Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Linux Antivirus

Status
Not open for further replies.
tech4rce

tech4rce

Technical User
Aug 27, 2003
49
CA
Hi, I need your help. I'm trying to locate an Anti-Virus program that would be installed on a Linux box (Redhat 9) but would also be able to scan "windows" hard drives (slaves).

I've tries this set up with some programs but they were not able to locate any infected files on the "windows" hard drive. But when I scan these hard drives with a Windows box, I had over 900 infected files (this was a test machine so it's ok).

Any help would be greatly appreciated.

Thanks

Dan
 
Sort by date Sort by votes
Hi BitFuzzy, believe it or not but I was using "clamAV" and it still didn't find any of the infected files on the windows hard drive.

Dan
 
Upvote 0 Downvote
Uh, that's interesting. ClamAV is really quite good.
How did you execute clamav against a partition and how did you determine that it didn't work?

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
 
Upvote 0 Downvote
Hi thedaver, I infected the "test" machine (windows 98)with a virus (one that I received through an e-mail).

Attached the infected Hard drive to Linux box (mount /dev/hdb1 /mnt/hdb1), at the command prompt ran clamscan /mnt/hdb1. Oh before this I also ran "freshclam" to get the latest updates. It did scan the hard drive but said that there wasn't any thing wrong. Go figure.

Know I know that it was infected because I also ran the Hard drive on a Windows box (XP with Norton)- came up with over 900 files infected.

I have to screen shot of the results as proof. Also the infected box could not "see" a second drive or NIC and it was acting "funny". Had to clear the CMOS also.

Mayby I was doing something wrong?? Let me know please.

Dan
 
Upvote 0 Downvote
Were the infected files in zipped format? I don't recall if clamav has native unzip/untar/ungzip enabled/available. Might explain some misses.

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
 
Upvote 0 Downvote
Hi thedaver,
no these infected files were not in "zip" format. There must be (I would think) a setting that would scan "all" files somewhere (I could not find it)?

Just out of curiousity, how do you use the clamAV scanner?
 
Upvote 0 Downvote
I use clamav as part of a qmail MTA install running under qmail-queue... I don't routinely use it to scan for file virii.

Surfinbox.com Business Internet Services - National Dialup, DSL, T-1 and more.
 
Upvote 0 Downvote
G'day guys,
did you try clamscan -r /mnt/hdb1?

The -r is for recursive scanning i.e. drills down all directories (folders for windog users). As it happens I am scanning my windog partition as I type.

Hope this helps, Dave.
 
Upvote 0 Downvote
Hi dsryan, no I haven't tried that way, but I will.

Thanks.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

kristiandg
  • Locked
  • Question
Linux, "port mirror" between two boxes...
Replies
0
Views
123
kristiandg
kristiandg
Phi_1.618
  • Locked
  • Question
Linux server
Replies
2
Views
167
SamBones
SamBones
bhuv560
  • Locked
  • Question
Postfix Installation on EC2 AWS Linux
Replies
0
Views
85
bhuv560
bhuv560
SamBones
  • Locked
  • Question
Linux 7 Installation Failures 1
Replies
3
Views
119
SamBones
SamBones
Edwin Reyes
  • Locked
  • Question
High CPU utilization Linux Server due to mysql
Replies
1
Views
123
spamjim
spamjim

Part and Inventory Search

Sponsor

Back
Top