[PLUG] Admining Windows with Linux (was: It was going so well... )

alan alan at clueserver.org
Wed May 23 18:35:59 UTC 2007


On Wed, 23 May 2007, Robert Citek wrote:

> Aaron Burt wrote:
>> On Tue, May 22, 2007 at 11:33:28AM -0700, Ed Sawicki wrote:
>>> I want to be able to boot from a CDROM and have the discovery and
>>> removal of viruses and other critters automated to a high degree. I've
>>> tried the free Ultimate CD for Windows (or some such similar name) but
>>> it doesn't do a good job.
>>
>> Have you tried BartPE?  There's apyware/plugins listed here:
>> http://www.bootcd.us/BartPE_Plugins_Category/antivirus/
>
> Can Knoppix or any of the Linux LiveCDs be used to fix infected Windows
> machines?
>
> Apparently, clamAV can scan for viruses on Windows machines:
>
> http://www.oreillynet.com/sysadmin/blog/2005/06/knoppix_40_dvd_like_a_kid_in_a.html
>
> Not sure if it can fix the problem.

The place where you will have problems is when viruses are found in user 
mailboxes.  You want to remove the specific virus, not the whole mail 
spool.

The only real problem I have had with ClamAV is that the virus definitions 
do not get updated as fast as other anti-virus products.  (I used to 
download viruses from nasty parts of the net and test them against  ClamAV 
and then F-Secure.  Anything ClamAV missed and F-Secure caught got 
submitted to ClamAV.  I need to start doing that again.)

F-Secure has a Linux product but it is a real pain to purchace.

-- 
"ANSI C says access to the padding fields of a struct is undefined.
ANSI C also says that struct assignment is a memcpy. Therefore struct
assignment in ANSI C is a violation of ANSI C..."
                                   - Alan Cox



More information about the PLUG mailing list