Also a suggestion, write into your script to scan every file uploaded from the wiki automatically, and if detected as malware, delete the file and report it to a log.
-Josh On 7/18/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > If you want, you can send me that virus file and I'll take a look at > it. I work on the malcode team for iDefense. If you do end up > emailing it to me, zip it up and password protect the zip file with > the password "infected". > > -Josh > > On 7/18/08, Keith Deterling <[EMAIL PROTECTED]> wrote: >> I also like SystemRescue CD for a bootable live distro. >> >> http://www.sysresccd.org/Main_Page >> >> Or a Fedora 9 Live CD. >> >> However, I've found that the Redora 9 CD sometimes doesn't recoginize >> SATA >> laptop drives. >> >> >> Keith Deterling >> [EMAIL PROTECTED] >> >> Advisory IT Specialist >> Unix & Intel Server Services - IBM Account >> IBM Global Services - Americas Service Delivery – Server Systems >> Operation >> Team >> >> Essex, Junction, VT 05242 – Bldg. 967 – 1C2009 >> Tie-Line 8-446-3535 or (802) 769-3535 >> Fax: (802)-769-4253 (T/L: 8-446-4253) >> >> >> >> sth >> <[EMAIL PROTECTED] >> OM> >> To >> Sent by: Vermont [email protected] >> Area Group of >> cc >> Unix Enthusiasts >> <[EMAIL PROTECTED] >> Subject >> DU> Re: virus found on web server >> >> >> 07/18/2008 03:22 >> PM >> >> >> Please respond to >> Vermont Area >> Group of Unix >> Enthusiasts >> <[EMAIL PROTECTED] >> DU> >> >> >> >> >> >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> >> sth wrote: >> | Any chance of attaching its disk to another machine for inspection? Or >> | booting your webserver using Knoppix? You could, then, mount the hard >> >> I neglected to mention that I would opt for the Knoppix route, so that >> the running OS would be ephemeral. In the (unlikely?) event that your >> virus (or rootkit) is able to activate itself while the HD is mounted, >> you won't be exposing another important system: Knoppix can always be >> "refreshed from media" with a reboot. :-) >> >> >> Cheers, >> >> - -sth >> >> sam hooker|[EMAIL PROTECTED]|http://www.noiseplant.com >> >> Yes, my television runs Linux, too. Yes, really. >> http://mythtv.org >> >> | Bjorn Behrendt wrote: >> | | Please help, I don't know how to clean a virus from a linux >> webserver. >> | | My webserver keeps flooding our network untill everything crashes, >> and >> | | when I did a manual backup the other day my antivirus poped up with >> an >> | | infection, see attached. >> | | >> | | Bjorn Behrendt >> | | Proctor School District >> | | [EMAIL PROTECTED] >> | >> >> >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.8 (Darwin) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >> >> iEYEARECAAYFAkiA7V0ACgkQX8KByLv3aQ06SQCdEzU6/3PIf1FcOQP/P+YNVdnq >> rXYAn3blR+eSAYb7CE13PQ2ybhqTllM6 >> =VDOu >> -----END PGP SIGNATURE----- >> >
