While you can still use OnAccessScanning to alert on detection, prevention
isn't possible with your kernel configuration.
I'm still curious about how/why you're seeing scans outside of the
specified directories. I'll look into that a bit more.
On Thu, Feb 25, 2016 at 11:08 AM, kamil kapturkiewicz
Dnia Czwartek, 25 Lutego 2016 16:53 Mickey Sola
napisaĆ(a)
> Hi Kamil,
>
> A few things: what OS and kernel version are you using? what are the
> results of opening the eicar file with vi (or your editor of choice)? are
> /home/ and or /var/ftp/ mount points? if so, are there symlinks within
>
