edbarx wrote:LaTeX can be used to create professional documents and even to publish books. That 'malware' is better kept at bay as it is a nasty competitor for commercial alternatives.Weird that it shows signed packages of LaTeX files and fonts as malware.
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Dr.Web for linux finds one trojan and one exploit
- thanatos_incarnate
- Posts: 717
- Joined: 2012-11-04 20:36
Re: Dr.Web for linux finds one trojan and one exploit
Re: Dr.Web for linux finds one trojan and one exploit
NFT5 wrote:Anyway, just in the moment, I'll have to write an "unbiased" report about how the guys are dealing with the "community"...
...
No problem. I'll look forward to it.
http://www.microsoft.com/security/porta ... -2015-2426mm5375 wrote:I'm running Jessie testing and have the latest Dr.Web anti virus for Linux running on top of it. After full system scan Dr.Web is reporting that it found trojan in texlive-latex-base_2015.20150823-1_all.deb. It also reports that it has found exploit Exploit:Win32/CVE-2015-2426 in
This CVE is not related to Debian - it is related to Winblows... In other words, Dr. Web is just a stupid malware, which is unable to recognize what platform it is running on... Oh, crap...
But, what's even more funny, when You'll search for that particular CVE number, then it shows up that it is *not* related to LateX, but to a "Windows Adobe Type Manager Library":
http://www.cvedetails.com/cve/CVE-2015-2426/
... conclusion:
Dr. Web is a malware itself - it is trying to cheat the users, and I suppose that not only GNU/Linux users...
Regards.
Odi profanum vulgus
Re: Dr.Web for linux finds one trojan and one exploit
Perhaps You should read more about clamAV - it's main purpose is to clear the e-mails from *WIN* viruses when running on a GNU/Linux servers...
Odi profanum vulgus
- GarryRicketson
- Posts: 5644
- Joined: 2015-01-20 22:16
- Location: Durango, Mexico
Re: Dr.Web for linux finds one trojan and one exploit
All though that is the "main purpose", it is very help full in scanning the entire system, even if it is not a "mail server" or even a public server, but any way, like everything,tomazzi wrote:Perhaps You should read more about clamAV - it's main purpose is to clear the e-mails from *WIN* viruses when running on a GNU/Linux servers...
reading docs, manuals , etc. does lead to knowing a lot more about using a program ,as well as a OS, clamav does have some mailing lists, and a lot of info available,
The main reason I use and like it, is it helps me scan my system, quickly and semi-automatically, I am aware that there it is possible (very unlikely though") "things" that have not even made it into the clamav data bases, and would not even show up in the scans done. Most of the "detected" stuff, is probably "false/positive", but the thing is, the files it detects, are files that get into my system, via internet, and they are not files I want or need, clamav makes it easy to locate, and delete those kind of files, I don't really even care if they are false positive or not, and stopped checking that a long time ago, just delete them, and forget it.
To get a complete understanding, (I probably only "scratch the surface",) but any way to understand more about what is going on:
http://www.clamav.net/
http://www.clamav.net/contact
http://www.clamav.net/documents/installing-clamav
Then more:
Code: Select all
$ man -k clam
clamtk (1) - Graphical user interface (gui) for Clam AntiVirus
clamav-unofficial-sigs (8) - Download, test, and install third-party ClamAV ...
clambc (1) - Bytecode Analysis and Testing Tool
clamconf (1) - Clam AntiVirus configuration utility
clamd (8) - an anti-virus daemon
clamd.conf (5) - Configuration file for Clam AntiVirus Daemon
clamdscan (1) - scan files and directories for viruses using Clam Ant...
clamdtop (1) - monitor the Clam AntiVirus Daemon
clamscan (1) - scan files and directories for viruses
clamsubmit (1) - File submission utility for ClamAV
freshclam (1) - update virus databases
freshclam.conf (5) - Configuration file for Clam AntiVirus database update...
garry@debian:~$ man clamd
garry@debian:~$ man clamscan
garry@debian:~$ man clamtop
No manual entry for clamtop
garry@debian:~$ man clamdtop
garry@debian:~$ man clamtk
Another "free open source" tool, and many are going to say "How can that be use full to
detect viruses or mal-ware ?",
But any way, "ImageMacick" is a important "tool", why ?
Some of the biggest sources of "mal-ware" or virus type things are images , downloaded form unclean, infected sites, imagemacick , can be very use full in determining if a image is safe, and clean.
The image can be "disinfected", or cleaned, with out damaging the image, but generally it is easier just to delete the infected image, and , find a clean one. For more details on that, some good searches, and research would be productive.
This has a bunch of stuff I find interesting, I don't know if others will , but any way
here it is:
How to use imagemagick to find embedded malware or viruses in images
http://www.perlmonks.org/?node_id=798222
And
http://security.stackexchange.com/quest ... -and-virus
I kind of "scratched the surface" on this, but the first time I heard of the problems infected images can cause, was at another forum, a website/forum admin was having a lot of problems,with spam, and the "spammers" kept coming back, when I looked at the site, it turned out it was full of infected images, none of which were detected by various, "anti-virus" scanners, a lot of images had "hidden code" that actually was helping even more spam bots access the site.
"What we expect you have already Done"
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
==========
Old Website
======================
For the Birds
==================
What Does a Parrot Know About PTSD?
Re: Dr.Web for linux finds one trojan and one exploit
No lockins, no unpredictable text formatting, no 'random' document distortion, no 'intelligent' guesswork that breaks your intended document format, high quality mathematical support without external progams, high quality suitable for academic books...thanatos_incarnate wrote:edbarx wrote:LaTeX can be used to create professional documents and even to publish books. That 'malware' is better kept at bay as it is a nasty competitor for commercial alternatives.Weird that it shows signed packages of LaTeX files and fonts as malware.
The price: a steep learning curve
Debian == { > 30, 000 packages }; Debian != systemd
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.