Colm Buckley wrote:
>> Doesn't ClamAV mainly scan for Windows viruses?
>>> What other kind is there?
Would you not regard rootkits and the like on other systems as viruses?
Or daemons that are started on a machine after a successful brute force
attack? Some remote attack that attempts to exploit a known
vulnerability? Why is it only a virus if it attacks a Windows system?
*waits the 5 seconds for someone to reply with the precise definition of
a virus*
Surely a significant proportion of exploits/attacks/whatever the hell
you want to call them, whether on Windows, Linux, Mac etc etc, are
attacks attempted on multiple machines and therefore have some
particular signature?
Before anyone jumps down my neck, I know that automatic scanners (any
version of a virus scanner in particular) are not a substitute for good
security policy or vigilance in monitoring machines. But would scanning
for known exploits, be they viruses, malware, rootkits, etc etc. not be
a good extra line of defence?
Regards,
Cian
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
