From owner-freebsd-questions Sat Jan 17 11:56:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA19180 for questions-outgoing; Sat, 17 Jan 1998 11:56:14 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from mail.virginia.edu (mail.Virginia.EDU [128.143.2.9]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id LAA19162 for ; Sat, 17 Jan 1998 11:55:58 -0800 (PST) (envelope-from atf3r@cs.virginia.edu) Received: from ares.cs.virginia.edu by mail.virginia.edu id aa24406; 17 Jan 98 14:55 EST Received: from mamba.cs.Virginia.EDU (mamba-fo.cs.Virginia.EDU [128.143.136.18]) by ares.cs.Virginia.EDU (8.8.5/8.8.5) with ESMTP id OAA15683; Sat, 17 Jan 1998 14:55:49 -0500 (EST) Received: from localhost (atf3r@localhost) by mamba.cs.Virginia.EDU (8.7.5/8.7.3) with SMTP id OAA02713; Sat, 17 Jan 1998 14:55:48 -0500 (EST) X-Authentication-Warning: mamba.cs.Virginia.EDU: atf3r owned process doing -bs Date: Sat, 17 Jan 1998 14:55:47 -0500 (EST) From: "Adrian T. Filipi-Martin" Reply-To: Adrian Filipi-Martin To: Wei Weng cc: Jason Wik , freebsd-questions@FreeBSD.ORG Subject: Re: VIRUS In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk I really doubt there is a virus on their system; there just aren't any unix viri out there. I have only heard of a very few proof of concept unix viri. In all likelihood, you have a trojan or some other security problem. And that's how you should apprach this; as a security problem. If files are being modified on the system, someone has gained privlidges beyond what they ought to have. BTW, there is a virus checker from McAfee that runs native under FreeBSD, but it is meant for checking MS-DOS/Windoze files for viruses. A lot of people use unix file servers because NT servers suck. This make is eash to check all files on the server wihtout moving themover the network to a DOS box to check for viruses. Adrian -- adrian@virginia.edu ---->>>>| If I were stranded on a desert island, and System Administrator --->>>| I could only have one OS for my computer, Neurosurgical Visualzation Lab -->>| it would be FreeBSD. Think about it..... http://www.nvl.virginia.edu/ ->| http://www.freebsd.org/ On Sat, 17 Jan 1998, Wei Weng wrote: > well... > If u have the root access, a rm -rf is a deadly virus. > There are lots of ways to trick root, no need to make a virus. > If u realy want to find one, mcafee claims they have made an antivirus > program for linux. You can try to run it on your freebsd box. > > Wei Weng wweng@stevens-tech.edu > http://attila.stevens-tech.edu/~wweng > -------------------------------------------------------------------------- > Darkness beyond twilight, crimson beyond blood that flows ... buried in > the flow of time ... in the great name, I pledge myself to darkness, all > the fools who stand in our way shall be destroyed ... by the power you and > I possess, DRAGON SLAVE! > -------------------------------------------------------------------------- > main(a,b){a="main(a,b){a=%c%s%c;b='%c';printf(a,b,a,b,b);}";b='"';printf > (a,b,a,b,b);}main(a){a="main(a){a=%c%s%c;printf(a,34,a,34);}";printf(a,34,a, > 34);}main(a){printf(a="main(a){printf(a=%c%s%c,34,a,34);}",34,a,34);} > --------------------------------------------------------------------------- > > On Sat, 17 Jan 1998, Jason Wik wrote: > > > I Have a question one of our clients uses freeBSD and claims to have a > > virus. Is there an antiviral program that can be used on FreeBSD for > > FreeBSD. I am aware of the limitations of a virus in a unix O/S. But it > > wouldn't suprise me. Hope you can help me out. > > > > Thanks, > > Jason > > >