scanning, but what???

Discussion in 'malware problems & news' started by guest-1, Sep 4, 2003.

Thread Status:
Not open for further replies.
  1. guest-1

    guest-1 Guest

    Which files and which directories should be scanned for viruses & etc... in Linux?
     
  2. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    My goodness... there are plenty of answers to this question.
    If you're afraid of linux infections: fear not, there are virtually no infections in the wild (at least as far as we know :p ). There are, however, rootkits that can be installed by hackers, to take over the ownership of your machine. You may look for topics on rootkit detection on other specific linux sites.
    Most infections and vulnerabilities can be prevented by (almost) never using the root account and root equivalent accounts!!!!

    Second option: if your using linux as a mail/file server: use a linux virusscanner and scan all users file space.
     
  3. Guest-1

    Guest-1 Guest

    Thanks.

    But let's say that I want to scan a Linux system for viruses and trojans and whatnot anyways.

    Which files and directories should I scan?
     
  4. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Well, I'd say:
    /home
    /usr
    /etc
    /tmp
    /root
    But don't hesitate and do scan more if you feel like it. I don't know what services/daemons you run. Depending on the service, other directories could be used for filing purposes.
    Try scanning with a rootkit scanning tool.
     
  5. Guest-1

    Guest-1 Guest

    Thanks.

    I'll be scanning with f-prot, an anti-virus software which apparently scans for rootkits as well.

    As for services, I'm only running Apache.
    But there's a windows box connected to mine (Mandrake), and that's mainly the source of my virus concerns.
     
  6. DolfTraanberg

    DolfTraanberg Registered Member

    Joined:
    Nov 20, 2002
    Posts:
    676
    Location:
    Amsterdam
    Hmm, then you better should be scanning that windows system o_O
    Dolf
     
  7. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Yes!
    At least Windows virusses are no threat to linux :D

    If your Mandrake system acts as a gateway to the internet, you can install an av-program on that box too. Plenty of options available (I run the open source Clamav on my e-smith box).
     
  8. Guest-1

    Guest-1 Guest

    I tried to install ClamAV but I ran into unsatisfied dependencies problems.

    The win box is regularly scanned (PC-Cillin), but I just recently became concerned about my Linux system getting infected.
    The windows computer is masqueraded through the Linux computer.

    Maybe I worry too much ;)

    Thanks for your help everyone.
     
  9. Gaz

    Gaz Registered Member

    Joined:
    Sep 1, 2003
    Posts:
    32
    I would scan the whole system, but a firewall is FAR more important!
     
Loading...
Thread Status:
Not open for further replies.