Unix/Linux Go Back    


Security Discuss UNIX and Linux computer and network security, cyber security, cyber attacks, IT security, and more.

Linux ClamTK virusscanner

Security


Tags
clamav, clamtk, linux, ubuntu, virus

Closed    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 08-03-2016
galien8 galien8 is offline
Registered User
 
Join Date: Aug 2016
Last Activity: 12 August 2016, 10:23 PM EDT
Location: Rotterdam
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Linux ClamTK virusscanner?

ClamTK virus scanner finds each day the same viruses, I delete them, but each day they are refreshed. Some say that are harmless (to LINUX) and only windows viruses, and that ClamTK is only for windows viruses, so that a LINUX server does not distribute them among windows client computers that he is serving.

Example:

Code:
PUA.Html,Exploit.CVE_2015_1692-1

Is to me a Day Zero LINUX Exploit in Html code, so platform independent, comes in Mozilla subdirectories, can within the FireFox browser mess up the system

Example:

Code:
PUA.Win.Trojan.Xored-1

(comes in Mozilla subdirectories too)

Are these only for LINUX harmless windows viruses? And is it correct that ClamTK is meant for LINUX servers serving windows clients, as it only tracks down windows viruses?

Anyway, when I leave them on the machine, system becomes non responsive, can freeze, to a point that you don't have functionality any more, not even LINUX main menu, only mouse can move.

Sometimes they come on my system while I had only Google, Gmail en Facebook TABS open in FireFox

So they must come through the ports, however I got Gufw Firewall:

Code:
Profile Public (High Risk)
Incoming: Deny
Outgoing: Allow


Last edited by rbatte1; 08-08-2016 at 05:00 AM.. Reason: More info and forgot questions - rbatte1 added CODE tags for output
Sponsored Links
    #2  
Old Unix and Linux 08-04-2016
galien8 galien8 is offline
Registered User
 
Join Date: Aug 2016
Last Activity: 12 August 2016, 10:23 PM EDT
Location: Rotterdam
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts

Code:
PUA.Win.Tool.Packed-178                   PUA.Win.Tool.Packed-177                   PUA.Win.Tool.Packed-178                   PUA.Win.Tool.Packed-178                   PUA.Win.Tool.Packed-178                   PUA.Win.Trojan.Xored-1                   PUA.Win.Tool.Packed-178                   PUA.Win.Tool.Packed-178                   PUA.Win.Trojan.Xored-1                   PUA.Win.Tool.Packed-178                   PUA.Win.Tool.Packed-178                   PUA.Html.Trojan.Agent-37075                   PUA.Win.Tool.Packed-178                   PUA.Win.Tool.Packed-178

CLAMTK found these, a couple of hours after system was clean according to CLAMTK itself (14 infections) That ain't normal! I only had bonafide websites open.

WHERE CAN THEY COME FROM? Am I a kind of target? A honey-pot?

Last edited by rbatte1; 08-08-2016 at 05:00 AM.. Reason: Added CODE tags
Sponsored Links
Closed

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes



All times are GMT -4. The time now is 02:28 AM.