Le lundi 14 mars 2011 à 14:26 +0000, Mattias Kilbo a écrit : > > > I do not know if we have anything like this already > > but if not: > > > > > > How about we put some anti malware checking on our > > repositories? So > > > when someone adds or changes a package an automatic > > anti malware check > > > is done. > > > > Well, what do you propose to setup ? > > > > Do you have a product that would have detected what > > happened to gentoo ? > > > > -- Michael Scherer > > > > I do not have deep enough knowledge in packaging to have a setup. But > something along the lines of: > A package is uploaded > An automatic test is done with some anti-malware program > If anything suspicious if found the update is set on hold until some "admin" > checks the potential malware. > > There are some anti virus programs for Linux > http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications > And some of them (at least on windows) can find malware in code that is not > yet know as malware. I do not know if any of it would have detected the > Unreal malware.
How does it find the difference between : openssh listen on port 22 when run, and accept command, and malware listen on some port, and accept command that run some software ? -- Michael Scherer
