Focus on Virus
[Solved, so far]: How to - Scan a Windows machine for virus from a Linux machine Nov 14 2006 10:14PM
Ivan Aleman (bonovoxmofo gmail com) (1 replies)
Thank you all for your responses, all of them were very educative.

I will try the solution that involves smbfs and ClamAV and possibly a
better solution will be a commercial product like the NOD32
recommendation.

By the way if somebody is following this thread, I am posting here the
comments made by others to me directly (without posting to the list)
just in case somebody have a similar doubts of how to accomplish this
so far.

==============

Kusuriya said:

ClamAV, and I like the GUI KlamAV for it (honestly its the easiest to
use even if its KDE dependant)

==============

Jose Nazario said:

nstall samba on that linux box.
share C:\ (and any other drives) from the PCs.
mount them on the linux box using smbmount.
now point your AV scanners on the Linux box to the mount point, ie:

clamscan /mount/pc/DesktopPC_1

that should do it.

===============

Seyhan Tekelioglu said:

hi,

if you are using clamav and you want to scan network traffic. You can use
snort-inline.
For more information chek this site http://snort-inline.sourceforge.net/

===============

THORNTON Simon said:

Hi Ivan,

I normally use an smbfs mount of the remote machine(s):

i.e:

mount //machine/share dir -t smbfs -o username=whatever,workgroup=domain

E.g.: TO scan the C: drive on machine1 and the share 'share' on machine2:

mkdir -p /mnt/machine1 /mnt/machine2
mount //machine1/c\$ /mnt/machine1 -t smbfs -o
username=Administrator,workgroup=mydomain
mount //machine2/share /mnt/machine2 -t smbfs -o
username=Administrator,workgroup=mydomain
clamscan /mnt/machine1 /mnt/machine2
.
umount /mnt/machine1 /mnt/machine2

(see man smbmount for more options)

Once mounted you can scan the directories as normal from the linux machnie.

===================

Hilton Travis said:

Hi Ivan,

If BitDefender can't do what you need - and you say it can't - then
look at a decent AV such as NOD32 that has its Remote Administrator
interface that allows you to start scans on remote machines, have a
single interface to see the status of NOD32 on all machines across
your network, and basically allows full remote management of NOD32
across your network. Oh, and it is a significantly more effective
scanner than BitDefender.

==============

Thank again to all .
Kind regards.
--
Iván Alemán

------------------------------------------------------------------------
----
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZW
l
------------------------------------------------------------------------
----

[ reply ]
RE: [Solved, so far]: How to - Scan a Windows machine for virus from a Linux machine Nov 15 2006 01:13AM
Quark IT - Hilton Travis (Hilton quarkit com au)


 

Privacy Statement
Copyright 2010, SecurityFocus