10:56:29

#dpkg -L clamav-milter | grep usr

/usr
/usr/share
/usr/share/man
/usr/share/man/man8
/usr/share/man/man8/clamav-milter.8.gz
/usr/share/doc
/usr/share/doc/clamav-milter
/usr/share/doc/clamav-milter/changelog.Debian.gz
/usr/share/doc/clamav-milter/copyright
/usr/share/doc/clamav-milter/examples
...
/usr/share/doc/clamav-milter/changelog.gz
/usr/share/bug
/usr/share/bug/clamav-milter
/usr/share/bug/clamav-milter/script
/usr/sbin
/usr/sbin/clamav-milter
/usr/share/doc/clamav-milter/AUTHORS
/usr/share/doc/clamav-milter/BUGS
/usr/share/doc/clamav-milter/README.gz
/usr/share/doc/clamav-milter/FAQ

10:56:48

l3script: syntax error near unexpected token `newline'

10:57:30

#Default: Quarantine

10:57:30

#dpkg -L clamav-milter | grep usr

"/etc/clamav/clamav-milter.conf" 27L, 732C
 13 OnInfected Quarantine
 14 OnFail Defer
 15 AddHeader Replace
 16 LogSyslog false
 17 LogFacility LOG_LOCAL6
               Defer
 18 #OnInfected Quarantine
    OnFail Defer
 19 AddHeader Replace
      gSyslog false
 20 MagFacility LOG_LOCAL6
      gVerbose false
 21 LogInfected Offory /tmp
    MaxFileSize 25M
 22 TemporaryDirectory /tmp
      gFile /var/log/clamav/clamav-milter.log
"/etc/clamav/clamav-milter.conf" 28L, 750C записано

10:57:53

#/etc/init.d/clamav-milter restart

Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Starting Sendmail milter plugin for ClamAV: clamav-milter.

10:58:03

#mutt

---Mutt: /var/mail/root [Msgs:1 12K]---(threads/date)-------------------(all)---
Почтовый ящик не изменился.

10:58:47

#less /var/log/mail.log

10:59:12

#etc/clamav/clamav-milter.conf

155 # - Quarantine (not available for OnFail)
156 #   Like Accept but message is quarantined instead of being delivered
157 #
158 # NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ
159 # For Postfix this causes the message to be placed on hold
160 #
161 # Action to be performed on clean messages (mostly useful for testing)
162 # Default: Accept
163 #OnClean Accept
164
165 # Action to be performed on infected messages

11:00:50

#Default: Quarantine

"/etc/clamav/clamav-milter.conf" 28L, 750C
 13 OnInfected Defer
 14 #OnInfected Quarantine
 15 OnFail Defer
 16 AddHeader Replace
 17 LogSyslog false
               Blackhole
 18 LogFacility LOG_LOCAL6
 19 LogVerbose false
 20 LogInfected Off
 21 MaxFileSize 25M
 22 TemporaryDirectory /tmp
"/etc/clamav/clamav-milter.conf" 28L, 754C записано

11:01:04

#less /var/log/mail.log

11:01:16

#less /var/log/mail.log

11:02:29

#Default: Quarantine

11:02:30

#mutt

"/etc/clamav/clamav-milter.conf" 28L, 754C
 13 OnInfected Blackhole
 14 #OnInfected Quarantine
 15 OnFail Defer
 16 AddHeader Replace
 17 LogSyslog false
               Reject
 18 LogFacility LOG_LOCAL6
 19 LogVerbose false
 20 LogInfected Off
 21 MaxFileSize 25M
 22 TemporaryDirectory /tmp
"/etc/clamav/clamav-milter.conf" 28L, 751C записано

11:02:38

#mutt

                     /etc/init.d/clamav-milter restart
Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Starting Sendmail milter plugin for ClamAV: clamav-milter.

11:02:45

#mutt

                     tail -f /var/log/mail.log
Jun 18 12:01:47 debian4 spamd[13536]: plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/bayes.lock.debian4.sergey.net.nt.13536 for /root/.spamassassin/bayes.lock: Отказано в доступе
Jun 18 12:01:47 debian4 spamd[13536]: spamd: clean message (-1.0/1.0) for root:65534 in 0.1 seconds, 2005 bytes.
Jun 18 12:01:47 debian4 spamd[13536]: spamd: result: . 0 - ALL_TRUSTED,TVD_SPACE_RATIO scantime=0.1,size=2005,user=root,uid=65534,required_score=1.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=35564,mid=<20100618085947.GA27454@debian1.mike.net.nt>,autolearn=unavailable
Jun 18 12:01:47 debian4 sm-mta[16997]: o5I91kM8016997: Milter add: header: X-Spam-Status: No, score=-1.0 required=1.0 tests=ALL_TRUSTED,TVD_SPACE_RATIO\n\tautolearn=unavailable version=3.3.1
Jun 18 12:01:47 debian4 sm-mta[16997]: o5I91kM8016997: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on\n\tdebian4.sergey.net.nt
Jun 18 12:01:47 debian4 sm-mta[16997]: o5I91kM8016997: Milter add: header: X-Virus-Scanned: clamav-milter 0.96.1 at debian4
Jun 18 12:01:47 debian4 sm-mta[16997]: o5I91kM8016997: Milter add: header: X-Virus-Status: Infected (ClamAV-Test-File)
Jun 18 12:01:47 debian4 sm-mta[16997]: o5I91kM8016997: Milter: data, discard
Jun 18 12:01:47 debian4 sm-mta[16997]: o5I91kM8016997: discarded
...
Jun 18 12:03:14 debian4 spamd[13536]: spamd: result: . 0 - ALL_TRUSTED,TVD_SPACE_RATIO scantime=0.1,size=2002,user=root,uid=65534,required_score=1.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=35569,mid=<20100618090113.GB27454@debian1.mike.net.nt>,autolearn=unavailable
Jun 18 12:03:14 debian4 sm-mta[17449]: o5I93Dj8017449: Milter add: header: X-Spam-Status: No, score=-1.0 required=1.0 tests=ALL_TRUSTED,TVD_SPACE_RATIO\n\tautolearn=unavailable version=3.3.1
Jun 18 12:03:14 debian4 sm-mta[17449]: o5I93Dj8017449: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on\n\tdebian4.sergey.net.nt
Jun 18 12:03:14 debian4 sm-mta[17449]: o5I93Dj8017449: Milter add: header: X-Virus-Scanned: clamav-milter 0.96.1 at debian4
Jun 18 12:03:14 debian4 sm-mta[17449]: o5I93Dj8017449: Milter add: header: X-Virus-Status: Infected (ClamAV-Test-File)
Jun 18 12:03:14 debian4 sm-mta[17449]: o5I93Dj8017449: Milter: data, reject=554 5.7.1 Command rejected
Jun 18 12:03:14 debian4 sm-mta[17449]: o5I93Dj8017449: to=<root@sergey.net.nt>, delay=00:00:00, pri=31676, stat=Command rejected
Jun 18 12:03:14 debian4 spamd[13528]: prefork: child states: II
q
^C

11:03:47

#mutt

Con                                                                            a
has been attached to this so you can view it (if it isn't spam) or label viagra
similar future email.  If you have any questions, see
                                                                      ra viagra
@@CONTACT_ADDRESS@@ for details.  *****SPAM***** ne spam                -- (10%)
                                                                         viagra
                                                     iagra viagra viagra viagra
Con                                                                            a
                                iagra viagra viagra viagra viagra viagra viagra-
   viagra viagra viagra viagra viagra viagra viagra viagra viagra viagra viagra
    - 1/1: root                   *****SPAM***** ne spam                -- (10%)
 --Mutt: /var/mail/root [Msgs:1 12K]---(threads/date)-------------------(all)---
Почтовый ящик не изменился.

11:03:53

#etc/clamav/clamav-milter.conf

"/etc/clamav/clamav-milter.conf" 28L, 751C
 13 OnInfected Reject
 14 #OnInfected Quarantine
 15 OnFail Defer
 16 AddHeader Replace
 17 LogSyslog false
               Accept
 18 LogFacility LOG_LOCAL6
 19 LogVerbose false
 20 LogInfected Off
 21 MaxFileSize 25M
 22 TemporaryDirectory /tmp
"/etc/clamav/clamav-milter.conf" 28L, 751C записано

11:05:03

#mutt

[-- Вложение #1 --]
   2     Jun 18 root            (  25) test
                           am.exe --]
[-- Тип: application/x-msdos-program, кодировка: base64, размер: 0,7K --]
Content-Disposition: attachment; filename="clam.exe"
                                                                        -- (84%)
   2     Jun 18 root            (  25) test
 *-Mutt: /var/mail/root [Msgs:2 14K]---(threads/date)-------------------(all)---
Оставлено: 2, удалено: 0.

11:06:31

#etc/clamav/clamav-milter.conf

"/etc/clamav/clamav-milter.conf" 28L, 751C
 13 OnInfected Accept
 14 #OnInfected Quarantine
 15 OnFail Defer
 16 AddHeader Replace
 17 LogSyslog false
    #OnInfected Accept
 18 OnInfected Quarantine
 19 LogVerbose false
 20 LogInfected Off
 21 MaxFileSize 25M
 22 TemporaryDirectory /tmp
"/etc/clamav/clamav-milter.conf" 28L, 751C записано

11:06:58

#etc/clamav/clamav-milter.conf

                     /etc/init.d/clamav-milter restart
Stopping Sendmail milter plugin for ClamAV: clamav-milter.
Starting Sendmail milter plugin for ClamAV: clamav-milter.

11:07:11

#tail -f /var/log/mail.log

Jun 18 12:04:54 debian4 spamd[13536]: spamd: processing message <20100618090254.GC27454@debian1.mike.net.nt> for root:65534
Jun 18 12:04:55 debian4 spamd[13536]: plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot create tmp lockfile /root/.spamassassin/bayes.lock.debian4.sergey.net.nt.13536 for /root/.spamassassin/bayes.lock: Отказано в доступе
Jun 18 12:04:55 debian4 spamd[13536]: spamd: clean message (-1.0/1.0) for root:65534 in 1.4 seconds, 2002 bytes.
Jun 18 12:04:55 debian4 spamd[13536]: spamd: result: . -1 - ALL_TRUSTED scantime=1.4,size=2002,user=root,uid=65534,required_score=1.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=35572,mid=<20100618090254.GC27454@debian1.mike.net.nt>,autolearn=unavailable
Jun 18 12:04:55 debian4 sm-mta[17893]: o5I94r9R017893: Milter add: header: X-Spam-Status: No, score=-1.0 required=1.0 tests=ALL_TRUSTED\n\tautolearn=unavailable version=3.3.1
Jun 18 12:04:55 debian4 sm-mta[17893]: o5I94r9R017893: Milter add: header: X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on\n\tdebian4.sergey.net.nt
Jun 18 12:04:55 debian4 sm-mta[17893]: o5I94r9R017893: Milter add: header: X-Virus-Scanned: clamav-milter 0.96.1 at debian4
Jun 18 12:04:55 debian4 sm-mta[17893]: o5I94r9R017893: Milter add: header: X-Virus-Status: Infected (ClamAV-Test-File)
Jun 18 12:04:56 debian4 sm-mta[17897]: o5I94r9R017893: to=<root@sergey.net.nt>, delay=00:00:02, xdelay=00:00:01, mailer=local, pri=32163, dsn=2.0.0, stat=Sent
Jun 18 12:04:56 debian4 spamd[13528]: prefork: child states: II
^C

11:07:30

#freshclam

ClamAV update process started at Fri Jun 18 12:07:34 2010
main.cvd is up to date (version: 52, sigs: 704727, f-level: 44, builder: sven)
daily.cvd is up to date (version: 11212, sigs: 96650, f-level: 51, builder: ccordes)
bytecode.cvd is up to date (version: 26, sigs: 3, f-level: 51, builder: nervous)

11:25:37

#apt-cache search stun

autossh - Automatically restart SSH sessions and tunnels
libg3d-plugins - plugins for the LibG3D library
mew-beta-bin - external commands for Mew (development version)
mew-bin - external commands for Mew
micro-httpd - really small HTTP server
ssvnc - Enhanced TightVNC viewer with SSL/SSH tunnel helper
stun - Server daemon and test client for STUN
stunnel4 - Universal SSL tunnel for network daemons
stunnel - dummy upgrade package
systune - настройка ядра посредством файловой системы /proc
twinkle - передача голоса по IP-протоколу (VoIP) — SIP-телефон
nvidia-cg-toolkit - NVIDIA Cg Toolkit Installer

11:25:45

#apt-cache search stun

autossh - Automatically restart SSH sessions and tunnels
libg3d-plugins - plugins for the LibG3D library
mew-beta-bin - external commands for Mew (development version)
mew-bin - external commands for Mew
micro-httpd - really small HTTP server
ssvnc - Enhanced TightVNC viewer with SSL/SSH tunnel helper
stun - Server daemon and test client for STUN
stunnel4 - Universal SSL tunnel for network daemons
stunnel - dummy upgrade package
systune - настройка ядра посредством файловой системы /proc
twinkle - передача голоса по IP-протоколу (VoIP) — SIP-телефон
nvidia-cg-toolkit - NVIDIA Cg Toolkit Installer

11:26:24

#apt-cache show stun

Package: stun
Priority: optional
Section: net
Installed-Size: 176
Maintainer: Debian VoIP Team <pkg-voip-maintainers@lists.alioth.debian.org>
Architecture: i386
Version: 0.96.dfsg-5
Depends: libc6 (>= 2.6-1), libgcc1 (>= 1:4.2-20070516), libstdc++6 (>= 4.2-20070516)
Filename: pool/main/s/stun/stun_0.96.dfsg-5_i386.deb
Size: 41292
...
SHA256: ccb8fc9ad634b2ff98ebcc5d97eb2864df8a1c634109ef2fb641a7d2a2fb3a34
Description: Server daemon and test client for STUN
 The STUN protocol (Simple Traversal of UDP through NATs) is described in the
 IETF RFC 3489, available at http://www.ietf.org/rfc/rfc3489.txt.  It's used to
 help clients behind NAT to tunnel incoming calls through. This server is the
 counterpart to help the client identify the NAT and have it open the proper
 ports for it.
 .
  Homepage: http://www.vovida.org/applications/downloads/stun/
Tag: interface::commandline, interface::daemon, network::{client,server,service,vpn}, protocol::{ip,udp,voip}, role::program, scope::utility, use::transmission

11:26:28

#apt-cache show ptunnel

Package: ptunnel
Priority: optional
Section: net
Installed-Size: 140
Maintainer: Romain Beauxis <toots@rastageeks.org>
Architecture: i386
Version: 0.71-2
Depends: libc6 (>= 2.3.6-6~), libpcap0.8 (>= 0.9.8), libselinux1 (>= 1.32)
Filename: pool/main/p/ptunnel/ptunnel_0.71-2_i386.deb
Size: 54114
...
Description: Tunnel TCP connections over ICMP packets
 ptunnel is an application that allows you to reliably tunnel TCP
 connections to a remote host using ICMP echo request and reply
 packets, commonly known as ping requests and replies. It acts as
 a proxy and can handle sockets and secured identification.
 .
 Those features can be very handy when working in a closed networking
 environment with firewalls and proxies.
Homepage: http://www.cs.uit.no/~daniels/PingTunnel/
Tag: implemented-in::c, interface::commandline, protocol::ip, protocol::tcp, role::program, scope::utility, use::proxying, use::transmission, works-with::network-traffic

Журнал лабораторных работ

Журнал

Пятница (06/18/10)