Re: Virus question
From: Ean Kingston (ean_at_hedron.org)
Date: 02/11/05
- Previous message: Tom Trelvik: "Re: /tmp on same partition as /"
- In reply to: Louis LeBlanc: "Re: Virus question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Fri, 11 Feb 2005 15:37:38 -0500 (EST) To: freebsd-questions@FreeBSD.org
> On 02/11/05 01:55 PM, Karen Donathan sat at the `puter and typed:
>> To Whom it may concern:
>>
>> My name is Karen Donathan and I am a computer science teacher at
>> George Washington High School in Charleston, WV. We run our website
>> (http://gwhs.kana.k12.wv.us) on a FreeBSD server. This project was
>> given to me, and I am afraid that I really should know more about
>> how this works.
>>
>> My question is as follows: How can I run a virus scan on my system?
>> What scan do you recommend?
f-prot makes a virus scanner for FreeBSD.
http://www.f-prot.com/products/corporate_users/unix/
>> The reason I am asking this question is that our school system
>> administrator just found that there were some files infected with
>> Klez.h in the webroot directory of our server.
Do you know how the virus got into the webroot of your server? You should
find out.
>> He found this out as
>> he downloaded some files from this directory to our Windows-XP
>> school server, and Norton flagged it right away.
>
> I was doing the same thing last night at 11:30. Norton flagged over
> 100 instances of Klez on my sister-in-laws business computer. There
> were at least a dozen others, including a keylogger, backdoor, and at
> least 8 other trojans, but Klez was definitely the most proliferated.
> Fun, ain't it?
>
>> Any suggestions?
>
> As suggested by another poster, Clam-AV. I use it and it catches all
> kinds of nasties. There is also f-prot, which you can set up as a
> backup scanner through Amavisd-new.
>
> I use Amavisd-new with postfix as my SMTP server, but if you're using
> Sendmail, there may be other options you want to check out. Start
> with the handbook:
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/index.html
> particularly chapter 4, if you're not familiar with the ports, and
> chapter 22 to get a good overview of the options involving email.
>
> Good luck
>
> Lou
> --
> Louis LeBlanc FreeBSD-at-keyslapper-DOT-net
> Fully Funded Hobbyist, KeySlapper Extrordinaire :)
> Please send off-list email to: leblanc at keyslapper d.t net
> Key fingerprint = C5E7 4762 F071 CE3B ED51 4FB8 AF85 A2FE 80C8 D9A2
>
> Corry's Law:
> Paper is always strongest at the perforations.
>
-- Ean Kingston E-Mail: ean_AT_hedron_DOT_org URL: http://www.hedron.org/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
- Previous message: Tom Trelvik: "Re: /tmp on same partition as /"
- In reply to: Louis LeBlanc: "Re: Virus question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
