Thoughts about finding viruses in email inboxes
matthew.flaschen at gatech.edu
Mon Mar 30 05:41:13 UTC 2009
Leonard Chatagnier wrote:
> Sorry, don't do scripting; don't understand it.
All it does is create four random files with the same size as EICAR.
You can cut and paste it into bash.
>> clamscan -i -r avtest wget https://secure.eicar.org/eicar.com -O
>> avtest/c clamscan -i -r avtest
>> It prints:
>> avtest/c: Eicar-Test-Signature FOUND
>> Of course, there are other clamav options you can use, but this one
>> is simple and in line with what you want.
> My options, above to answer your question, only contained an
> additional -v(verbose option) and the only output I had was that so
> many(a number) of viruses were found.
Using -v, I still see the virus printed out. The overall command then is:
clamscan -vir avtest
In this case, the virus found is Eicar-Test-Signature, but I would
expect the same form of output for a real virus.
> BTW, clamav reports that version 0.95 is available but not in
> Intrepid/backports. Went to the listed faq url page and found nothing
> but source code and unapproved deb files for Ubuntu. What should a
> Ubuntu user do if he can't compile(and doesn't want to learn how at
> his old age) to get the latest version of clamav.
File a bug (if you're sure there is one), and wait for it to make into
the main repo. Other than that, I don't know what to tell you. I see
no sign of this bug in the version in hardy backports.
More information about the ubuntu-users