On Tue, 9 Nov 2010 22:42:08 +0100 Niels Jende <[email protected]> wrote:
> Hi Edwin, > > You can either: > > 1. Boot a Linux live CD, scan local drive from there, or run > > clamdscan and send to your debian server for scanning > > > > > the thing is that a friend oof mine seems to have virulent server or > network, which I wnat to scan from my debian notebook! > So, I will be in tne LAN and want to scan the net as a lot; if > possible! > > > > 2. install clamdscan.exe on the windows client, write a clamd.conf > > with TCPAddr and TCPSocket point to your debian server, and run > > clamdscan -m C:\, then clamdscan -m D:\, and so on. > > This will of course fail to detect the malware that is already > > running in memory. > > > > > And that is exactly the thing: I want to find the malware especially > backdoors and trojans which do already reside in the memory or > whereever! Due to that I thought that there is a possibility to run > clamav in a way like that clamav 192.xxx.xxx.xxx/24 And how do you expect clamav to access the drive of those computers? A livecd would probably be easiest way, just write a script that mounts the windows drives, and launches clamscan (or clamd+clamdscan) on them on boot. Then boot up all your machines with that CD. Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
