म.हा.सा.ग.र wrote: > A good Virus scanner on non-linux platform caught these in the rpm > packages kept there... > > \clamav-0.94.1-1.el4.rf.i386.rpm=]clamav-0.94.1-1.el4.rf.gz=](gzip)=]./usr/share/doc/clamav-0.94.1/test/.split/split.clam-pespin.exeaa" > threatType="virus" threatName="Packer.PESpin.A" action="none" > finalStatus= "infected" error= "infected archive"/> > \clamav-0.94.1-1.el4.rf.i386.rpm=]clamav-0.94.1-1.el4.rf.gz=](gzip)=]./usr/share/doc/clamav-0.94.1/test/clam-upack.exe" > threatType="virus" threatName="Trojan.Generic.713045" action="none" > finalStatus= "infected" error= "infected archive"/> > \clamav-0.94.1-1.el4.rf.i386.rpm=]clamav-0.94.1-1.el4.rf.gz=](gzip)=]./usr/share/doc/clamav-0.94.1/test/clam-mew.exe" > threatType="virus" threatName="Trojan.Generic.776592" action="none" > finalStatus= "infected" error= "infected archive"/> > \clamav-0.94.1-1.el4.rf.i386.rpm=]clamav-0.94.1-1.el4.rf.gz=](gzip)=]./usr/share/doc/clamav-0.94.1/test/clam-aspack.exe" > threatType="virus" threatName="Trojan.Generic.978200" action="none" > finalStatus= "infected" error= "infected archive"/> > > Any thoughts on this are welcome... > > Maybe a food for thought for people concerned with *el4* distribution..
You mean, a not so good virus scanner as this is classic case of false warnings. Clamav is a anti-virus scanner in Linux that is primary used to scan Windows viruses. In this case, these packages come from a third party repository called "rpmforge" and is build for EL 4 = Red Hat Enterprise Linux 4. Frequently, anti-virsuses will detect other virus scanners as viruses because they hold some of the same patterns when doing brute force string matching. A good anti-viruses program wouldn't just rely on string matches. Rahul -- ______________________________________________________________________ Pune GNU/Linux Users Group Mailing List: ([email protected]) List Information: http://plug.org.in/cgi-bin/mailman/listinfo/plug-mail Send 'help' to [EMAIL PROTECTED] for mailing instructions.
