[clamav-users] freshclam -V output

Sean Clark Sean.Clark at servicenow.com
Wed Mar 20 10:24:16 EDT 2019


Arnaud,

I now understand that we do not run the daemon. We update and scan from cron. I stumbled on a work around I *think*

$ sigtool --version
ClamAV 0.99.4/25394/Wed Mar 20 07:52:02 2019

VS

$freshclam -V
ClamAV 0.99.4

Thanks,

Sean Clark <>  Sr Network Engineer
“An ounce of prevention is worth a pound of cure”
ServiceNow <> office 425-305-2269

From: Arnaud Jacques <webmaster at securiteinfo.com>
Date: Wednesday, March 20, 2019 at 9:32 AM
To: ClamAV users ML <clamav-users at lists.clamav.net>
Cc: Sean Clark <Sean.Clark at servicenow.com>, Alexandru Cojan <alexandru.cojan at servicenow.com>
Subject: Re: [clamav-users] freshclam -V output

[External Email]

Sean,

Here is the resolution I applied when I get this problem (on Debian OS) :

# clamdscan -V
ClamAV 0.100.0
(not information about loaded databases)

vi /etc/systemd/system/clamav-daemon.socket.d/extend.conf
[Socket]
ListenStream=127.0.0.1:3310
(check if the 2 above lines are present)

systemctl --system daemon-reload
systemctl restart clamav-daemon.socket
systemctl restart clamav-daemon.service

vi /etc/clamav/clamd.conf
TCPSocket 3310
TCPAddr 127.0.0.1

/etc/init.d/clamav-daemon restart
(it worked at this point).

Hope it helps....

Le 20/03/2019 à 13:12, Sean Clark via clamav-users a écrit :
Arnaud,

Thank you so much for the direction! I am still having problems. I get a server working, but I try to apply what I thought was the fix to other servers and it does not work. I am missing the target 😃 Could you/or someone help me with the failure scenarios?


  *   the virus database is not (already) loaded in memory

How do I verify for this?


  *   when clamdscan client cannot connect to clamd daemon
$ps -aux | grep clam
sean.cl+   372  0.0  0.0  13136  1052 pts/0    S+   11:48   0:00 grep clam
$ freshclam -V
ClamAV 0.100.2

I don’t see any daemon running on the servers that are working and not working. What are the connection details for this? Just to recap the problem statement is that ‘freshclam -V’ does not have the right output.

Thanks,

Sean Clark <>  Sr Network Engineer
“An ounce of prevention is worth a pound of cure”
ServiceNow <> office 425-305-2269

From: clamav-users <clamav-users-bounces at lists.clamav.net><mailto:clamav-users-bounces at lists.clamav.net> on behalf of Arnaud Jacques <webmaster at securiteinfo.com><mailto:webmaster at securiteinfo.com>
Reply-To: ClamAV users ML <clamav-users at lists.clamav.net><mailto:clamav-users at lists.clamav.net>
Date: Thursday, March 14, 2019 at 9:43 AM
To: "clamav-users at lists.clamav.net"<mailto:clamav-users at lists.clamav.net> <clamav-users at lists.clamav.net><mailto:clamav-users at lists.clamav.net>
Subject: Re: [clamav-users] freshclam -V output

[External Email]

Hello Sean,


Le 14/03/2019 à 13:53, Sean Clark via clamav-users a écrit :
Hello,

I have read through the archives and could not find a solution. Also I apologize in advance as this might be dumb question.  We have our monitoring setup to check the update status from the output of `freshclam -V`. We are using clamav on Ubuntu and CentOS. We cannot figure out what controls the output behavior described below.

This is what we have always seen:
(CentOS Linux release 7.4.1708 (Core))
$ freshclam -V
ClamAV 0.98.7/25387/Wed Mar 13 11:24:46 2019

This is the problem we are facing when porting over to Ubuntu
(Ubuntu 18.04.1 LTS)
$ freshclam -V
ClamAV 0.99.4

OR
$ freshclam -V
ClamAV 0.100.2

As you can see its lacking what we believe is the ‘latest definitions update time’. I see the man page says `-V` should just be version so I am not sure how we are getting that time stamp. Any thoughts on this?

It happens when the virus database is not (already) loaded in memory and/or when clamdscan client cannot connect to clamd daemon (tcp or socket problem).




--

Cordialement / Best regards,



Arnaud Jacques

Gérant de SecuriteInfo.com



Téléphone : +33-(0)3.44.39.76.46

E-mail : aj at securiteinfo.com<mailto:aj at securiteinfo.com>

Site web : https://www.securiteinfo.com<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.securiteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=uB7EYN5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZqonXU&s=gxkxeXtiQ-oISdE05ScylHwhsRgiuRnGyE5Lfc21DAU&e=>

Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_pages_SecuriteInfocom_132872523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=uB7EYN5Kyqg0eo0tdJfmthbYA1hmqqv1NWCfJZqonXU&s=9EskCuuMdLCkfRpJPI7CAhohVsNrxuyxaRJmb_8z4zg&e=>

Twitter : @SecuriteInfoCom



Securiteinfo.com

La Sécurité Informatique - La Sécurité des Informations.

266, rue de Villers

60123 Bonneuil en Valois



_______________________________________________



clamav-users mailing list

clamav-users at lists.clamav.net<mailto:clamav-users at lists.clamav.net>

https://lists.clamav.net/mailman/listinfo/clamav-users<https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.clamav.net_mailman_listinfo_clamav-2Dusers&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=fM6L3oZACYTt5SXv6ulyy7fNtLKYlqqg1zV3nWFE26g&e=>





Help us build a comprehensive ClamAV guide:

https://github.com/vrtadmin/clamav-faq<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=8SYyct6OU5VhYQwtHh784OV3oQ_EPU-HKaBbo_Nbd3A&e=>



http://www.clamav.net/contact.html#ml<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=22C6LsJ90dQuGrcS3I9rKD6e3IWh-bnWhGoGd_Gu1d0&e=>



--

Cordialement / Best regards,



Arnaud Jacques

Gérant de SecuriteInfo.com



Téléphone : +33-(0)3.44.39.76.46

E-mail : aj at securiteinfo.com<mailto:aj at securiteinfo.com>

Site web : https://www.securiteinfo.com<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.securiteinfo.com&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=t5dQmObPUgd1ob-duCMIrjrvcaAih_2d81WOoDbUD3M&e=>

Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_pages_SecuriteInfocom_132872523492286&d=DwMDaQ&c=Zok6nrOF6Fe0JtVEqKh3FEeUbToa1PtNBZf6G01cvEQ&r=bsOGoFUL2hxM4uEAycB9huubhS2KF5MoFEHyC01Cs0w&m=7Et_Vt35fcd0cVkcek2kS8AxpVcN-pZ9cgtDYBWmkyY&s=54VWLBtUaz6p1yVq6BDZ4qq70dNAki-fens_w2ek2VE&e=>

Twitter : @SecuriteInfoCom



Securiteinfo.com

La Sécurité Informatique - La Sécurité des Informations.

266, rue de Villers

60123 Bonneuil en Valois
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20190320/89425e0c/attachment.html>


More information about the clamav-users mailing list