Klez.H

Thom Paine thom at DARKSABER.COM
Fri May 31 19:53:34 IST 2002 

Sorry to get hasty. I may have found a config problem with my
mcafeewrapper script.

I don't have the dat files in /usr/local/mcafee/dat. They reside with
the mcafeewrapper and uvscan file. I corrected the mcafee wrapper script
and did a test run and it picked it up no problem.

Should maybe get mailscanner to default the dats to be with the wrapper.
That may make an out of the box install go better.


On Fri, 2002-05-31 at 14:38, Robert A. Thompson wrote:
> Below is the verion of uvscan I use and I'm picking up between 5 and 10
> thousand a day.... this doesn't mean some are not slipping through, but
> I'm not hearing about them.  We did see when klez first come out uvscan
> was letting a lot through, but when we started testing the virus on a
> quarintined network we discovered they were broken copies of the virus.
> However, this was corrected on the next dat release.  Some scanners
> (generally dependent on the version) would pick up the broken copy and
> some wouldn't.  However, the broken virus would not run when you tried
> to execute it.
>
> --robert
>
> ./uvscan --version
> Virus Scan for Linux v4.14.0
> Copyright (c) 1992-2001 Networks Associates Technology Inc. All rights
> reserved.
> (408) 988-3832  LICENSED COPY - Jan 18 2001
>
> Scan engine v4.1.40 for Linux.
> Virus data file v4205 created May 29 2002
> Scanning for 60684 viruses, trojans and variants.
>
>
>
>
> On Fri, 2002-05-31 at 11:10, Thom Paine wrote:
> > I just received a phone call from a site running mailscanner and
> > apparently a klez.h virus got through to a workstation. It was picked up
> > there by PC Cillin and halted.
> >
> > The site is running mailscanner with Mcafee 4.1.6 and just autoupdated
> > the defs yesterday to 4205.
> >
> > Anyone else experience something similar?
> >
> > --
> > -=/>Thom
> > Red Hat Linux release 7.3 (Valhalla) running Linux Kernel 2.4.18-4
> > Uptime:  12:08pm  up 8 days, 18:31,  2 users,  load average: 1.31, 1.28,
> > 1.33
> > Registered Linux User 214499
--
-=/>Thom
Red Hat Linux release 7.3 (Valhalla) running Linux Kernel 2.4.18-4
Uptime:   2:51pm  up 8 days, 21:14,  2 users,  load average: 1.13, 1.14,
1.14
Registered Linux User 214499

More information about the MailScanner mailing list