On Fri, 2004-05-07 at 18:36, Ken Morley wrote: > I was surprised when clamdscan reported: > > //proc/kcore: Trojan.MiniCommander.dr FOUND > > What's the possibility that the server is really infected?
It got to be somewhat unlikely that a running linux kernel would get infected with a Windows trojan. False positive methinks. Normally I'd say submit the affected file for analysis, but I'd guess the database guys don't really want a core dump of your kernel (?) More to the point why are you scanning /proc ? The easiest answer is probably just to not scan /proc. BMRB International http://www.bmrb.co.uk +44 (0)20 8566 5000 _________________________________________________________________ This message (and any attachment) is intended only for the recipient and may contain confidential and/or privileged material. If you have received this in error, please contact the sender and delete this message immediately. Disclosure, copying or other action taken in respect of this email or in reliance on it is prohibited. BMRB International Limited accepts no liability in relation to any personal emails, or content of any email which does not directly relate to our business. ------------------------------------------------------- This SF.Net email is sponsored by Sleepycat Software Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to deliver higher performing products faster, at low TCO. http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3 _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
