Firewall Wizards mailing list archives
Re: [OT]Virus/File scanning on *nix servers
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Wed, 21 Mar 2001 14:42:45 -0500 (EST)
On Wed, 21 Mar 2001, Bob Washburne wrote:
Please forgive the slightly off toppic post, but this seemed to be a good group of people to ask and the application is more firewall-ish than it is proxy-ish.
sorta. if i can get off topic for a second, i just want to tell everyone that, at least for myself, i encourage you to explore other lists for some of the non-firewall questions. a few have been popping up here, and while we do deal with much more than firewalls in our daily work lives ...
Can anyone point me to an available program which will scan both files and emails for both attached virus and file types (such as *.VBS) on a *nix system (probably AIX or Linux)?
i use sendmail as a mail hub and the procmail sanitizing ruleset. its adaptable to growing problems even before they get explicitely incorporated into the package. this is mainly because new email borne virii keep playing on the same (lame) techniques. it can defang, block, or ignore on the basis of a variety of criteria. some sendmail-fu would be wise to have, but its not too bad. takes about 1 hour to learn the setup if you're new to some of the tools but have sendmail experience. i run it on OpenBSD. all that it does is accept mail, scan it, make a decision, and pass it on to the Exchange SMTP servers. you can also make it the mail server, but if you have a groupware server in your LAN, like Notes' SMTP server or Exchange, then that's best done in bridge/hub more in Sendmail. http://www.impsec.org/email-tools/procmail-security.html also look into libmilter, but that requires some programming skills. i usually use Sendmail-8.11 but will start looking at the 8.12 betas now. speaking of that, i know that kaspersky labs has an antiviral product for Linux and FreeBSD. i recently wrote to them asking if they have tested their product on OpenBSD, using the support for FreeBSD binaries. the response: "you should really use Linux, its a growing market and is doing well financially for people." my counter: "well, i develop for Linux and OpenBSD, but don't trust Linux on the Internet. explore OpenBSD, it's gaining momentum for a reason." frankly i think they're foolish to be so closed minded. if anyone at kaspersky is reading this, i'm happy to test it on OpenBSD using FreeBSD or Linux binary support. http://www.kaspersky.com/ good luck. ____________________________ jose nazario jose () cwru edu PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80 PGP key ID 0xFD37F4E5 (pgp.mit.edu) _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Honeynet Project - Scan of the Month Lance Spitzner (Mar 01)
- [OT]Virus/File scanning on *nix servers Bob Washburne (Mar 21)
- Re: [OT]Virus/File scanning on *nix servers Jose Nazario (Mar 22)
- Re: [OT]Virus/File scanning on *nix servers Volker Tanger (Mar 22)
- [OT]Virus/File scanning on *nix servers Bob Washburne (Mar 21)