AV/anti-spyware products are list members using?ClamAV, free, open source, installed using fink and called from my procmailrc using Clamassassin before my mail goes through Spamassassin...
So yes, I'm only using it for e-mail scanning. It catches plenty of windows e-mail worms, which can't infect osx, but are a damn nuisance in your inbox :) Thankfully they never get that far.
Apparently opener has already been submitted to the ClamAV database.
You can get a gui version of ClamAV called ClamXav here: http://www.markallan.co.uk/software.php?page=clam
As with all AV software you need to keep the definitions up to date though. I have mine updated by a cron job every couple of hours.
What prompted my post was this story on Maccentral:- http://www.macworld.com/news/2004/10/25/opener/index.php
Yeah, *interesting* reading.
I read about it on theRegister: http://www.theregister.co.uk/2004/10/25/mac_rootkit_opener/
Macintouch has a discussion too, some more knowledgeable people there: http://www.macintouch.com/opener.html
so I will ask for advice: is the malware reported in that Maccentral
> article something that I should worry about? Yes and no.
This isn't a virus or a worm or a trojan, it's just a shell script that allows someone to take over an osx machine, get passwords etc. But an attacker needs access to install it, or needs to trick you into installing it.
They need a vulnerability to take advantage of, something that will let them get the script onto your machine or they need physical access to your machine to put it there themselves. It's this that is the tricky part.
All the usual security advice pertains - don't enable the root account, be aware of where your software is coming from, use a firewall, make regular backups etcetera etcetera.
-- Adrian Simmons <http://adrinux.perlucida.com> e-mail <mailto:[EMAIL PROTECTED]> AOL/Yahoo IM: perlucida, Microsoft: [EMAIL PROTECTED]
-- Mac UK is sponsored by <http://lowendmac.com/> and...
123Inkjets.com <http://lowendmac.com/ad/123inkjets.html>
Support Low End Mac <http://lowendmac.com/lists/support.html>
Mac UK list info: <http://lowendmac.com/lists/mac-uk.shtml> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive: <http://www.mail-archive.com/mac-uk%40mail.maclaunch.com/>
Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
