On Jun 18, 2013, at 3:22 PM, Dennis Peterson <denni...@inetnw.com> wrote:
> On 6/18/13 8:08 AM, Alain Zidouemba wrote:
>> As Joel Esler mentioned before, there are signatures for UNIX malware in
>> the official ClamAV DB.
>>
>> - Alain
>
>
> You would think such a simple question would have a simple answer. UNIX is
> not Solaris. Solaris is one of a few UNIX's around. Are the UNIX signatures
> for Tru-64, HP-UX, BSD UNIX, SCO UNIX, AIX...? Doesn't matter if there are or
> not to someone seeking Solaris 10 information, actually. Are there any for
> Solaris 10?
UNIX is not Solaris. Solaris is a UNIX. If a piece of malware or PUA, etc,
can be installed and ran on Unix or any of the variants (including Solaris) you
mentioned above, then yes, we ship detection for it.
Are they tagged specifically "Solaris"? No. We tag malware with what it
affects and the family. For example, Win.Trojan.Whatever. ("Whatever" being
the name of the Trojan, that runs on Windows). We don't tag stuff as
"WinXP.Trojan.Whatever".
--
Joel Esler
Senior Research Engineer, VRT
OpenSource Community Manager
Sourcefire
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
