Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Clamav again ...

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help!
View previous topic :: View next topic  
Author Message
youlikeicecream
LXF regular


Joined: Fri Jun 03, 2005 12:40 pm
Posts: 721
Location: Oxford

PostPosted: Wed Aug 10, 2005 9:35 am    Post subject: Clamav again ... Reply with quote

Have been testing clamav to see how well it picks up viruses and trojans and have a small collection of nasties on CD to test with ...

I have noticed that using 'clamav-data', the virus scanner detects pratically nothing, whereas using 'freshclam' it detects more, here is my console output (All files scanned are nasties but not all are detected as such)

mike@Ubuntu:~$ clamscan /media/cdrom0/Quarantine
/media/cdrom0/Quarantine/bla.ex: OK
/media/cdrom0/Quarantine/eicar.zip: Eicar-Test-Signature FOUND
/media/cdrom0/Quarantine/gta.ex: OK
/media/cdrom0/Quarantine/hax.ex: OK
/media/cdrom0/Quarantine/lalw.ex: OK
/media/cdrom0/Quarantine/tek9.ex: Trojan.Proxy.Ranky-38 FOUND
/media/cdrom0/Quarantine/trojansimulator.zip: OK

----------- SCAN SUMMARY -----------
Known viruses: 38553
Engine version: 0.86.1
Scanned directories: 1
Scanned files: 7
Infected files: 2
Data scanned: 1.23 MB
Time: 1.261 sec (0 m 1 s)
mike@Ubuntu:~$ sudo apt-get install clam-data
Reading package lists... Done
Building dependency tree... Done
E: Couldn't find package clam-data
mike@Ubuntu:~$ sudo apt-get install clamav-data
Reading package lists... Done
Building dependency tree... Done
The following packages will be REMOVED:
clamav-freshclam clamav-getfiles
The following NEW packages will be installed:
clamav-data
0 upgraded, 1 newly installed, 2 to remove and 0 not upgraded.
Need to get 1223kB of archives.
After unpacking 1499kB disk space will be freed.
Do you want to continue [Y/n]? y
Get:1 http://gb.archive.ubuntu.com hoary/universe clamav-data 20040725.231000.422 [1223kB]
Fetched 1223kB in 0s (2747kB/s)

Preconfiguring packages ...
(Reading database ... 79052 files and directories currently installed.)
Removing clamav-getfiles ...
dpkg: clamav-freshclam: dependency problems, but removing anyway as you request: clamav-daemon depends on clamav-freshclam | clamav-data; however:
Package clamav-freshclam is to be removed.
Package clamav-data is not installed.
Package clamav-freshclam which provides clamav-data is to be removed.
clamav-milter depends on clamav-freshclam | clamav-data; however:
Package clamav-freshclam is to be removed.
Package clamav-data is not installed.
Package clamav-freshclam which provides clamav-data is to be removed.
clamav depends on clamav-freshclam | clamav-data; however:
Package clamav-freshclam is to be removed.
Package clamav-data is not installed.
Package clamav-freshclam which provides clamav-data is to be removed.
clamav-daemon depends on clamav-freshclam | clamav-data; however:
Package clamav-freshclam is to be removed.
Package clamav-data is not installed.
Package clamav-freshclam which provides clamav-data is to be removed.
clamav-milter depends on clamav-freshclam | clamav-data; however:
Package clamav-freshclam is to be removed.
Package clamav-data is not installed.
Package clamav-freshclam which provides clamav-data is to be removed.
clamav depends on clamav-freshclam | clamav-data; however:
Package clamav-freshclam is to be removed.
Package clamav-data is not installed.
Package clamav-freshclam which provides clamav-data is to be removed.
Removing clamav-freshclam ...
Stopping ClamAV virus database updater: freshclam
Selecting previously deselected package clamav-data.
(Reading database ... 79024 files and directories currently installed.)
Unpacking clamav-data (from .../clamav-data_20040725.231000.422_all.deb) ...
Setting up clamav-data (20040725.231000.422) ...

mike@Ubuntu:~$ clamscan /media/cdrom0/Quarantine
/media/cdrom0/Quarantine/bla.ex: OK
/media/cdrom0/Quarantine/eicar.zip: Eicar-Test-Signature FOUND
/media/cdrom0/Quarantine/gta.ex: OK
/media/cdrom0/Quarantine/hax.ex: OK
/media/cdrom0/Quarantine/lalw.ex: OK
/media/cdrom0/Quarantine/tek9.ex: OK
/media/cdrom0/Quarantine/trojansimulator.zip: OK

----------- SCAN SUMMARY -----------
Known viruses: 22927
Engine version: 0.86.1
Scanned directories: 1
Scanned files: 7
Infected files: 1
Data scanned: 1.23 MB
Time: 0.606 sec (0 m 0 s)


Obviously these nasties are probably quite obscure, but should really be detected ... Is there somewhere I can 'Submit' these files to clamav developers for identification and inclusion in freshclam/clam-data

Mike Smile
Back to top
View user's profile Send private message Yahoo Messenger MSN Messenger
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help! All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast