Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to - Scan a Windows machine for virus from a Linux machine

from [Myke Lyons] Network Security [Permanent Link]
Subject: Re: How to - Scan a Windows machine for virus from a Linux machine
Date: Thu, 16 Nov 2006 09:58:53 +0000

On 15 Nov 2006, at 15:59, Ivan Aleman wrote: 
Indeed my intention is not to run the AV from Linux on an special
schedule, my intention is to disinfect one machine (or two maybe :) )
due that they are already infected, and the AV installed on them is
not doing the job. Of course I am aware that an on-access scanner is
the best solution but in my actual scenario the machines are already
'compromised' (they are configured to do on-access scanning, though)
then it occur to me that doing a disinfection from a Linux machine
over the LAN could be a good idea instead reformatting the machines,
that's what I started this thread and yes is not a good idea in the
sense that it is not very straight forward and even in a 1Gbit LAN is
going to be slow, of course what you mention in another mail about
that using smbfs and ClamAV will possible not scan all the files due
to locks and etc. but still this can work in some cases, it is just
another tool/method against these kind of problems.
While I know it isn't the answer to your question specifically but why not use an application like Stinger.exe from a RO USB-Key or Floppy Disk? Another solution (if this computer can access the internet) is to use an online scan like http:// housecall.trendmicro.com, I have found it to be a helpful check.

All of that said, in our company we have a policy that states that if a computer is infected with a virus it can never be trusted again. I know that it is extreme but why take the risk for one computer? I would recommend taking the machine offline as soon as possible and reinstalling the OS. Think of it has house cleaning :)

.myke



----------------------------------------------------------------------------
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box 
giving hackers complete access to all your backend systems!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZWl
----------------------------------------------------------------------------


[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: How to - Scan a Windows machine for virus from a Linux machine, Quark IT - Hilton Travis
Next by Date:  Re: How to - Scan a Windows machine for virus from a Linux machine, Ansgar -59cobalt- Wiechers
Previous by Thread:  RE: How to - Scan a Windows machine for virus from a Linux machine, Jefferies, Darren
Next by Thread:  Re: How to - Scan a Windows machine for virus from a Linux machine, Ansgar -59cobalt- Wiechers
Indexes:  [Date] [Thread] [Top] [All Lists]