On 29.01.09 13:26, Andre Hübner wrote: > during practical work with webspace/virus etc. i missed a function in > clamscan to scan files which were given by list in file. > Often after a Hackattack by ftp/upload etc. a lot of files with alike date > of creation are found in filesystem.
there's mod_clamav for ProFTPD. > Sometimes it is not necessary to scan whole filesystem with thousends of > files. I could imagine to create a list in file by typical *nix commands > with fileselection which is base for clamscan. > Thsi fileselection could be reduced by date of creation, special filetypes, > chmod, whatever... > Sure, a complete scan should also be done, but to get fast results or to do > quick automated scans of suspicious files this could be a nice feature. you'll have to check for ctime, even if that means scanning more files, since mtime can be changed. On filesystems without ctime, you'll have to scan anything -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #98652: Operation completed successfully. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
