Re: [clamav-users] Silly question - clamav - linux viruses?

Thu, 17 Apr 2014 08:31:54 -0700 

On Thu, 2014-04-17 at 08:26 -0700, Dennis Peterson wrote:
> On 4/17/14, 8:13 AM, Alain Zidouemba wrote:
> > ClamAV "does scan for linux viruses".
> >
> > If you install ClamAV, you can use the sigtool command to find signatures
> > for unix-specific malware.
> >
> > Eg:
> >> sigtool --list-sigs /usr/local/share/clamav/daily.cld | grep -i 'unix'
> > .
> > .
> > .
> > Exploit.Shellcode.Unix-Gen-1
> > Trojan.Plunix-1
> > UNIX.Worm.Sorso
> > UNIX.Exploit.CVE_2010_3301-1
> > UNIX.Trojan.SSHDoor
> > Unix.Backdoor.Cdorked
> > Unix.Exploit.CVE_2014_1912-1
> > Unix.Exploit.CVE_2014_1912
> > Unix.Downloader.Agent
> > UNIX.Exploit.CVE_2010_3301-2
> > UNIX.Trojan.Snakso
> > Unix.Exploit.Iosjailbreak
> > Unix.Exploit.Fsheep
> > Unix.Trojan.Hanthie-3
> > Unix.Trojan.Hanthie-4
> > Unix.Trojan.Ebury
> > Unix.Trojan.Ebury-1
> > Unix.Trojan.Ebury-2
> > Unix.Trojan.Hanthie
> > Unix.Trojan.Hanthie-1
> > Unix.Trojan.Hanthie-2
> > Win.Trojan.Gunix-1
> > .
> > .
> > .
> >
> > Additionally, there are signatures for malware or exploits that can target
> > multiple platforms. An example is the signature PHP.Shell-38 as gin(e)
> > pointed out.
> >
> > - Alain
> >
> >
> >
> The above is evidence your product scans for Unix viruses. You surely know 
> Linux 
> is not Unix. Assuming SourceFire/Cisco doesn't distinguish between Linux and 
> Unix, the list does not suggest which flavor of Linux or Unix might be 
> included 
> or if that is important. Would it be a fair assumption the signatures are 
> architecture agnostic or are they Intel only? A reference to the complete 
> documentation of target systems would be valuable.
> 
> dp

You wouldn't happen to be a Solaris or SCO person, would you?
-- 
greg folkert - systems administration and support
web:    donor.com
email:  g...@donor.com
phone:  877-751-3300 x416
direct: 616-328-6449 (direct dial and fax)
"That friendship will not continue to the end which is begun for an
end."
    -- Francis Quarles

_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml

Reply via email to