PaulDotCom mailing list archives
Re: Clamav hacking
From: Nathan Gibbs <nathan () cmpublishers com>
Date: Tue, 06 Sep 2011 10:17:42 -0400
On 9/6/2011 6:43 AM, Joel Esler wrote:
On Sep 5, 2011, at 9:04 PM, Nathan Gibbs wrote:On 9/5/2011 7:21 PM, Joel Esler wrote:I would love anything interesting regarding hacking a network instance of ClamAV! -- Joel Esler Sourcefire OpenSource Community Manager: Snort, ClamAV, Daemonlogger, and Razorback ;)LOL Joel, you already know what my ideas are. We will get there, but lets let some people smarter than me, you included, weigh in.Actually, I don't. Did I miss a thread?
OK, I thought you had read what I put on the clamav-users list and / or the Clamav Bugzilla and were just messing with me. :-) There is bug 2727 which I found in April. Although it seems to be a local issue, depending on the update system being used, it could be remotely triggered. Then there is the network access control issue. In July we released a simple tool called Clambake. A tool for enumerating, stress testing, and/or shutting down instances of the Clam Antivirus service on a network. http://www.cmpublishers.com/oss/#clambake Check out this thread to see more of my thoughts on this issue. Clamav-users thread "Clamd network access control" Started 7-22-2011 I am more interested in what others here think than about promoting our "super cool leet haxor tool". Seriously, its neither super, cool, leet , or haxor. Although it was fun to build and trash our Clamav infrastructure with.. :-) I'm not much of a security researcher or coder, but if I can find these issues, than there must be other issues that are far worse. What do those smarter than myself think? -- Sincerely, Nathan Gibbs Systems Administrator Christ Media http://www.cmpublishers.com
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Clamav hacking Nathan Gibbs (Sep 05)
- Re: Clamav hacking Joel Esler (Sep 05)
- Re: Clamav hacking Nathan Gibbs (Sep 05)
- Re: Clamav hacking Jim Halfpenny (Sep 06)
- Re: Clamav hacking Joel Esler (Sep 06)
- Re: Clamav hacking Nathan Gibbs (Sep 06)
- Re: Clamav hacking Joel Esler (Sep 06)
- Re: Clamav hacking Nathan Gibbs (Sep 06)
- Re: Clamav hacking Nathan Gibbs (Sep 05)
- Re: Clamav hacking Joel Esler (Sep 05)