ClamAV is quite good. just run the following command and it will do the rest
of the job....
If you really installed the ClamAV on your box... find . -iname \*.txt
-exec clamscan -r -i {} \;
other wise visit this link
http://linuxhelp.blogspot.com/2005/10/clamav-free-anti-virus-solution-for.html
On Thu, Jun 12, 2008 at 5:02 AM, <ilug-request at linux.ie> wrote:
> Send ILUG mailing list submissions to
>ilug at linux.ie>> To subscribe or unsubscribe via the World Wide Web, visit
>http://mail.linux.ie/mailman/listinfo/ilug> or, via email, send a message with subject or body 'help' to
>ilug-request at linux.ie>> You can reach the person managing the list at
>ilug-owner at linux.ie>> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of ILUG digest..."
>>> Today's Topics:
>> 1. Re: "Virus" scanning on Linux (Timothy Murphy)
> 2. Re: "Virus" scanning on Linux (Rory Browne)
> 3. Re: "Virus" scanning on Linux (Lars Hecking)
> 4. Re: "Virus" scanning on Linux (Cian Davis)
> 5. Re: "Virus" scanning on Linux (Colm Buckley)
> 6. OT: Alternatives to Paypal? (Tony Groves)
> 7. Re: "Virus" scanning on Linux (Cian Davis)
> 8. Re: "Virus" scanning on Linux (Timothy Murphy)
> 9. Re: "Virus" scanning on Linux (Cian Davis)
> 10. Re: OT: Alternatives to Paypal? (alvaro at gilabert.org)
> 11. Re: "Virus" scanning on Linux (Steve McConville)
> 12. R [ILUG] "Virus" scanning on Linux (Rory Browne)
>>> ----------------------------------------------------------------------
>> Message: 1
> Date: Wed, 11 Jun 2008 18:24:03 +0100
> From: Timothy Murphy <gayleard at eircom.net>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: ilug at linux.ie> Cc: Cian Davis <cian.davis at ul.ie>
> Message-ID: <200806111824.04367.gayleard at eircom.net>
> Content-Type: text/plain; charset="iso-8859-1"
>> On Wednesday 11 June 2008 05:52:24 pm Michael Watterson wrote:
>> > Most issues are not nowadays Viruses as such, but Trojans installed by
> > social engineering.
>> Social engineering?
> Is that naughty?
>>>> --
> Timothy Murphy
> e-mail: gayleard /at/ eircom.net
> tel: +353-86-2336090, +353-1-2842366
> s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
>>> ------------------------------
>> Message: 2
> Date: Wed, 11 Jun 2008 19:15:55 +0100
> From: "Rory Browne" <rbmlist at gmail.com>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: "Timothy Murphy" <gayleard at eircom.net>
> Cc: Cian Davis <cian.davis at ul.ie>, ilug at linux.ie> Message-ID:
> <4adbba8c0806111115s328a9d3elfac4b7c266ec6847 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>> >
> > Social engineering?
> > Is that naughty?
>> Not sure if this is a serious question, but if you, phone someone
> falsely claiming to be an employee of their company, asking for
> confidential information ( such as usernames/passwords ), that is
> considered to be social engineering. That is naughty.
>>> ------------------------------
>> Message: 3
> Date: Wed, 11 Jun 2008 19:36:45 +0100 (IST)
> From: Lars Hecking <lhecking at users.sourceforge.net>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: ilug at linux.ie> Message-ID: <20080611183645.C59B04E34A at cork.irdesign.cypress.com>
> Content-Type: text/plain; charset=utf-8
>>> > I have not been able to figure out how reliable ClamAV is or how fresh
> > the database is.
>> ClamAV is quite good. The database is updated regularily by freshclam.
>> I used to run Sophos and ClamAV with amavisd, and Clam more often than
> not got critical updates out faster. Don't know if this still holds true.
>>>>> ------------------------------
>> Message: 4
> Date: Wed, 11 Jun 2008 21:32:35 +0100
> From: Cian Davis <davisc at skynet.ie>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: ilug at linux.ie> Message-ID: <48503663.2010402 at skynet.ie>
> Content-Type: text/plain; charset=UTF-8; format=flowed
>> Lars Hecking wrote:
> > ClamAV is quite good. The database is updated regularily by freshclam.
> >
>> Doesn't ClamAV mainly scan for Windows viruses?
>> Cian
>>> ------------------------------
>> Message: 5
> Date: Wed, 11 Jun 2008 14:00:04 -0700
> From: "Colm Buckley" <colm at tuatha.org>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: "Cian Davis" <davisc at skynet.ie>
> Cc: ilug at linux.ie> Message-ID:
> <9003ed000806111400r7ead926cndde478a67253d05 at mail.gmail.com>
> Content-Type: text/plain; charset="ISO-8859-1"
>> On Wed, Jun 11, 2008 at 1:32 PM, Cian Davis <davisc at skynet.ie> wrote:
>> > Lars Hecking wrote:
> >
> >> ClamAV is quite good. The database is updated regularily by freshclam.
> >>
> >>
> >
> > Doesn't ClamAV mainly scan for Windows viruses?
>>> What other kind is there?
>> Colm
>> --
> Colm Buckley / colm at tuatha.org / +353 87 2469146
>>> ------------------------------
>> Message: 6
> Date: Wed, 11 Jun 2008 21:39:37 +0100
> From: Tony Groves <tongro at eircom.net>
> Subject: [ILUG] OT: Alternatives to Paypal?
> To: ilug <ilug at linux.ie>
> Message-ID: <1213216777.6186.21.camel at localhost>
> Content-Type: text/plain
>> OK, this is nothing to do with Linux except that it has involved the use
> of Iceweasel, but I'm hoping some people here might be able to offer
> some advice.
>> I want to set up a system for receiving occasional credit-card payments
> online for a voluntary sports club I'm involved with. I've been trying
> the obvious Paypal, but its bureaucracy (e.g. apparently insisting that
> the club or its "owner" has to have a credit-card) is making things very
> difficult, not to mention the steepness of their commission and the
> other controversies surrounding them.
>> I've seen several others on the web that claim or seem to be equivalent
> to Paypal, but am wondering do people here have any particular
> recommendations?
>> Thanks.
>> Tony.
>>>> ------------------------------
>> Message: 7
> Date: Wed, 11 Jun 2008 22:08:24 +0100
> From: Cian Davis <davisc at skynet.ie>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: Colm Buckley <colm at tuatha.org>
> Cc: ilug at linux.ie> Message-ID: <48503EC8.1040208 at skynet.ie>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>> Colm Buckley wrote:
> >
> > Doesn't ClamAV mainly scan for Windows viruses?
> >
> >
> > What other kind is there?
>> Would you not regard rootkits and the like on other systems as viruses?
> Or daemons that are started on a machine after a successful brute force
> attack? Some remote attack that attempts to exploit a known
> vulnerability? Why is it only a virus if it attacks a Windows system?
> *waits the 5 seconds for someone to reply with the precise definition of
> a virus*
>> Surely a significant proportion of exploits/attacks/whatever the hell
> you want to call them, whether on Windows, Linux, Mac etc etc, are
> attacks attempted on multiple machines and therefore have some
> particular signature?
>> Before anyone jumps down my neck, I know that automatic scanners (any
> version of a virus scanner in particular) are not a substitute for good
> security policy or vigilance in monitoring machines. But would scanning
> for known exploits, be they viruses, malware, rootkits, etc etc. not be
> a good extra line of defence?
>> Regards,
> Cian
>>> ------------------------------
>> Message: 8
> Date: Wed, 11 Jun 2008 22:30:33 +0100
> From: Timothy Murphy <gayleard at eircom.net>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: ilug at linux.ie> Cc: Cian Davis <cian.davis at ul.ie>
> Message-ID: <200806112230.34248.gayleard at eircom.net>
> Content-Type: text/plain; charset="iso-8859-1"
>> On Wednesday 11 June 2008 07:15:55 pm Rory Browne wrote:
>> > > Social engineering?
> > > Is that naughty?
> >
> > Not sure if this is a serious question, but if you, phone someone
> > falsely claiming to be an employee of their company, asking for
> > confidential information ( such as usernames/passwords ), that is
> > considered to be social engineering. That is naughty.
>> It was a serious question.
> I never heard the phrase "social engineering" before.
> But now I google for it I see it is in common use
> among ILUG-like people for what oldsters like me call "con artists".
>> I was wondering only today when I got a request for my password
> from supportz at eircom.net why "social engineers" are so often illiterate.
> But now I am told the engineering connection ...
>>>>>>>>>> --
> Timothy Murphy
> e-mail: gayleard /at/ eircom.net
> tel: +353-86-2336090, +353-1-2842366
> s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
>>> ------------------------------
>> Message: 9
> Date: Wed, 11 Jun 2008 22:43:31 +0100
> From: Cian Davis <davisc at skynet.ie>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: Timothy Murphy <gayleard at eircom.net>
> Cc: ilug at linux.ie> Message-ID: <48504703.2030605 at skynet.ie>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>> Timothy Murphy wrote:
> > But now I google for it I see it is in common use
> > among ILUG-like people for what oldsters like me call "con artists".
> >
>> And the people taken in by most of it are "retards"
>> > I was wondering only today when I got a request for my password
> > from supportz at eircom.net why "social engineers" are so often illiterate.
> > But now I am told the engineering connection ..
>> It's so the people on the other end more that are most predisposed to
> falling for it feel more at ease because it's a language they understand.
>> On a serious note, I worked IT support during summers in secondary
> school. Despite the pride the management held the security of the
> network, I always figured I could ring up anyone in the company months
> after I left and say something like "Hi, I'm Dave from IT. We're having
> some problems with logons in your building. Could you give me your
> username and password so I can solve the problem?" Never tried it but I
> doubt there would ever be a problem.
>> I've also had some smart people come to me about some scams. They tend
> to be some unscrupulous company abusing people's ignorance on how
> hosting, DNS and the likes works - such as Domain Registry of America
> claiming you need to renew your domain with them. I suppose you could
> claim they earned the smart tag by asking someone who knew about it
> instead of blindly handing over their credit card info...
>>>>> ------------------------------
>> Message: 10
> Date: Wed, 11 Jun 2008 23:33:01 +0100
> From: alvaro at gilabert.org> Subject: Re: [ILUG] OT: Alternatives to Paypal?
> To: Tony Groves <tongro at eircom.net>
> Cc: ilug <ilug at linux.ie>
> Message-ID: <20080611233301.tf5q4s2qsk000wc8 at webmail.gilabert.org>
> Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes";
> format="flowed"
>> You may want to check WorldPay. They are related to RBS so all you may
> need is to open an account with them in order to receive payments.
>> We use it for both making and receiving payments in a corporate
> environment (as opposed to charity) and so far it has proved to be
> reliable.
>> Cheers,
>> Alvaro
>>> ----- Missatge de tongro at eircom.net ---------
> Data: Wed, 11 Jun 2008 21:39:37 +0100
> De: Tony Groves <tongro at eircom.net>
> Respon a: Tony Groves <tongro at eircom.net>
> Assumpte: [ILUG] OT: Alternatives to Paypal?
> Per a: ilug <ilug at linux.ie>
>>> > OK, this is nothing to do with Linux except that it has involved the use
> > of Iceweasel, but I'm hoping some people here might be able to offer
> > some advice.
> >
> > I want to set up a system for receiving occasional credit-card payments
> > online for a voluntary sports club I'm involved with. I've been trying
> > the obvious Paypal, but its bureaucracy (e.g. apparently insisting that
> > the club or its "owner" has to have a credit-card) is making things very
> > difficult, not to mention the steepness of their commission and the
> > other controversies surrounding them.
> >
> > I've seen several others on the web that claim or seem to be equivalent
> > to Paypal, but am wondering do people here have any particular
> > recommendations?
> >
> > Thanks.
> >
> > Tony.
> >
> > --
> > Irish Linux Users' Group mailing list
> > About this list : http://mail.linux.ie/mailman/listinfo/ilug> > Who we are : http://www.linux.ie/> > Where we are : http://www.linux.ie/map/> >
>>> ----- Fi del missatge de tongro at eircom.net -----
>>>>> ------------------------------
>> Message: 11
> Date: Thu, 12 Jun 2008 00:37:33 +0100
> From: "Steve McConville" <mcconville.steve at gmail.com>
> Subject: Re: [ILUG] "Virus" scanning on Linux
> To: "Cian Davis" <cian.davis at ul.ie>, "Irish Linux Users Group"
> <ilug at linux.ie>
> Message-ID:
> <56652bc0806111637r38f31bb3u245582a8c6ee8ef5 at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>> You are looking for what's sometimes called a HIDS (Host Intrusion
> Detection System).
>> One traditional approach is to maintain a database of checksums and
> permissions of important files offsite using something like samhain,
> aide, tripwire or so on. Tiger is a little/no-config install, but it
> still has some old-fashioned ideas about what should be considered
> suspect. OSSEC is definitely something worth looking at if you have
> time to learn it. Some reliability-oriented monitoring tools like
> Nagios and Monit, logwatch and some NIDS (Network IDS) can also be
> used for what you need. chkrootkit is the usual way to find, well,
> rootkits :)
>> There isn't really a one-size-fits-all commercial solution for HIDS in
> the linux world, but Symantec will sell you SESA for redhat if you
> have the budget. I prefer to find a mix that works for each situation,
> because I can estimate what trade off between early warning and false
> positives can be afforded. Also, too much IDS can be a liability as
> well.
>> The "enumerating badness" idea of AV software can't ever really apply
> in a FOSS environment as the relevant people can patch $hole instead
> of trying to create a spotters guide to everything (that they know
> about) that exploits it. As such one of the more successful virus
> vectors for Linux has been in making repository commits to
> understaffed l10n projects, though this is still exceedingly rare.
>> --
> steev
>http://www.daikaiju.org.uk/~steve/ <http://www.daikaiju.org.uk/%7Esteve/>
>>> ------------------------------
>> Message: 12
> Date: Thu, 12 Jun 2008 01:01:48 +0100
> From: "Rory Browne" <rbmlist at gmail.com>
> Subject: R [ILUG] "Virus" scanning on Linux
> To: "Cian Davis" <davisc at skynet.ie>
> Cc: Colm Buckley <colm at tuatha.org>, ilug at linux.ie> Message-ID:
> <4adbba8c0806111701o6467e183o1fd77d372634125f at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>> > Surely a significant proportion of exploits/attacks/whatever the hell
> > you want to call them, whether on Windows, Linux, Mac etc etc, are
> > attacks attempted on multiple machines and therefore have some
> > particular signature?
>> That's why most major linux distributions have an update system for
> downloading security updates. I'd rather personally patch up security
> holes than be informed about them. Also how do you define a security
> hole? Would you consider having a standard ( username/password based,
> no SSL ) FTP service to be a security hole?
>> But would scanning
> > for known exploits, be they viruses, malware, rootkits, etc etc. not be
> > a good extra line of defence?
>> You make a good point, but I would worry that there are people who
> would use such a tool, not as an extra line of defence, but rather as
> a security solution to replace competant security administration.
>>> ------------------------------
>> --
> Irish Linux Users' Group mailing list
> About this list : http://mail.linux.ie/mailman/listinfo/ilug> Who we are : http://www.linux.ie/> Where we are : http://www.linux.ie/map/>> End of ILUG Digest, Vol 32, Issue 17
> ************************************
>
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
