6-8
I am wondering if it is because you capitalized the ?E? in epel-release. Try it by lowercasing it, to see if it works.
Double checking- capitalizing the ?e? in epel-release finds no results.
Thank you,
Tom McCourt
On 11/14/17, 2:07 PM, "clamav-users on behalf of Walker, Jason T" <clamav-users-bounces at lists.clamav.net on behalf of Jason.Walker at gd-ms.com> wrote:
>Hello,
>
>I'm trying to install your product on a RHEL 6.9 PC. Your documentation refers to the yum repository as a source of the RPM file, however yum replies that the RPMs do not exist for the following packages:
>
>
>1) Epel-release
>
>2) Clamav
>
>Any assistance on this installation is appreciated.
>
>Regards
>Jason
>
>_______________________________________________
>clamav-users mailing list
>clamav-users at lists.clamav.net
>http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
>Help us build a comprehensive ClamAV guide:
>https://github.com/vrtadmin/clamav-faq
>
>http://www.clamav.net/contact.html#ml
------------------------------
Message: 3
Date: Tue, 14 Nov 2017 20:37:02 +0100
From: Reindl Harald <h.reindl at thelounge.net>
To: clamav-users at lists.clamav.net
Subject: Re: [clamav-users] RHEL 6 Clam AV Installation
Message-ID: <b6805a3a-720a-33ba-5bf4-a6d5ba042bbc at thelounge.net>
Content-Type: text/plain; charset=utf-8; format=flowed
Am 14.11.2017 um 20:07 schrieb Walker, Jason T:
> I'm trying to install your product on a RHEL 6.9 PC. Your documentation refers to the yum repository as a source of the RPM file, however yum replies that the RPMs do not exist for the following packages:
>
>
> 1) Epel-release
>
> 2) Clamav
>
> Any assistance on this installation is appreciated
you hardly can install a yum repo itself via yum and hence here you go:
https://fedoraproject.org/wiki/EPEL - however, why installing RHEL6 in 2017?
------------------------------
Message: 4
Date: Wed, 15 Nov 2017 01:14:00 -0800
From: Al Varnell <alvarnell at mac.com>
To: ClamAV users ML <clamav-users at lists.clamav.net>
Subject: Re: [clamav-users] password protected encrypted .docx files
Message-ID: <96CDEEB0-6975-4A45-951E-180336B159A5 at mac.com>
Content-Type: text/plain; charset="us-ascii"
On Tue, Nov 14, 2017 at 07:45 AM, Mark Foley wrote:
> I found this older message in the archives. I'm receiving a lot of
> fake "Invoice" messages with attached encrypted .doc files that run VB
> scripts and execute .exe files.
>
> I'd like to block encrypted Word documents. Interestingly, as Reindl
> Harald says, ".docx files *are* zip files", but lately I've been
> getting .doc files which are really .docx file. KDE Dolphin isn't
> deceived and opens the attachment as an archive, but Word in WIN7 goes
> ahead and opens it as a document. If I rename the document to .docx,
> then Dolphin opens it in LibreOffice.
>
> So, will ArchiveblockEncrypted work on .doc files too? I.e. is clamav
> smart enough to look beyond the extension?
In general, yes, clamAV doesn't pay attention to extensions and looks for document signatures that are usually at the top of a file to determine file type. That being said, I can't confirm exactly how it handles .doc and .docx files.
-Al-
> Will ArchiveblockEncrypted block *ALL* encrypted archives including zip?
>
> Finally, Dino Edwards wrote:
>
>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>> (it's off by default)
>
> Is that a typeo? Did he mean "you can turn ArchiveBlockEncrypted on in
> clamd.conf"? Seems like turning this "off" would NOT block encrypted files.
>
> THX --Mark
>
> -----Original Message-----
>> Date: Wed, 5 Apr 2017 21:19:47 +0200
>> From: Reindl Harald <h.reindl at thelounge.net
>> <mailto:h.reindl at thelounge.net>>
>>
>> technically .docx *are* zip files
>>
>> Am 05.04.2017 um 21:08 schrieb Dino Edwards:
>>> Didn't realize the ArchiveblockEncrypted included MS Word files. I
>>> thought it would be for password protected zip rar and such
>>>
>>> -----Original Message-----
>>> From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net
>>> <mailto:clamav-users-bounces at lists.clamav.net>] On Behalf Of Benny
>>> Pedersen
>>> Sent: Wednesday, April 5, 2017 11:22 AM
>>> To: clamav-users at lists.clamav.net
>>> <mailto:clamav-users at lists.clamav.net>
>>> Subject: Re: [clamav-users] password protected encrypted .docx files
>>>
>>> Dino Edwards skrev den 2017-04-05 16:48:
>>>> Any way to get clamav to block password protected Microsoft word files?
>>>
>>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>>> (it's off by default)
>>>
>>> if not working pastebin your clamconf (clamav section only)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL: <http://lists.clamav.net/pipermail/clamav-users/attachments/20171115/5d85189e/attachment-0001.bin>
------------------------------
Message: 5
Date: Wed, 15 Nov 2017 11:56:27 -0500
From: Mark Foley <mfoley at novatec-inc.com>
To: clamav-users at lists.clamav.net
Subject: Re: [clamav-users] password protected encrypted .docx files
Message-ID: <201711151656.vAFGuRjW006834 at server.novatec-inc.com>
Content-Type: text/plain; charset=us-ascii
On Wed 15 Nov 2017 01:14:00 -0800 Al Varnell <alvarnell at mac.com> wrote:
>On Tue, Nov 14, 2017 at 07:45 AM, Mark Foley wrote:
>> I found this older message in the archives. I'm receiving a lot of
>> fake "Invoice" messages with attached encrypted .doc files that run
>> VB scripts and execute .exe files.
>>
>> I'd like to block encrypted Word documents. Interestingly, as Reindl
>> Harald says, ".docx files *are* zip files", but lately I've been
>> getting .doc files which are really .docx file. KDE Dolphin isn't
>> deceived and opens the attachment as an archive, but Word in WIN7
>> goes ahead and opens it as a document. If I rename the document to
>> .docx, then Dolphin opens it in LibreOffice.
>>
>> So, will ArchiveblockEncrypted work on .doc files too? I.e. is clamav
>> smart enough to look beyond the extension?
>
> In general, yes, clamAV doesn't pay attention to extensions and looks for document signatures that are usually at the top of a file to determine file type. That being said, I can't confirm exactly how it handles .doc and .docx files.
>
Thanks Al. I'll turn this on and experiment. I'll post back my findings.
Does anyone have exerience with this?
>-Al-
>
>> Will ArchiveblockEncrypted block *ALL* encrypted archives including zip?
>>
>> Finally, Dino Edwards wrote:
>>
>>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>>> (it's off by default)
>>
>> Is that a typeo? Did he mean "you can turn ArchiveBlockEncrypted on
>> in clamd.conf"? Seems like turning this "off" would NOT block encrypted files.
>>
>> THX --Mark
>>
>> -----Original Message-----
>>> Date: Wed, 5 Apr 2017 21:19:47 +0200
>>> From: Reindl Harald <h.reindl at thelounge.net
>>> <mailto:h.reindl at thelounge.net>>
>>>
>>> technically .docx *are* zip files
>>>
>>> Am 05.04.2017 um 21:08 schrieb Dino Edwards:
>>>> Didn't realize the ArchiveblockEncrypted included MS Word files. I
>>>> thought it would be for password protected zip rar and such
>>>>
>>>> -----Original Message-----
>>>> From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net
>>>> <mailto:clamav-users-bounces at lists.clamav.net>] On Behalf Of Benny
>>>> Pedersen
>>>> Sent: Wednesday, April 5, 2017 11:22 AM
>>>> To: clamav-users at lists.clamav.net
>>>> <mailto:clamav-users at lists.clamav.net>
>>>> Subject: Re: [clamav-users] password protected encrypted .docx
>>>> files
>>>>
>>>> Dino Edwards skrev den 2017-04-05 16:48:
>>>>> Any way to get clamav to block password protected Microsoft word files?
>>>>
>>>> Yes, it is - you can turn ArchiveBlockEncrypted off in clamd.conf
>>>> (it's off by default)
>>>>
>>>> if not working pastebin your clamconf (clamav section only)
------------------------------
Subject: Digest Footer
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
------------------------------
End of clamav-users Digest, Vol 156, Issue 14
*********************************************
More information about the clamav-users
mailing list