From owner-freebsd-questions@FreeBSD.ORG Fri Sep 5 09:52:20 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F1CE16A4BF for ; Fri, 5 Sep 2003 09:52:20 -0700 (PDT) Received: from bcec01.tiadon.net (BCEC.tiadon.com [69.27.132.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id CC82744001 for ; Fri, 5 Sep 2003 09:52:14 -0700 (PDT) (envelope-from kdk@daleco.biz) Received: from applications.tiadon.com (mail.tiadon.com [172.16.18.172]) by bcec01.tiadon.net with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id S150DPQL; Fri, 5 Sep 2003 11:52:09 -0500 Received: from nitanjared ([204.213.65.198]) by applications.tiadon.com with Microsoft SMTPSVC(5.5.1877.197.19); Fri, 5 Sep 2003 11:52:09 -0500 Message-ID: <00d901c373ce$05755a60$c641d5cc@nitanjared> From: "Kevin Kinsey, DaleCo, S.P." To: References: Date: Fri, 5 Sep 2003 11:51:56 -0500 Organization: DaleCo, S.P.---"the solutions people" MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 cc: questions@freebsd.org Subject: Re: virus scan programs X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Kevin Kinsey, DaleCo, S.P." List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Sep 2003 16:52:20 -0000 > If so, could you describe the Unix/BSD approach to > locating and eradicating these invaders of one's hard drive? If the issue > is already explained in either printed literature, or posted at a world > wide web site, it is sufficient to cite the location. Many thanks for your > response. > There are extremely few known viruses that affect any BSD systems. Occasionally, issues are found with other software, such as the Apache Web Server, or Sendmail, or ??. Also, occasionally, actual real people attempt illegal access of such systems. They should be called "crackers," although some people still use the antithetical term that starts with a "h" instead of a "cr". Since you are in the government, I'd simply suggest hunting these people down and killing them. ;-) #man kill Remember that PID 1 is you :-) If you are talking about using FreeBSD to protect users of that other "Operating System" from Redmond, here's a good article: http://bsdatwork.com/reviews.php?op=showcontent&id=1 Perhaps a bit dated, but should get you going in the right direction. HAND, Kevin Kinsey DaleCo, S.P.