|
ru.linux
- RU.LINUX ---------------------------------------------------------------------
From : Vlad Belousov 2:5052/12 15 Sep 2005 20:06:03
To : Sergey Prokopenko
Subject : Re: Порекомендуйте антивирус
--------------------------------------------------------------------------------
09 Sep 05 09:56, Sergey Prokopenko wrote to Novice:
SP> Первым стоит кламав, вторым каспер, и бедный
SP> каспер ни одного трояна не поймал, после кламава...
Что-то я сильно сомневаюсь в вышесказанном... Проведем небольшой эксперимент: в
/var/spool/test поместим 12 заведомо инфицированных файлов 13-ю различными
вирусами. Запускаем clamav:
$ clamscan /var/spool/test
/var/spool/test/setup.exe: Trojan.SubSeven FOUND
/var/spool/test/7ecb85p3.exe: Dialer.gen-25 FOUND
/var/spool/test/unidist[1].cab: OK
/var/spool/test/adimage[1].php: VBS.Redlof-A FOUND
/var/spool/test/0006_C~1.CAB: OK
/var/spool/test/whisker.tar.gz: OK
/var/spool/test/yevcrhpf.scr: Worm.Bagle.H FOUND
/var/spool/test/info_sex4[1].cab: OK
/var/spool/test/crack.exe: OK
/var/spool/test/_start.exe: Trojan.Downloader.Small.GL FOUND
/var/spool/test/r1[1].gif: Trojan.JS.Startpage.C FOUND
/var/spool/test/Keygen.exe: Trojan.Dropper.W32.Small.FT FOUND
----------- SCAN SUMMARY -----------
Known viruses: 40192
Engine version: 0.86.2
Scanned directories: 1
Scanned files: 12
Infected files: 7
Data scanned: 1.40 MB
Time: 4.858 sec (0 m 4 s)
Касперского у меня нет, поэтому воспользуюсь drweb'ом:
$ drweb -path=/var/spool/test
Dr.Web (R) Scanner for Linux v4.33 (4.33.0.08120)
Copyright (c) Igor Daniloff, 1992-2005
Doctor Web, Ltd., Moscow, Russia
Support service: http://support.drweb.com
To purchase: http://buy.drweb.com
Report dated 2005-09-15, 19:10:01
Command line: -path=/var/spool/test
Scanner version: 4.33.0 <API:2.0>
Engine version: 4.33 <API:2.0>
Loading /var/drweb/bases/drwtoday.vdb - Ok, virus records: 595
Loading /var/drweb/bases/drw43300.vdb - Ok, virus records: 18
Loading /var/drweb/bases/drw43301.vdb - Ok, virus records: 503
Loading /var/drweb/bases/drwebase.vdb - Ok, virus records: 75641
Loading /var/drweb/bases/drwrisky.vdb - Ok, virus records: 1135
Loading /var/drweb/bases/drwnasty.vdb - Ok, virus records: 4371
Total virus records: 82263
Key file: /opt/drweb/drweb32.key
>/var/spool/test/setup.exe infected with BackDoor.SubSeven.22
>/var/spool/test/7ecb85p3.exe infected with Dialer.Silent
>/var/spool/test/unidist[1].cab/UniDist.ocx infected with Trojan.Dyfuca
>/var/spool/test/adimage[1].php/vbscript.0 infected with VBS.Redlof
>/var/spool/test/adimage[1].php/vbscript.1 infected with VBS.Redlof
>>/var/spool/test/0006_C~1.CAB/ISTactivex.dll infected with Trojan.Isbar.63
>>/var/spool/test/whisker.tar.gz/whisker.tar/v1.4/lists/cfnames.txt
>>infected with IRC.Randon
>/var/spool/test/yevcrhpf.scr infected with Win32.HLLM.Beagle.based
>/var/spool/test/info_sex4[1].cab/Information.exe infected with
>Trojan.Diloader
>/var/spool/test/crack.exe infected with Trojan.Isbar.281
>/var/spool/test/_start.exe infected with Trojan.DownLoader.258
>/var/spool/test/r1[1].gif infected with Trojan.AppActXComp
>/var/spool/test/Keygen.exe infected with Trojan.MulDrop.635
Scan report for "/var/spool/test/":
Scanned: 37/12
Infected: 13/12
Что имеем:
для drweb 13 из 13
для clamav 7 из 13
Такая статистика "отлова" вирусов clamav'ом, наводит на определенные мысли...
cvd-базы от вчерашнего вечера.
WBR, Vlad
PS: Это не антиреклама. Это всего лишь факты.
--- GoldED+/LNX 1.1.5-20050702
* Origin: Employment Centre of Yoshkar-Ola, Russia (2:5052/12)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
|
