Linux ClamTK virusscanner Post: 302978778

Sponsored Content

Special Forums Cybersecurity Linux ClamTK virusscanner Post 302978778 by galien8 on Wednesday 3rd of August 2016 07:32:17 PM

08-03-2016

Registered User

Linux ClamTK virusscanner?

ClamTK virus scanner finds each day the same viruses, I delete them, but each day they are refreshed. Some say that are harmless (to LINUX) and only windows viruses, and that ClamTK is only for windows viruses, so that a LINUX server does not distribute them among windows client computers that he is serving.

Example:

Code:

PUA.Html,Exploit.CVE_2015_1692-1

Is to me a Day Zero LINUX Exploit in Html code, so platform independent, comes in Mozilla subdirectories, can within the FireFox browser mess up the system

Example:

Code:

PUA.Win.Trojan.Xored-1

(comes in Mozilla subdirectories too)

Are these only for LINUX harmless windows viruses? And is it correct that ClamTK is meant for LINUX servers serving windows clients, as it only tracks down windows viruses?

Anyway, when I leave them on the machine, system becomes non responsive, can freeze, to a point that you don't have functionality any more, not even LINUX main menu, only mouse can move.

Sometimes they come on my system while I had only Google, Gmail en Facebook TABS open in FireFox

So they must come through the ports, however I got Gufw Firewall:

Code:

Profile Public (High Risk)
Incoming: Deny
Outgoing: Allow

Last edited by rbatte1; 08-08-2016 at 06:00 AM.. Reason: More info and forgot questions - rbatte1 added CODE tags for output

galien8

View Public Profile for galien8

Find all posts by galien8

LEARN ABOUT DEBIAN

file::scan

Scan(3pm)						User Contributed Perl Documentation						 Scan(3pm)

NAME

       File::Scan - Perl extension for Scanning files for Viruses

SYNOPSIS

	 use File::Scan;

	 $fs = File::Scan->new([, OPTION ...]);
	 $fs->set_callback(
	   sub {
	     my $filename = shift;
	     my $bytes = shift;
	     ...
	     return("Callback Value");
	   }
	 );
	 $fs->scan([FILE]);
	 if(my $e = $fs->error) { print "$e
"; }
	 if(my $c = $fs->skipped) { print "file skipped ($c)
"; }
	 if($fs->suspicious) { print "suspicious file
"; }
	 if(my $res = $fs->callback) { print "$res
"; }

DESCRIPTION

       This module is designed to allows users to scan files for known viruses.  The purpose is to provide a perl module to make plataform
       independent virus scanners.

METHODS

   new([, OPTION ...])
       This method create a new File::Scan object. The following keys are available:

       callback => 'subroutine reference'
	      if the item is set then use a callback subroutine reference to provide extra information and functionalities. The callback
	      subroutine have two arguments: filename and first 1024 bytes read from the file. This only work for binary files.

       extension => 'string'
	      add the specified extension to the infected file

       move => 'directory'
	      move the infected file to the specified directory

       copy => 'directory'
	      copy the infected file to the specified directory

       mkdir => octal_number
	      if the value is set to octal number then make the specified directories (example: mkdir => 0755).

       delete => 0 or 1
	      if the value is set to 1 delete the infected file

       max_txt_size => 'size in kbytes'
	      scan only the text file if the file size is less then max_txt_size. The default value is 5120 kbytes. Set to 0 for no limit.

       max_bin_size => 'size in kbytes'
	      scan only the binary file if the file size is less then max_bin_size. The default value is 10240 kbytes. Set to 0 for no limit.

   scan([FILE])
       This method scan a file for viruses and return the name of virus if a virus is found.

   set_callback([SUBREF])
       This method is another way to install a callback subroutine reference.  Take a look in callback kay.

   skipped()
       This method return a code number if the file was skipped and 0 if not. The following skipped codes are available:

       0     file not skipped

       1     file is not vulnerable

       2     file has zero size

       3     the size of file is small

       4     the text file size is greater that the 'max_txt_size' argument

       5     the binary file size is greater that the 'max_bin_size' argument

   suspicious()
       This method return 1 if the file is suspicious and 0 if not.

   callback()
       This method return the result from the callback subroutine.

   error()
       This method return a error message if a error happens.

AUTHOR

       Henrique Dias <hdias@aesbuc.pt>

CREDITS

       Thanks to Rui de Castro, Sergio Castro, Ricardo Oliveira, Antonio Campelo, Branca Silveira, Helena Gomes and Anita Afonso for the help.

       Thanks to Fernando Martins for the personal collection of viruses.

SEE ALSO

       perl(1).

perl v5.10.0							    2009-07-19								 Scan(3pm)