Filesystem antivirus for FreeBSD

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Filesystem antivirus for FreeBSD

Luciano Mannucci

Hello,

I need an antivirus for FreeBSD that catches php malware. Does such a
beastie exist? :)

Cheers,

Luciano.
--
 /"\                         /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL    /  E-MAIL: [hidden email]
 / \  AND POSTINGS        /   WWW: http://www.lesassaie.IT/
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Filesystem antivirus for FreeBSD

Tim Daneliuk
Clamav might, but you'll have to check.


_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
Jov
Reply | Threaded
Open this post in threaded view
|

Re: Filesystem antivirus for FreeBSD

Jov
You can export the fs as nfs and mount it to linux if calmav not good
enough compare with sophos.

Or you can try to run sophos on freebsd with linux emulation, see the hand
book for detail.

Jov

2017年6月21日 12:19 AM,"Luciano Mannucci" <[hidden email]>写道:

On Tue, 20 Jun 2017 10:40:03 -0500
Tim Daneliuk <[hidden email]> wrote:

> Clamav might, but you'll have to check.
It failed to catch a virus that Sophos on Linux found.

BTW, yes.Clamav does run.

Luciano.
--
 /"\                         /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL    /  E-MAIL: [hidden email]
 / \  AND POSTINGS        /   WWW: http://www.lesassaie.IT/
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Filesystem antivirus for FreeBSD

Luciano Mannucci
On Wed, 21 Jun 2017 00:35:56 +0800
Jov <[hidden email]> wrote:

> You can export the fs as nfs and mount it to linux if calmav not good
> enough compare with sophos.
Well. I'm trying to replace linux... :)
 
> Or you can try to run sophos on freebsd with linux emulation, see the hand
> book for detail.
Yes, good Idea. I'll have to intall it via chroot, so it is not so
easy (I need a lot of linux commands under /compat/linux for that, and
I have to discover which one by test & try...)

Cheers,

Luciano.
--
 /"\                         /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL    /  E-MAIL: [hidden email]
 / \  AND POSTINGS        /   WWW: http://www.lesassaie.IT/
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Filesystem antivirus for FreeBSD

Shane Ambler
In reply to this post by Tim Daneliuk
On 21/06/2017 01:48, Luciano Mannucci wrote:
> On Tue, 20 Jun 2017 10:40:03 -0500
> Tim Daneliuk <[hidden email]> wrote:
>
>> Clamav might, but you'll have to check.
> It failed to catch a virus that Sophos on Linux found.

Have you submitted a sample that clamav may get a solution added?

http://www.clamav.net/reports/malware


--
FreeBSD - the place to B...Software Developing

Shane Ambler

_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Filesystem antivirus for FreeBSD

Luciano Mannucci
On Wed, 21 Jun 2017 12:11:16 +0930
Shane Ambler <[hidden email]> wrote:

> >> Clamav might, but you'll have to check.  
> > It failed to catch a virus that Sophos on Linux found.  
>
> Have you submitted a sample that clamav may get a solution added?
>
> http://www.clamav.net/reports/malware
Yes I did.
Despite of that, I still get this, ecanning the same files:

On FreeBSD, with clamav:

----------- SCAN SUMMARY -----------
Known viruses: 6302176
Engine version: 0.99.2
Scanned directories: 8130
Scanned files: 58163
Infected files: 0
Data scanned: 2996.03 MB
Data read: 4024.93 MB (ratio 0.74:1)
Time: 964.257 sec (16 m 4 s)

On linux, with Sophos:

A threat was detected during an on-demand scan. Details follow:
40961 files scanned.
Number of infections detected: 3267
Number of infected files detected: 3267

Does someone know how to run sophos on FreeBSD > 10.0?

Thanks to everyone anyway,

Luciano.
--
 /"\                         /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL    /  E-MAIL: [hidden email]
 / \  AND POSTINGS        /   WWW: http://www.lesassaie.IT/
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Filesystem antivirus for FreeBSD

Gary Hayers
Unfortunately Sophos dropped support for FreeBSD some time ago, I did look into porting the Linux version but quickly realized I knew nowhere near enough about Linux to do it, I even talked to Sophos but do not know the difference between FreeBSD and Linux.




--




Regards,


Gary J. Hayers


garyAThayers.org




PGP Signature


https://www.hayers.org/pgp 









On Tue, Aug 1, 2017 at 2:02 PM +0100, "Luciano Mannucci" <[hidden email]> wrote:










On Wed, 21 Jun 2017 12:11:16 +0930
Shane Ambler  wrote:

> >> Clamav might, but you'll have to check.  
> > It failed to catch a virus that Sophos on Linux found.  
>
> Have you submitted a sample that clamav may get a solution added?
>
> http://www.clamav.net/reports/malware
Yes I did.
Despite of that, I still get this, ecanning the same files:

On FreeBSD, with clamav:

----------- SCAN SUMMARY -----------
Known viruses: 6302176
Engine version: 0.99.2
Scanned directories: 8130
Scanned files: 58163
Infected files: 0
Data scanned: 2996.03 MB
Data read: 4024.93 MB (ratio 0.74:1)
Time: 964.257 sec (16 m 4 s)

On linux, with Sophos:

A threat was detected during an on-demand scan. Details follow:
40961 files scanned.
Number of infections detected: 3267
Number of infected files detected: 3267

Does someone know how to run sophos on FreeBSD > 10.0?

Thanks to everyone anyway,

Luciano.
--
 /"\                         /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL    /  E-MAIL: [hidden email]
 / \  AND POSTINGS        /   WWW: http://www.lesassaie.IT/
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"





_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"
Reply | Threaded
Open this post in threaded view
|

Re: Filesystem antivirus for FreeBSD

Luciano Mannucci
On Tue, 1 Aug 2017 15:17:29 +0000 (UTC)
"Gary J. Hayers" <[hidden email]> wrote:

> Unfortunately Sophos dropped support for FreeBSD some time ago, I did look
> into porting the Linux version but quickly realized I knew nowhere near
> enough about Linux to do it, I even talked to Sophos but do not know the
> difference between FreeBSD and Linux.
Uh? Porting? Is'nt it distributed as linux binaries?

Luciano.
--
 /"\                         /Via A. Salaino, 7 - 20144 Milano (Italy)
 \ /  ASCII RIBBON CAMPAIGN / PHONE : +39 2 485781 FAX: +39 2 48578250
  X   AGAINST HTML MAIL    /  E-MAIL: [hidden email]
 / \  AND POSTINGS        /   WWW: http://www.lesassaie.IT/
_______________________________________________
[hidden email] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[hidden email]"