< Prev 1 2 3 4 5 6 7 8 9 Next >
Category: Hostile Code » Detection
ScannerDaemon is the virus scanner of the OpenAntivirus project. You can send a filename to it via simple TCP and it will scan the file for virii and tell you if the file is infected or not. The ScannerDaemon comes with its own virus database, so you do not need any commercial virus scanner. There is a plugin for AMaViS to scan all EMail going through a mail server.
exiscan is a patch against exim version 4, providing support for content scanning in email messages received by exim. It works after the sending client has completed the SMTP data phase and waits for an answer from the server. Messages containing unwanted content can be rejected at that stage, so the job of generating a bounce message is the job of the sending host. Four different scanning facilities are supported: antivirus, antispam, regular expressions, and file extensions.
samba-vscan provides on-access scanning of Samba shares for Sophos Sweep+Sophie and Trend Micro+Trophie. It supports Samba 2.2.x with working virtual file system (VFS) support.
Mailscanner for Postfix
This program is invoked from the .forward file of a user and scans the incoming mails for .vbs .exe .com .bat, and similar attachments. If a message is clean, it is inserted into the users qmail-style Maildir. Otherwise, it is bounced.
Trophie is a daemon which uses libvsapi library from TrendMicro, an antivirus vendor. On startup, Trophie initializes VSAPI, loads virus patterns into memory, opens a local Unix domain socket, waits for someone to connect, and instructs it which path to scan. Since the database is loaded in RAM, scanning is very fast.
Milter-Virus is a wrapper which allows you to use virus scanners like F-Prot in sendmail. It filter incoming and outgoing mail. The configuration file allows chaining of scanners and blocking of certain bad double file extensions
Mikrop is a small, easy to install program for mail servers to scan incoming email. It uses third party virus scanners, and is currently integrated with the Postfix MTA.
DisSpam is a personal solution to combat spam (i.e. not for mailservers/ISPs). It is a Perl script that removes spam from POP3 mailboxes based on RBLs such as orbz.org. It runs through cron and uses a very simple configuration file.
CodeBlue is an attempt to increase the awareness of hosts that are infected with malicious worms by scanning Apache log files and emailing the infected hosts with details of their infection and how to obtain help removing the worm. Currently, CodeBlue scans Apache logs for Code Red, Code Red 2, and Nimda.
FIRE, the Forensic and Incident Response Environment, (formerly known as Biatchux) is a portable, bootable CD-ROM-based distribution providing an immediate environment for performing forensics analysis, data recovery, virus scanning, and pen-testing. It also provides the necessary tools for live forensics/analysis/incident response.
Browse by category