On 2006-11-15 Ivan Aleman wrote:
2006/11/14, Quark IT - Hilton Travis <Hilton@quarkit.com.au>:
There simply is no OSS AV product capable of doing what you are
wanting to achieve. Besides, running scheduled scans is far, far
from an effective way to stop viruses and other malware - you are
orders of magnitude better off by running an on-access scanner that
scans in realtime to stop infections happening, not trying to clean
up after an infection has occurred.
Indeed my intention is not to run the AV from Linux on an special
schedule, my intention is to disinfect one machine (or two maybe :) )
due that they are already infected, and the AV installed on them is
not doing the job.
The only reliable method to clean an infected machine is:
1. backup the data
2. flatten
3. re-install
4. restore the data (check prior to restore)
http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx
Of course I am aware that an on-access scanner is the best solution
but in my actual scenario the machines are already 'compromised' (they
are configured to do on-access scanning, though) then it occur to me
that doing a disinfection from a Linux machine over the LAN could be a
good idea instead reformatting the machines,
It isn't.
Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
----------------------------------------------------------------------------
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box
giving hackers complete access to all your backend systems!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZWl
----------------------------------------------------------------------------
