Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Alternative for chattr
Special Forums Cybersecurity Alternative for chattr Post 303038089 by jim mcnamara on Saturday 24th of August 2019 12:42:33 PM
Old 08-24-2019
Implementing security personnel practices to prevent future infections
Pure opinion on my part:
The hackers who wrote the exploit have more than probably put it in all kinds of places. You miss one hiding place and your machine is still subject to disruption. You have a VERY small chance of purging everything.
Do this instead:
1. Restore the system to a known good backup
2. Implement security personnel practices to prevent future infections
3. Implement malware prevention code - there are freebies like ClamAV. See ClamavNet
4. Maintain a good periodic backup routine with mass storage devices kept securely out of harm's way.
 

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

du alternative in perl

I have a perl script that just does a `du -sk -x` and formats it to look groovy ( the argument can be a directory but usually is like /usr/local/* ) #!/usr/bin/perl use strict; use warnings; my $sizes = `du -x -sk @ARGV | sort -n`; my $total = 0; print "MegaBytes Name\n"; for(split... (1 Reply)
Discussion started by: insania
1 Replies

2. IP Networking

Alternative to Port 25

We're in the process of testing a mail server that we hope will replace our current one that's being hosted by our ISP. We learned a few things along the way and would like to avoid them if possible. The biggest hurdle is getting around port 25 (SMTP). Our work force is approx 75% consultants who... (1 Reply)
Discussion started by: sdotsen
1 Replies

3. Shell Programming and Scripting

Alternative for Cron

Hi... I want to know whether if there is any alternative for cron.:confused: I had written a script which checks for all system/application processes every 15 min(placed in cron though). But looks funny - what if cron daemon isn't running!! and expecting that script to update the OUTPUT FILE... (5 Replies)
Discussion started by: reddybs
5 Replies

4. Shell Programming and Scripting

Alternative to grep

How to find a particular line in a file without using grep? (3 Replies)
Discussion started by: proactiveaditya
3 Replies

5. HP-UX

alternative for egrep -o on HP-UX

Hello to all board members!! I have a problem on a HP-UX system. I should write a script. Therefore I need to search after IP addresses in the output of a command. On Debian this works: ifconfig | egrep -o "{1,3}\.{1,3}\.{1,3}\.{1,3}" The script where i need this is not ifconfig, but... (2 Replies)
Discussion started by: vostro
2 Replies

6. Shell Programming and Scripting

Using seq (Or alternative)

I usually just browse the forum/google for answers, however I've been stuck on a problem for a number of hours now and I've decided to join up and actually ask I've searched the forum ad naseum in an attempt to find answer to my query, however so far I have been unsuccessful. I'm no expert... (3 Replies)
Discussion started by: gtc
3 Replies

7. Shell Programming and Scripting

Alternative for ikecert

Hi Folks... Is there an alternative for ikecert(SunOS) - man info - "manipulates the machine's on-filesystem public-key certificate databases" in linux? Can we use pkcs7, pkcs8 or something like that?... I also came across ssh-keygen and ssh-keygen2... My best guess is to use ssh-certtool... (0 Replies)
Discussion started by: ahamed101
0 Replies

8. Shell Programming and Scripting

Alternative for wc -l

Hi techies .. This is my first posting hr .. Am facing a serious performance problem in counting the number of lines in the file. The input files i get will be in some 10 to 15 Gb of size or even sometimes more ..and I will load it to db I have used wc -l to confirm whether the loader... (14 Replies)
Discussion started by: rajesh_2383
14 Replies

9. Solaris

vi alternative

Is there any other editor, installed by 'default' in Sparc Solaris10, besides vi? I'd like to avoid installing anything new. If not, how to make vi more user-friendly? thanks. (8 Replies)
Discussion started by: orange47
8 Replies

10. UNIX for Beginners Questions & Answers

Chattr recursive exclude directory

Attempting to recursive chattr directories while excluding a directory, however the command which works with chown does not seem to with chattr find /mysite/public_html ! -wholename '/mysite/public_html/images' -type d -exec chattr -R +i {} \; find /mysite/public_html -not -path "*/images*"... (2 Replies)
Discussion started by: carnagel
2 Replies

LEARN ABOUT DEBIAN

clamav::client

ClamAV::Client(3pm)					User Contributed Perl Documentation				       ClamAV::Client(3pm)

NAME

       ClamAV::Client - A client class for the ClamAV "clamd" virus scanner daemon

VERSION

       0.11

SYNOPSIS

   Creating a scanner client
	   use ClamAV::Client;

	   # Try using socket options from clamd.conf, or use default socket:
	   my $scanner = ClamAV::Client->new();

	   # Use a local Unix domain socket:
	   my $scanner = ClamAV::Client->new(
	       socket_name     => '/var/run/clamav/clamd.ctl'
	   );

	   # Use a TCP socket:
	   my $scanner = ClamAV::Client->new(
	       socket_host     => '127.0.0.1',
	       socket_port     => 3310
	   );

	   die("ClamAV daemon not alive")
	       if not defined($scanner) or not $scanner->ping();

   Daemon maintenance
	   my $version = $scanner->version;
				   # Retrieve the ClamAV version string.

	   $scanner->reload();	   # Reload the malware pattern database.

	   $scanner->quit();	   # Terminates the ClamAV daemon.
	   $scanner->shutdown();   # Likewise.

   Path scanning (lazy)
	   # Scan a single file or a whole directory structure,
	   # and stop at the first infected file:
	   my ($path, $result) = $scanner->scan_path($path);
	   my ($path, $result) = $scanner->scan_path(
	       $path, ClamAV::Client::SCAN_MODE_NORMAL );
	   my ($path, $result) = $scanner->scan_path(
	       $path, ClamAV::Client::SCAN_MODE_RAW );

   Path scanning (complete)
	   # Scan a single file or a whole directory structure,
	   # and scan all files without stopping at the first infected one:
	   my %results = $scanner->scan_path_complete($path);
	   while (my ($path, $result) = each %results) { ... }

   Other scanning methods
	   # Scan a stream, i.e. read from an I/O handle:
	   my $result = $scanner->scan_stream($handle);

	   # Scan a scalar value:
	   my $result = $scanner->scan_scalar($value);

DESCRIPTION

       ClamAV::Client is a class acting as a client for a ClamAV "clamd" virus scanner daemon.	The daemon may run locally or on a remote system
       as ClamAV::Client can use both Unix domain sockets and TCP/IP sockets.  The full functionality of the "clamd" client/server protocol is
       supported.

   Constructor
       The following constructor is provided:

       new(%options): RETURNS ClamAV::Client
	   Creates a new "ClamAV::Client" object.  If no socket options are specified, first the socket options from the local "clamd.conf"
	   configuration file are tried, then the Unix domain socket "/var/run/clamav/clamd.ctl" is tried, then finally the TCP/IP socket at
	   127.0.0.1 on port 3310 is tried.  If either Unix domain or TCP/IP socket options are explicitly specified, only these are used.

	   %options is a list of key/value pairs representing any of the following options:

	   socket_name
	       A scalar containing the absolute name of the local Unix domain socket.  Defaults to '/var/run/clamav/clamd.ctl'.

	   socket_host
	       A scalar containing the name or IP address of the TCP/IP socket.  Defaults to '127.0.0.1'.

	   socket_port
	       A scalar containing the port number of the TCP/IP socket.  Defaults to 3310.

   Instance methods
       The following instance methods are provided:

       Daemon maintenance

       ping: RETURNS SCALAR; THROWS ClamAV::Client::Error
	   Returns true ('PONG') if the ClamAV daemon is alive.  Throws a ClamAV::Client::Error exception otherwise.

       version: RETURNS SCALAR; THROWS ClamAV::Client::Error
	   Returns the version string of the ClamAV daemon.

       reload: RETURNS SCALAR; THROWS ClamAV::Client::Error
	   Instructs the ClamAV daemon to reload its malware database.	Returns true if the reloading succeeds, or throws a ClamAV::Client::Error
	   exception otherwise.

       quit: RETURNS SCALAR; THROWS ClamAV::Client::Error
       shutdown: RETURNS SCALAR; THROWS ClamAV::Client::Error
	   Terminates the ClamAV daemon.  Returns true if the termination succeeds, or throws a ClamAV::Client::Error exception otherwise.

       scan_path($path): RETURNS SCALAR, SCALAR; THROWS ClamAV::Client::Error
       scan_path($path, $scan_mode): RETURNS SCALAR, SCALAR; THROWS ClamAV::Client::Error
	   Scans a single file or a whole directory structure, and stops at the first infected file found.  The specified path must be absolute.
	   A scan mode may be specified: a mode of ClamAV::Client::SCAN_MODE_NORMAL (which is the default) causes a normal scan ("SCAN") with
	   archive support enabled, a mode of ClamAV::Client::SCAN_MODE_RAW causes a raw scan with archive support disabled.

	   If an infected file is found, returns a list consisting of the path of the file and the name of the malware signature that matched the
	   file.  Otherwise, returns the originally specified path and undef.

       scan_path_complete($path): RETURNS HASH; THROWS ClamAV::Client::Error
	   Scans a single file or a whole directory structure completely, not stopping at the first infected file found.  The specified path must
	   be absolute.  Only the normal, non-raw mode is supported for complete scans by ClamAV.

	   Returns a hash with a list of infected files found, with the file paths as the keys and the matched malware signature names as the
	   values.

       scan_stream($handle): RETURNS SCALAR; THROWS ClamAV::Client::Error
	   Scans a stream, that is, reads from an I/O handle.  If the stream is found to be infected, returns the name of the matching malware
	   signature, undef otherwise.

       scan_scalar($value): RETURNS SCALAR; THROWS ClamAV::Client::Error
	   Scans the value referenced by the given scalarref.  If the value is found to be infected, returns the name of the matching malware
	   signature, undef otherwise.

SEE ALSO

       The clamd and clamav man-pages.

AVAILABILITY and SUPPORT
       The latest version of ClamAV::Client is available on CPAN and at http://www.mehnle.net/software/clamav-client
       <http://www.mehnle.net/software/clamav-client>.

       Support is usually (but not guaranteed to be) given by the author, Julian Mehnle <julian@mehnle.net>.

AUTHOR and LICENSE
       ClamAV::Client is Copyright (C) 2004-2005 Julian Mehnle <julian@mehnle.net>.

       ClamAV::Client is free software.  You may use, modify, and distribute it under the same terms as Perl itself, i.e. under the GNU GPL or the
       Artistic License.

perl v5.14.2							    2012-01-17						       ClamAV::Client(3pm)
All times are GMT -4. The time now is 11:31 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy