Discussion:
[clamav-users] ERROR 403: Forbidden
Jon Roberts
2018-08-28 10:17:02 UTC
Permalink
Hi Guys,


I have a cPanel server that has been failing to update virus definitions etc for the last few days whether it be from the daily cron job or even if I try to download manually.


From the troubled server:


wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
Connecting to database.clamav.net|104.16.189.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 11:14:43 ERROR 403: Forbidden.

From another server on the same network:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
Connecting to database.clamav.net|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34736938 (33M) [application/octet-stream]
Saving to: `main-55.cdiff'

100%[========================================================>] 34,736,938 18.3M/s in 1.8s

2018-08-28 11:16:17 (18.3 MB/s) - `main-55.cdiff' saved [34736938/34736938]

Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?

Regards, Jon
Maarten Broekman
2018-08-28 10:24:04 UTC
Permalink
> On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net> wrote:
>
> From the troubled server:
>
> wget http://database.clamav.net/main-55.cdiff
> --2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
> Resolving database.clamav.net... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
> Connecting to database.clamav.net|104.16.189.138|:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 2018-08-28 11:14:43 ERROR 403: Forbidden.
>
> From another server on the same network:
>
> wget http://database.clamav.net/main-55.cdiff
> --2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
> Resolving database.clamav.net... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
> Connecting to database.clamav.net|104.16.188.138|:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 34736938 (33M) [application/octet-stream]
> Saving to: `main-55.cdiff'
>
>

It seems like those machines are contacting two different IP addresses. The failure situation happened on 104.16.189.138 which the success situation had 188 in the third octet (104.16.188.138). Are you sure that the second machine was able to contact the 189 address successfully? Or that the first machine was also getting an error on the 188 address?

> Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?
>
> Regards, Jon
>
> _______________________________________________
> clamav-users mailing list
> clamav-***@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
Jon Roberts
2018-08-28 10:33:49 UTC
Permalink
I've modified the conf file to use the same IP that the other server used, no dice still:


Retrieving http://104.16.188.138/main.cvd
Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
WARNING: getfile: Unknown response from 104.16.188.138 (IP: 104.16.188.138)
WARNING: Can't download main.cvd from 104.16.188.138

(different error/response as I'm, having to use the normal update method to ensure it uses the correct IP)


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net> on behalf of Maarten Broekman <***@gmail.com>
Sent: 28 August 2018 11:24
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden


On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:


From the troubled server:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.189.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 11:14:43 ERROR 403: Forbidden.

From another server on the same network:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34736938 (33M) [application/octet-stream]
Saving to: `main-55.cdiff'



It seems like those machines are contacting two different IP addresses. The failure situation happened on 104.16.189.138 which the success situation had 188 in the third octet (104.16.188.138). Are you sure that the second machine was able to contact the 189 address successfully? Or that the first machine was also getting an error on the 188 address?

Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?

Regards, Jon


_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Maarten Broekman
2018-08-28 12:16:08 UTC
Permalink
Gotcha. Yeah, the error is because those are CloudFlare IPs and direct IP
access doesn't work (I just tried it myself). It could be a problem with
that one particular IP then.

I tried by name and was successful in downloads from 188 and 186. I haven't
been directed to 189 IP address.

On the machine that failed, can you set an entry in the hosts file to force
database.clamav.net to the 188 IP address temporarily?

--Maarten


On Tue, Aug 28, 2018 at 6:34 AM Jon Roberts <***@racksrv.net> wrote:

> I've modified the conf file to use the same IP that the other server used,
> no dice still:
>
>
> Retrieving http://104.16.188.138/main.cvd
> Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
> WARNING: getfile: Unknown response from 104.16.188.138 (IP: 104.16.188.138)
> WARNING: Can't download main.cvd from 104.16.188.138
>
> (different error/response as I'm, having to use the normal update method
> to ensure it uses the correct IP)
>
>
>
> ------------------------------
> *From:* clamav-users <clamav-users-***@lists.clamav.net> on behalf of
> Maarten Broekman <***@gmail.com>
> *Sent:* 28 August 2018 11:24
> *To:* ClamAV users ML
> *Subject:* Re: [clamav-users] ERROR 403: Forbidden
>
>
> On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net> wrote:
>
> From the troubled server:
>
> wget http://database.clamav.net/main-55.cdiff
> --2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
> Resolving database.clamav.net... 104.16.189.138, 104.16.187.138,
> 104.16.188.138, ...
> Connecting to database.clamav.net|104.16.189.138|:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 2018-08-28 11:14:43 ERROR 403: Forbidden.
>
> From another server on the same network:
>
> wget http://database.clamav.net/main-55.cdiff
> --2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
> Resolving database.clamav.net... 104.16.188.138, 104.16.185.138,
> 104.16.186.138, ...
> Connecting to database.clamav.net|104.16.188.138|:80... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 34736938 (33M) [application/octet-stream]
> Saving to: `main-55.cdiff'
>
>
>
> It seems like those machines are contacting two different IP addresses.
> The failure situation happened on 104.16.189.138 which the success
> situation had 188 in the third octet (104.16.188.138). Are you sure that
> the second machine was able to contact the 189 address successfully? Or
> that the first machine was also getting an error on the 188 address?
>
> Any ideas? It looks like we're getting blocked but I'm not sure who to
> contact to have the issue rectified?
>
> Regards, Jon
>
> _______________________________________________
> clamav-users mailing list
> clamav-***@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
> _______________________________________________
> clamav-users mailing list
> clamav-***@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
Jon Roberts
2018-08-28 12:38:58 UTC
Permalink
Good idea but still no dice, it does seem like Cloudflare is blocking the connection don't you think?


$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:11-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net... 104.16.188.138
Connecting to database.clamav.net|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:11 ERROR 403: Forbidden.

$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:49-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net... 104.16.186.138
Connecting to database.clamav.net|104.16.186.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:49 ERROR 403: Forbidden.


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net> on behalf of Maarten Broekman <***@gmail.com>
Sent: 28 August 2018 13:16
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

Gotcha. Yeah, the error is because those are CloudFlare IPs and direct IP access doesn't work (I just tried it myself). It could be a problem with that one particular IP then.

I tried by name and was successful in downloads from 188 and 186. I haven't been directed to 189 IP address.

On the machine that failed, can you set an entry in the hosts file to force database.clamav.net<http://database.clamav.net> to the 188 IP address temporarily?

--Maarten


On Tue, Aug 28, 2018 at 6:34 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

I've modified the conf file to use the same IP that the other server used, no dice still:


Retrieving http://104.16.188.138/main.cvd
Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
WARNING: getfile: Unknown response from 104.16.188.138 (IP: 104.16.188.138)
WARNING: Can't download main.cvd from 104.16.188.138

(different error/response as I'm, having to use the normal update method to ensure it uses the correct IP)


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 11:24
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden


On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:


From the troubled server:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.189.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 11:14:43 ERROR 403: Forbidden.

From another server on the same network:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34736938 (33M) [application/octet-stream]
Saving to: `main-55.cdiff'



It seems like those machines are contacting two different IP addresses. The failure situation happened on 104.16.189.138 which the success situation had 188 in the third octet (104.16.188.138). Are you sure that the second machine was able to contact the 189 address successfully? Or that the first machine was also getting an error on the 188 address?

Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?

Regards, Jon


_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Maarten Broekman
2018-08-28 13:02:03 UTC
Permalink
Yeah. One thing that might help is getting the full output of the error.

Using the following will dump the resulting HTML to your terminal and
hopefully it will give you more information on the error.
$ curl -Lvvvv http://database.clamav.net/main-55.cdiff

At that point, the ClamAV team might be able to give you more help.

--Maarten


On Tue, Aug 28, 2018 at 8:39 AM Jon Roberts <***@racksrv.net> wrote:

> Good idea but still no dice, it does seem like Cloudflare is blocking the
> connection don't you think?
>
>
> $ wget http://database.clamav.net/main-55.cdiff
> --2018-08-28 13:37:11-- http://database.clamav.net/main-55.cdiff
> Resolving database.clamav.net... 104.16.188.138
> Connecting to database.clamav.net|104.16.188.138|:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 2018-08-28 13:37:11 ERROR 403: Forbidden.
>
> $ wget http://database.clamav.net/main-55.cdiff
> --2018-08-28 13:37:49-- http://database.clamav.net/main-55.cdiff
> Resolving database.clamav.net... 104.16.186.138
> Connecting to database.clamav.net|104.16.186.138|:80... connected.
> HTTP request sent, awaiting response... 403 Forbidden
> 2018-08-28 13:37:49 ERROR 403: Forbidden.
>
>
> ------------------------------
> *From:* clamav-users <clamav-users-***@lists.clamav.net> on behalf of
> Maarten Broekman <***@gmail.com>
> *Sent:* 28 August 2018 13:16
> *To:* ClamAV users ML
> *Subject:* Re: [clamav-users] ERROR 403: Forbidden
>
> Gotcha. Yeah, the error is because those are CloudFlare IPs and direct IP
> access doesn't work (I just tried it myself). It could be a problem with
> that one particular IP then.
>
> I tried by name and was successful in downloads from 188 and 186. I
> haven't been directed to 189 IP address.
>
> On the machine that failed, can you set an entry in the hosts file to
> force database.clamav.net to the 188 IP address temporarily?
>
> --Maarten
>
>
> On Tue, Aug 28, 2018 at 6:34 AM Jon Roberts <***@racksrv.net> wrote:
>
>> I've modified the conf file to use the same IP that the other server
>> used, no dice still:
>>
>>
>> Retrieving http://104.16.188.138/main.cvd
>> Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
>> WARNING: getfile: Unknown response from 104.16.188.138 (IP:
>> 104.16.188.138)
>> WARNING: Can't download main.cvd from 104.16.188.138
>>
>> (different error/response as I'm, having to use the normal update method
>> to ensure it uses the correct IP)
>>
>>
>>
>> ------------------------------
>> *From:* clamav-users <clamav-users-***@lists.clamav.net> on behalf
>> of Maarten Broekman <***@gmail.com>
>> *Sent:* 28 August 2018 11:24
>> *To:* ClamAV users ML
>> *Subject:* Re: [clamav-users] ERROR 403: Forbidden
>>
>>
>> On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net> wrote:
>>
>> From the troubled server:
>>
>> wget http://database.clamav.net/main-55.cdiff
>> --2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
>> Resolving database.clamav.net... 104.16.189.138, 104.16.187.138,
>> 104.16.188.138, ...
>> Connecting to database.clamav.net|104.16.189.138|:80... connected.
>> HTTP request sent, awaiting response... 403 Forbidden
>> 2018-08-28 11:14:43 ERROR 403: Forbidden.
>>
>> From another server on the same network:
>>
>> wget http://database.clamav.net/main-55.cdiff
>> --2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
>> Resolving database.clamav.net... 104.16.188.138, 104.16.185.138,
>> 104.16.186.138, ...
>> Connecting to database.clamav.net|104.16.188.138|:80... connected.
>> HTTP request sent, awaiting response... 200 OK
>> Length: 34736938 (33M) [application/octet-stream]
>> Saving to: `main-55.cdiff'
>>
>>
>>
>> It seems like those machines are contacting two different IP addresses.
>> The failure situation happened on 104.16.189.138 which the success
>> situation had 188 in the third octet (104.16.188.138). Are you sure that
>> the second machine was able to contact the 189 address successfully? Or
>> that the first machine was also getting an error on the 188 address?
>>
>> Any ideas? It looks like we're getting blocked but I'm not sure who to
>> contact to have the issue rectified?
>>
>> Regards, Jon
>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-***@lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-***@lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
> _______________________________________________
> clamav-users mailing list
> clamav-***@lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
Joel Esler (jesler)
2018-08-28 13:28:45 UTC
Permalink
You’re going to have to send me the IP that is getting blocked so I can look into why.

Sent from my iPhone

On Aug 28, 2018, at 09:03, Maarten Broekman <***@gmail.com<mailto:***@gmail.com>> wrote:

Yeah. One thing that might help is getting the full output of the error.

Using the following will dump the resulting HTML to your terminal and hopefully it will give you more information on the error.
$ curl -Lvvvv http://database.clamav.net/main-55.cdiff

At that point, the ClamAV team might be able to give you more help.

--Maarten


On Tue, Aug 28, 2018 at 8:39 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

Good idea but still no dice, it does seem like Cloudflare is blocking the connection don't you think?


$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:11-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.188.138
Connecting to database.clamav.net<http://database.clamav.net>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:11 ERROR 403: Forbidden.

$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:49-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.186.138
Connecting to database.clamav.net<http://database.clamav.net>|104.16.186.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:49 ERROR 403: Forbidden.


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 13:16
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

Gotcha. Yeah, the error is because those are CloudFlare IPs and direct IP access doesn't work (I just tried it myself). It could be a problem with that one particular IP then.

I tried by name and was successful in downloads from 188 and 186. I haven't been directed to 189 IP address.

On the machine that failed, can you set an entry in the hosts file to force database.clamav.net<http://database.clamav.net> to the 188 IP address temporarily?

--Maarten


On Tue, Aug 28, 2018 at 6:34 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

I've modified the conf file to use the same IP that the other server used, no dice still:


Retrieving http://104.16.188.138/main.cvd
Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
WARNING: getfile: Unknown response from 104.16.188.138 (IP: 104.16.188.138)
WARNING: Can't download main.cvd from 104.16.188.138

(different error/response as I'm, having to use the normal update method to ensure it uses the correct IP)


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 11:24
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden


On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:


From the troubled server:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.189.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 11:14:43 ERROR 403: Forbidden.

From another server on the same network:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34736938 (33M) [application/octet-stream]
Saving to: `main-55.cdiff'



It seems like those machines are contacting two different IP addresses. The failure situation happened on 104.16.189.138 which the success situation had 188 in the third octet (104.16.188.138). Are you sure that the second machine was able to contact the 189 address successfully? Or that the first machine was also getting an error on the 188 address?

Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?

Regards, Jon


_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Jon Roberts
2018-08-28 13:31:14 UTC
Permalink
Hi Joel,


The seemingly blocked IP is 213.5.176.169


Regards, Jon

________________________________
From: clamav-users <clamav-users-***@lists.clamav.net> on behalf of Joel Esler (jesler) <***@cisco.com>
Sent: 28 August 2018 14:28
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

You’re going to have to send me the IP that is getting blocked so I can look into why.

Sent from my iPhone

On Aug 28, 2018, at 09:03, Maarten Broekman <***@gmail.com<mailto:***@gmail.com>> wrote:

Yeah. One thing that might help is getting the full output of the error.

Using the following will dump the resulting HTML to your terminal and hopefully it will give you more information on the error.
$ curl -Lvvvv http://database.clamav.net/main-55.cdiff

At that point, the ClamAV team might be able to give you more help.

--Maarten


On Tue, Aug 28, 2018 at 8:39 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

Good idea but still no dice, it does seem like Cloudflare is blocking the connection don't you think?


$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:11-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.188.138
Connecting to database.clamav.net<http://database.clamav.net>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:11 ERROR 403: Forbidden.

$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:49-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.186.138
Connecting to database.clamav.net<http://database.clamav.net>|104.16.186.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:49 ERROR 403: Forbidden.


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 13:16
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

Gotcha. Yeah, the error is because those are CloudFlare IPs and direct IP access doesn't work (I just tried it myself). It could be a problem with that one particular IP then.

I tried by name and was successful in downloads from 188 and 186. I haven't been directed to 189 IP address.

On the machine that failed, can you set an entry in the hosts file to force database.clamav.net<http://database.clamav.net> to the 188 IP address temporarily?

--Maarten


On Tue, Aug 28, 2018 at 6:34 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

I've modified the conf file to use the same IP that the other server used, no dice still:


Retrieving http://104.16.188.138/main.cvd
Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
WARNING: getfile: Unknown response from 104.16.188.138 (IP: 104.16.188.138)
WARNING: Can't download main.cvd from 104.16.188.138

(different error/response as I'm, having to use the normal update method to ensure it uses the correct IP)


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 11:24
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden


On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:


From the troubled server:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.189.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 11:14:43 ERROR 403: Forbidden.

From another server on the same network:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net>... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
Connecting to database.clamav.net<http://database.clamav.net>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34736938 (33M) [application/octet-stream]
Saving to: `main-55.cdiff'



It seems like those machines are contacting two different IP addresses. The failure situation happened on 104.16.189.138 which the success situation had 188 in the third octet (104.16.188.138). Are you sure that the second machine was able to contact the 189 address successfully? Or that the first machine was also getting an error on the 188 address?

Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?

Regards, Jon


_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Joel Esler (jesler)
2018-08-29 19:07:08 UTC
Permalink
Try now?

On Aug 28, 2018, at 9:31 AM, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

Hi Joel,

The seemingly blocked IP is 213.5.176.169

Regards, Jon

________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Joel Esler (jesler) <***@cisco.com<mailto:***@cisco.com>>
Sent: 28 August 2018 14:28
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

You’re going to have to send me the IP that is getting blocked so I can look into why.

Sent from my iPhone

On Aug 28, 2018, at 09:03, Maarten Broekman <***@gmail.com<mailto:***@gmail.com>> wrote:

Yeah. One thing that might help is getting the full output of the error.

Using the following will dump the resulting HTML to your terminal and hopefully it will give you more information on the error.
$ curl -Lvvvv http://database.clamav.net/main-55.cdiff

At that point, the ClamAV team might be able to give you more help.

--Maarten


On Tue, Aug 28, 2018 at 8:39 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:
Good idea but still no dice, it does seem like Cloudflare is blocking the connection don't you think?


$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:11-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.188.138
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:11 ERROR 403: Forbidden.

$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:49-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.186.138
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.186.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:49 ERROR 403: Forbidden.


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 13:16
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

Gotcha. Yeah, the error is because those are CloudFlare IPs and direct IP access doesn't work (I just tried it myself). It could be a problem with that one particular IP then.

I tried by name and was successful in downloads from 188 and 186. I haven't been directed to 189 IP address.

On the machine that failed, can you set an entry in the hosts file to force database.clamav.net<http://database.clamav.net/> to the 188 IP address temporarily?

--Maarten


On Tue, Aug 28, 2018 at 6:34 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:
I've modified the conf file to use the same IP that the other server used, no dice still:


Retrieving http://104.16.188.138/main.cvd
Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
WARNING: getfile: Unknown response from 104.16.188.138 (IP: 104.16.188.138)
WARNING: Can't download main.cvd from 104.16.188.138

(different error/response as I'm, having to use the normal update method to ensure it uses the correct IP)


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 11:24
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden


On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

From the troubled server:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.189.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 11:14:43 ERROR 403: Forbidden.

From another server on the same network:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34736938 (33M) [application/octet-stream]
Saving to: `main-55.cdiff'



It seems like those machines are contacting two different IP addresses. The failure situation happened on 104.16.189.138 which the success situation had 188 in the third octet (104.16.188.138). Are you sure that the second machine was able to contact the 189 address successfully? Or that the first machine was also getting an error on the 188 address?

Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?

Regards, Jon


_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Jon Roberts
2018-08-29 20:33:20 UTC
Permalink
Sadly not:


/usr/local/cpanel/3rdparty/bin/freshclam --verbose
Current working dir is /usr/local/cpanel/3rdparty/share/clamav
Max retries == 3
ClamAV update process started at Wed Aug 29 21:32:41 2018
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1520
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Retrieving http://database.clamav.net/main.cvd
Trying to download http://database.clamav.net/main.cvd (IP: 104.16.187.138)
WARNING: getfile: Unknown response from database.clamav.net (IP: 104.16.187.138)
WARNING: Can't download main.cvd from database.clamav.net
Querying main.0.91.0.0.6810BB8A.ping.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 29 21:32:46 2018
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1515
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Retrieving http://database.clamav.net/main.cvd
Trying to download http://database.clamav.net/main.cvd (IP: 104.16.186.138)
WARNING: getfile: Unknown response from database.clamav.net (IP: 104.16.186.138)
WARNING: Can't download main.cvd from database.clamav.net
Querying main.0.91.0.0.6810BA8A.ping.clamav.net
Trying again in 5 secs...
ClamAV update process started at Wed Aug 29 21:32:51 2018
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1510
Software version from DNS: 0.100.1
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.100.0 Recommended version: 0.100.1
DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Retrieving http://database.clamav.net/main.cvd
Trying to download http://database.clamav.net/main.cvd (IP: 104.16.188.138)
ERROR: getfile: Unknown response from database.clamav.net (IP: 104.16.188.138)
ERROR: Can't download main.cvd from database.clamav.net
Querying main.0.91.0.0.6810BC8A.ping.clamav.net
Giving up on database.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in /usr/local/cpanel/3rdparty/etc/freshclam.conf is working. Check https://www.clamav.net/documents/official-mirror-faq for possible reasons.


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net> on behalf of Joel Esler (jesler) <***@cisco.com>
Sent: 29 August 2018 20:07
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

Try now?

On Aug 28, 2018, at 9:31 AM, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

Hi Joel,

The seemingly blocked IP is 213.5.176.169

Regards, Jon

________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Joel Esler (jesler) <***@cisco.com<mailto:***@cisco.com>>
Sent: 28 August 2018 14:28
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

You’re going to have to send me the IP that is getting blocked so I can look into why.

Sent from my iPhone

On Aug 28, 2018, at 09:03, Maarten Broekman <***@gmail.com<mailto:***@gmail.com>> wrote:

Yeah. One thing that might help is getting the full output of the error.

Using the following will dump the resulting HTML to your terminal and hopefully it will give you more information on the error.
$ curl -Lvvvv http://database.clamav.net/main-55.cdiff

At that point, the ClamAV team might be able to give you more help.

--Maarten


On Tue, Aug 28, 2018 at 8:39 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:
Good idea but still no dice, it does seem like Cloudflare is blocking the connection don't you think?


$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:11-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.188.138
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:11 ERROR 403: Forbidden.

$ wget http://database.clamav.net/main-55.cdiff
--2018-08-28 13:37:49-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.186.138
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.186.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 13:37:49 ERROR 403: Forbidden.


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 13:16
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden

Gotcha. Yeah, the error is because those are CloudFlare IPs and direct IP access doesn't work (I just tried it myself). It could be a problem with that one particular IP then.

I tried by name and was successful in downloads from 188 and 186. I haven't been directed to 189 IP address.

On the machine that failed, can you set an entry in the hosts file to force database.clamav.net<http://database.clamav.net/> to the 188 IP address temporarily?

--Maarten


On Tue, Aug 28, 2018 at 6:34 AM Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:
I've modified the conf file to use the same IP that the other server used, no dice still:


Retrieving http://104.16.188.138/main.cvd
Trying to download http://104.16.188.138/main.cvd (IP: 104.16.188.138)
WARNING: getfile: Unknown response from 104.16.188.138 (IP: 104.16.188.138)
WARNING: Can't download main.cvd from 104.16.188.138

(different error/response as I'm, having to use the normal update method to ensure it uses the correct IP)


________________________________
From: clamav-users <clamav-users-***@lists.clamav.net<mailto:clamav-users-***@lists.clamav.net>> on behalf of Maarten Broekman <***@gmail.com<mailto:***@gmail.com>>
Sent: 28 August 2018 11:24
To: ClamAV users ML
Subject: Re: [clamav-users] ERROR 403: Forbidden


On Aug 28, 2018, at 06:17, Jon Roberts <***@racksrv.net<mailto:***@racksrv.net>> wrote:

From the troubled server:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:14:43-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.189.138, 104.16.187.138, 104.16.188.138, ...
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.189.138|:80... connected.
HTTP request sent, awaiting response... 403 Forbidden
2018-08-28 11:14:43 ERROR 403: Forbidden.

From another server on the same network:

wget http://database.clamav.net/main-55.cdiff
--2018-08-28 11:16:15-- http://database.clamav.net/main-55.cdiff
Resolving database.clamav.net<http://database.clamav.net/>... 104.16.188.138, 104.16.185.138, 104.16.186.138, ...
Connecting to database.clamav.net<http://database.clamav.net/>|104.16.188.138|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34736938 (33M) [application/octet-stream]
Saving to: `main-55.cdiff'



It seems like those machines are contacting two different IP addresses. The failure situation happened on 104.16.189.138 which the success situation had 188 in the third octet (104.16.188.138). Are you sure that the second machine was able to contact the 189 address successfully? Or that the first machine was also getting an error on the 188 address?

Any ideas? It looks like we're getting blocked but I'm not sure who to contact to have the issue rectified?

Regards, Jon


_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
_______________________________________________
clamav-users mailing list
clamav-***@lists.clamav.net<mailto:clamav-***@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml
Continue reading on narkive:
Loading...