On 04/18/2010 12:00 PM, Gene Heskett wrote: > On Sunday 18 April 2010, Antonio Olivares wrote: > >> --- On Sun, 4/18/10, Daniel B. Thurman<dant@xxxxxxxxx> wrote: >> >>> From: Daniel B. Thurman<dant@xxxxxxxxx> >>> Subject: Re: Clamav >>> To: "Community support for Fedora users"<users@xxxxxxxxxxxxxxxxxxxxxxx> >>> Date: Sunday, April 18, 2010, 11:37 AM >>> On 04/15/2010 12:50 PM, Patrick >>> >>> O'Callaghan wrote: >>> >>>> On Thu, 2010-04-15 at 12:22 -0700, Michael Miles >>>> >>> wrote: >>> >>>>> I have removed all and I will wait for proper >>>>> >>> instruction as I really >>> >>> >>>>> do not know enough about this OS >>>>> >>>> Given that you say so yourself, the logical question >>>> >>> is "why do you need >>> >>> >>>> Clamav"? Clamav is usually installed by people running >>>> >>> mail servers for >>> >>> >>>> users who access them from Windows. >>>> >>> Where is the proof that an AV is not needed for Linux sans >>> w-dozs, >>> regardless of the pathways to infection? ClamAV is >>> not just for >>> email-servers but for scanning infected drives. The >>> effectiveness >>> of virus detection is only as good as the design and the >>> latest virus >>> database, and even then, there is no guarantee against >>> newly created >>> viruses and its variants, and one could argue "damned if >>> you do, damned >>> if you don't", but I could argue 'Tis better to reduce the >>> chances of >>> infection, >>> than none at all'? >>> >>> >>>> If all you're doing is reading mail in Linux, it's >>>> >>> extremely unlikely >>> >>> >>>> that you even need it. In 35 years of using first Unix >>>> >>> and then Linux, >>> >>> >>>> I have yet to see a single virus that wasn't a >>>> >>> proof-of-concept demo. >>> >>> Again, experiences makes proof, not. I prefer the >>> data, please. >>> >>> >>>> po >>>> >>> I have a fully installed, F-12 w/ SELinux including >>> clamav, >>> spamassassin and it has found several rejected virus >>> infected >>> incoming email messages. If I get one again, I will be >>> happy to >>> post what the viruses are, as I just don't remember. >>> Most of my >>> viruses are coming from overseas, mostly cn and ru and via >>> incoming email, not visited websites. We are talking >>> about AV, >>> not malware or other modes of attacks. >>> >>> As far as I know, clamav has not detected any infected >>> local >>> files but of course that does not mean there are NO >>> viruses, >>> just undetected ones, if any. >>> >>> And no, I do not run doz via wine nor virtualbox, on this >>> Linux email >>> system and it has a separate public IP address apart from >>> another >>> email system, (W-doz) exchange, again on a separate public >>> IP address. >>> Neither one of these email servers, 'talks' to one or >>> another, nor >>> overlaps, they are mutually exclusive. It is >>> interesting to watch >>> which of the two are infected and which is not. >>> >>> FWIW, >>> Dan >>> >> Dan, >> >> The virii that hit Michael's machine were via wine. In which case ClamAV >> did not find them, Avira did. Most of your post is also correct. If you >> have an email server it makes good sense to have antivirus to scan >> incoming mail/messages and also send clean messages as well. >> >> It you have Selinux, Antivirus, Firewall, all enabled and configured >> properly, virii should not make it into your machine but one is not >> entirely 100% safe :( >> >> Again, it depends on experiences that one has had/has and you summoned it >> up DAMMNED IF YOU DO, DAMMED IF YOU DON'T >> >> Regards, >> >> Antonio >> >> > I have hoped that this thread would self-destruct. IMO it has no business on > a linux oriented mailing list considering that this company has no visible, > runs on linux products. To me, all it amounts to is tons of free advertising > because some less than attentive person hosed his wine install with a windows > virus. Excrement happens. Shrug. > > One other weird thing i forgot to mention. I install xp via wine 2 months ago. Have not touched it since. Started scanning just to see a week ago. The files that were renamed by the virus were done two days ago, according to time stamps. So this thing sat dormant until I started looking for them and that is when it attacked. Now that's wild -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines