Re: Clamav

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/18/2010 12:00 PM, Gene Heskett wrote:
> On Sunday 18 April 2010, Antonio Olivares wrote:
>    
>> --- On Sun, 4/18/10, Daniel B. Thurman<dant@xxxxxxxxx>  wrote:
>>      
>>> From: Daniel B. Thurman<dant@xxxxxxxxx>
>>> Subject: Re: Clamav
>>> To: "Community support for Fedora users"<users@xxxxxxxxxxxxxxxxxxxxxxx>
>>> Date: Sunday, April 18, 2010, 11:37 AM
>>> On 04/15/2010 12:50 PM, Patrick
>>>
>>> O'Callaghan wrote:
>>>        
>>>> On Thu, 2010-04-15 at 12:22 -0700, Michael Miles
>>>>          
>>> wrote:
>>>        
>>>>> I have removed all and I will wait for proper
>>>>>            
>>> instruction as I really
>>>
>>>        
>>>>> do not know enough about this OS
>>>>>            
>>>> Given that you say so yourself, the logical question
>>>>          
>>> is "why do you need
>>>
>>>        
>>>> Clamav"? Clamav is usually installed by people running
>>>>          
>>> mail servers for
>>>
>>>        
>>>> users who access them from Windows.
>>>>          
>>> Where is the proof that an AV is not needed for Linux sans
>>> w-dozs,
>>> regardless of the pathways to infection?  ClamAV is
>>> not just for
>>> email-servers but for scanning infected drives.  The
>>> effectiveness
>>> of virus detection is only as good as the design and the
>>> latest virus
>>> database, and even then, there is no guarantee against
>>> newly created
>>> viruses and its variants, and one could argue "damned if
>>> you do, damned
>>> if you don't", but I could argue 'Tis better to reduce the
>>> chances of
>>> infection,
>>> than none at all'?
>>>
>>>        
>>>> If all you're doing is reading mail in Linux, it's
>>>>          
>>> extremely unlikely
>>>
>>>        
>>>> that you even need it. In 35 years of using first Unix
>>>>          
>>> and then Linux,
>>>
>>>        
>>>> I have yet to see a single virus that wasn't a
>>>>          
>>> proof-of-concept demo.
>>>
>>> Again, experiences makes proof, not.  I prefer the
>>> data, please.
>>>
>>>        
>>>> po
>>>>          
>>> I have a fully installed, F-12 w/ SELinux including
>>> clamav,
>>> spamassassin and it has found several rejected virus
>>> infected
>>> incoming email messages. If I get one again, I will be
>>> happy to
>>> post what the viruses are, as I just don't remember.
>>> Most of my
>>> viruses are coming from overseas, mostly cn and ru and via
>>> incoming email, not visited websites.  We are talking
>>> about AV,
>>> not malware or other modes of attacks.
>>>
>>> As far as I know, clamav has not detected any infected
>>> local
>>> files but of course that does not mean there are NO
>>> viruses,
>>> just undetected ones, if any.
>>>
>>> And no, I do not run doz via wine nor virtualbox, on this
>>> Linux email
>>> system and it has a separate public IP address apart from
>>> another
>>> email system, (W-doz) exchange, again on a separate public
>>> IP address.
>>> Neither one of these email servers, 'talks' to one or
>>> another, nor
>>> overlaps, they are mutually exclusive.  It is
>>> interesting to watch
>>> which of the two are infected and which is not.
>>>
>>> FWIW,
>>> Dan
>>>        
>> Dan,
>>
>> The virii that hit Michael's machine were via wine.  In which case ClamAV
>> did not find them, Avira did.  Most of your post is also correct.  If you
>> have an email server it makes good sense to have antivirus to scan
>> incoming mail/messages and also send clean messages as well.
>>
>> It you have Selinux, Antivirus, Firewall, all enabled and configured
>> properly, virii should not make it into your machine but one is not
>> entirely 100% safe :(
>>
>> Again, it depends on experiences that one has had/has and you summoned it
>> up DAMMNED IF YOU DO, DAMMED IF YOU DON'T
>>
>> Regards,
>>
>> Antonio
>>
>>      
> I have hoped that this thread would self-destruct. IMO it has no business on
> a linux oriented mailing list considering that this company has no visible,
> runs on linux products.  To me, all it amounts to is tons of free advertising
> because some less than attentive person hosed his wine install with a windows
> virus.  Excrement happens.  Shrug.
>
>    
One other weird thing i forgot to mention.

I install xp via wine 2 months ago.
Have not touched it since.

Started scanning just to see a week ago.

The files that were renamed by the virus were done two days ago, 
according to time stamps.

So this thing sat dormant until I started looking for them and that is 
when it attacked.

Now that's wild


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux