On Mon, Sep 3, 2012 at 3:33 AM, Tim <ignored_mail...@yahoo.com.au> wrote:
> The thing is, that anti-virus is always after-the-fact. The damage has > been done, > Huh? No. Most modern anti-virus apps (even for Linux) include "on-access" scanning so that the file is identified as infected (by signature, heuristics, whatever) BEFORE being loaded. So the file is "quarrantined" (renamed or moved to a special folder, usually) and cannot harm the system, as it´s never executed. The drawback used to be that on-access scanning required use of the ´dazuko´ kernel module... which back in the 2.4 kernel days** meant lots of hair pulling and which nowadays was last updated on early 2011 but looks orphaned since 3/2011 and looking for a new maintainer as per notice on its wiki* No idea if newer Linux AVs are using other tricks for on-access file scanning.... FC * http://dazuko.dnsalias.org/wiki/index.php/Main_Page ** http://pages.citebite.com/y4w7g6v8looq
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
