Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Worm Virus
Top Forums UNIX for Dummies Questions & Answers Worm Virus Post 39842 by cerberusofhnsg on Monday 1st of September 2003 11:21:56 PM
Old 09-02-2003
f-prot is a good virus scanner for *nix (I know for a fact it supports linux, dont know about others). I believe it is free for non-production systems (i.e. nothing that directly brings in money).
 

3 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Virus and Worm on Linux/unix System

Hello all, I just got asked if virus and worms are a big thing in unix/linux OS. My response was no, but after looking I found that there can be issues but very few. I would justy like to know from the working community what is the truth on virus and worms on unix/linux OS? Thanks. (1 Reply)
Discussion started by: larryase
1 Replies

2. Linux

Problem with worm ctfmon.exe

I have this worm in my network. It works only on Windows OS. My data server is on Linux with samba server and all the time somebody is copping this worm from windows client to my data server, because the data server is mapped as a network drive. My question is: Is there any way to find which... (4 Replies)
Discussion started by: zhivko.neychev
4 Replies

3. What is on Your Mind?

conficker.c anyone (April Fools day worm)

Did your shop have any problems with it? Reports indicate it will able to control several million Windows PC's. (2 Replies)
Discussion started by: jim mcnamara
2 Replies

LEARN ABOUT OPENSOLARIS

vscand

vscand(1M)						  System Administration Commands						vscand(1M)

NAME

       vscand - vscan service daemon

SYNOPSIS

       /usr/lib/vscan/vscand

DESCRIPTION

       vscand  is  the	daemon	that  handles  virus  scan requests from file systems on file open and close operations. A file system may support
       enabling and disabling of virus scanning on a per dataset basis, using that file system's administrative command, for example zfs(1M).

       If the file state or scan policy (see vscanadm(1M) requires that a file be scanned, vscand communicates	with  external	third-party  virus
       scanners (scan engines) using the Internet Content Adaptation Protocol (ICAP, RFC 3507) to have the file scanned.

       A  file is submitted to a scan engine if it has been modified since it was last scanned, or if it has not been scanned with the latest scan
       engine configuration (Virus definitions). The file's modified attribute and scanstamp attribute are used to store  this	information.  Once
       the file is scanned, the modified attribute is cleared and the scanstamp attribute is updated.

       If  the	file  is found to contain a virus, the virus is logged in syslogd(1M), an audit record is written, and the file is quarantined (by
       setting its quarantine attribute). Once a file is quarantined, attempts to read, execute or rename the file will be denied by the file sys-
       tem.  The syslogd(1M) entry and the audit record specify the name of the infected file and the violations detected in the file. Each viola-
       tion is specified as "ID - threat description", where ID and threat description are defined in the  X-Infection-Found-Header  in  ICAP  RFC
       3507; Extensions.

       By  default,  vscand  connects  to  scan  engines on port 1344. The port and other service configuration parameters can be configured using
       vscanadm(1M).

       The vscan service is disabled by default, and can be enabled using svcadm(1M).

EXIT STATUS

       The following exit values are returned:

       0	   Daemon started successfully.

       non-zero    Daemon failed to start.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWvscanu		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Uncommitted		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ps(1), svcs(1), logadm(1M), svcadm(1M), syslogd(1M), vscandadm(1M), zfs(1M), attributes(5), smf(5)

NOTES

       If a file is accessed using a protocol which does not invoke the file system open and close operations, for example NFSv3,  virus  scanning
       is not initiated on the file.

       File content is transferred to the scan engines as cleartext data.

       Administrative  actions for the vscan service, such as enabling, disabling, or requesting a restart, can be performed using svcadm(1M). The
       vscan service status can be queried using the svcs(1) command.

       The vscan service is managed by the service management facility, smf(5), under the service identifier:

	 svc:/system/filesystem/vscan

SunOS 5.11							    6 Nov 2007								vscand(1M)
All times are GMT -4. The time now is 01:05 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy