View Full Version : TDS and Linux
Pieter_Arntz
April 24th, 2003, 03:02 AM
If this is in the help files point my weary eyes in the right direction. ;)When doing a full scan yesterday I happened to notice TDS-3 scanning my CD-ROM drive, that had a Knoppix CD in it.
My question is: is TDS-3 capable of detecting (and removing) malicious files in Linux and if so, how do I get it to scan my Linux partition?
Regards,
Pieter
Wayne - DiamondCS
April 24th, 2003, 03:13 AM
TDS3 can only be run from Windows, you'll probably also have problems if you try to run it under WINE. As for scanning Linux partitions, no it can't do that - only NTFS and FAT, sorry!
On a side note, Knoppix can be useful for getting around file security settings ... :)
Pieter_Arntz
April 24th, 2003, 03:24 AM
-{ Quote: " quoting: Wayne - DiamondCS link=board=5;threadid=8704;start=0#56423 date=1051168384]
TDS3 can only be run from Windows, you'll probably also have problems if you try to run it under WINE. As for scanning Linux partitions, no it can't do that - only NTFS and FAT, sorry!" }-OK. Just wondering, because it gave me a file count after scanning the CD.
-{ Quote: "
On a side note, Knoppix can be useful for getting around file security settings ... :)
" }-
That is easier accomplished with a Win2k CD or booting directly to Mandrake. ;)
Thanks Wayne,
Pieter
Andreas1
April 25th, 2003, 04:15 AM
ok. what about linux files on fat/ntfs partitions?
I could have a CYGWIN/POSIXSubsystem-driven linux executable on my Windows system. Can there be signatures or even heuristics for those ?
TIA,
Andreas
angel
April 25th, 2003, 04:52 AM
-{ Quote: " quoting: Andreas(W) link=board=5;threadid=8704;start=0#56603 date=1051258503]ok. what about linux files on fat/ntfs partitions?
I could have a CYGWIN/POSIXSubsystem-driven linux executable on my Windows system. Can there be signatures or even heuristics for those ?" }-
Well ... this are all normal PE EXE files as far as i know. So they are scanned. ELF (the executable format of linux) are also scanned but i think TDS won't find any linux related backdoor or trojan cause it simply has no signatures for them and the heuristic is not able to handle ELF files. As far as I remember TDS detects a few DOS COM trojans. COM file format is not detectable as far as i know. So every binary file that is not bigger than 64 kb should be handled as COM file. TDS will scan the ELF files for DOS trojans. ;D ;D
vBulletin® Copyright ©2000-2012, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2012, Wilders Security Forums