24th October 2006, 08:11
|
|
Senior Member
|
|
Join Date: Aug 2006
Posts: 179
Thanks: 8
Thanked 15 Times in 7 Posts
|
|
WORMS, Wurms, Crawling BUGS!
Hi,
I still experience some worms have free roaming through the server like the w32.stration 
What is there to do about these worms?
|
24th October 2006, 08:25
|
|
Local Meanie
|
|
Join Date: Apr 2006
Location: Switzerland
Posts: 1,050
Thanks: 4
Thanked 37 Times in 35 Posts
|
|
Well, w32.stration won't do any harm on a linux server... however clients that use windows and download email containing the worm may be harmed.
Have you installed any antivirus scanner on your server?
|
24th October 2006, 08:34
|
|
Senior Member
|
|
Join Date: Aug 2006
Posts: 179
Thanks: 8
Thanked 15 Times in 7 Posts
|
|
Is that not what CLAMAV and Freshclam is doing there?
Freshclam updates the AV DB and ClamAV scan the mail for viri? Yes the Linux is not my concern, however the windows user connecting and fetching his mail is were the problems manifest!
|
24th October 2006, 08:57
|
|
Local Meanie
|
|
Join Date: Apr 2006
Location: Switzerland
Posts: 1,050
Thanks: 4
Thanked 37 Times in 35 Posts
|
|
Clamav should actually delete the virus. However I think you have to pipe the mail through the clamav scanner. I don't think it does it automatically... well, I'm not using any anti-virus software on my email server so I can't tell for sure.
|
24th October 2006, 09:44
|
|
Super Moderator
|
|
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 32,066
Thanks: 697
Thanked 4,248 Times in 3,260 Posts
|
|
If you use ISPConfig, you will just have to enable the "Antivirus" checkbox in the settings of the mail user and ISPConfig will pipe all mail trough ClamAV.
|
24th October 2006, 11:05
|
|
Senior Member
|
|
Join Date: Aug 2006
Posts: 179
Thanks: 8
Thanked 15 Times in 7 Posts
|
|
Yes it does, and it is enabled, however these specific Worms still pass into maiboxes, Most others get caught, these actually pass through.
Plse google for:
W32.Stration
althow the W32.Stration@mm is called Worm.Stration.A (ClamAV), some strains lately does not get caught. I did an /home/admispconfig/ispconfig/tools/clamav/bin/freshclam and the resul was
Quote:
ClamAV update process started at Tue Oct 24 11:01:06 2006
SECURITY WARNING: NO SUPPORT FOR DIGITAL SIGNATURES
See the FAQ at http://www.clamav.net/faq.html for an explanation.
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.88.4 Recommended version: 0.88.5
DON'T PANIC! Read http://www.clamav.net/faq.html
main.cvd is up to date (version: 40, sigs: 64138, f-level: 8, builder: tkojm)
daily.cvd is up to date (version: 2087, sigs: 10111, f-level: 8, builder: ccordes)
|
Witch meant that my ClamAV DB is fine!
|
25th October 2006, 15:04
|
|
Super Moderator
|
|
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,685
Thanks: 1,899
Thanked 2,599 Times in 2,448 Posts
|
|
Quote:
|
Originally Posted by Morons
althow the W32.Stration@mm is called Worm.Stration.A (ClamAV), some strains lately does not get caught.
|
It's possible that this worm is not in ClamAV's database yet. Although the ClamAV database contains most of the viruses/worms, it's still a project maintained by volunteers.
|
| Thread Tools |
|
|
| Display Modes |
 Linear Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
Similar Threads
|
| Thread |
Thread Starter |
Forum |
Replies |
Last Post |
|
HotSaNIC
|
domino |
Tips/Tricks/Mods |
23 |
6th November 2006 05:19 |
All times are GMT +2. The time now is 09:37.
|
English | 
Deutsch
Recent comments
1 day 11 hours ago
1 day 13 hours ago
2 days 1 hour ago
2 days 4 hours ago
2 days 8 hours ago
2 days 15 hours ago
3 days 26 min ago
3 days 2 hours ago
3 days 10 hours ago
3 days 11 hours ago