| HTTP Anti-Virus Proxy http://havp.hege.li/forum/ |
|
| Virus thorugh FTP not detected http://havp.hege.li/forum/viewtopic.php?f=3&t=559 |
Page 1 of 1 |
| Author: | pos [ 29 Oct 2010 19:07 ] |
| Post subject: | Virus thorugh FTP not detected |
Hi all I just installed a havp with a parent squid for a customer. I have done some more extensive testing than I have done at earlier installations. Latest clam as antivirus engine (set up as a daemon right now). I just noted that not all viruses are detected. All tested "eicar" virus were detected through HTTP. But when accessing through FTP only a subset are detected??? At this link only the eicar.com are detected through the latest havp. All others get through. ftp://download.trendmicro.com/products/eicar-file/ Any clues appreciated Tnx /Per-Olov |
|
| Author: | karesmakro [ 30 Oct 2010 16:35 ] |
| Post subject: | Re: Virus thorugh FTP not detected |
Hello pos! If you want to scan ftp traffic, then you have to install something like frox: http://frox.sourceforge.net/ FTP virusscan with squid and havp is not possible. Regards |
|
| Author: | pos [ 31 Oct 2010 17:24 ] |
| Post subject: | Re: Virus thorugh FTP not detected |
Well.... As said the eicar.com is actually detected over FTP. So what you say is half wrong. All others on the link are not detected though. The question is why... is it some buffer size thing? /Per-Olov |
|
| Author: | hege [ 05 Nov 2010 12:16 ] |
| Post subject: | Re: Virus thorugh FTP not detected |
ftp:// urls are supported if there is a Squid after HAVP handling it. Did you try to download all the files and clamscan manually? If ClamAV doesn't detect it that way, of course HAVP doesn't either.. |
|
| Page 1 of 1 | All times are UTC + 2 hours [ DST ] |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|