PDA

View Full Version : virus scanning in knoppix?



Coco
11-26-2004, 07:17 AM
I'm just wondering. Is there a way you could run a virus scanner in knoppix? I mean sometimes I've got to fix windows computers for people, and they are just packed with viruses, and booting into windows to scan is sometimes a very hard thing since many viruses get in the way of windows virus scanners. So I'm just wondering if anyone has maybe made a linux virus scanner that can scan windows files for windows viruses.

Also, how is the support for ntfs in knoppix coming. I mean I know I can read just fine, but how safe is writting? I noticed by default root is given write permission to auto detected ntfs drives, but I was under the impression that writing to them was a big no no.

monkymind
11-26-2004, 08:42 AM
Have a look at Insert and LinuxDefender. Both Live CDs - first is biz-card sized and the second is normal 80min CD. Their sites carry plenty of info to help you make the best choice for your situation.
http://www.inside-security.de/insert_en.html
http://www.bitdefender.com/bd/site/presscenter.php?menu_id=25&n_id=58

Here's a list of other rescue CDs if you need it :idea:
http://www.frozentech.com/content/livecd.php?sort=Purpose&showonly=rescue

Cheers
rob

roberto
11-26-2004, 09:43 AM
Ok previous poster did not really answer your question... anyways...

If you are running knoppix 2.6 you can have a look in your knoppix menu

under Install software live to cd

you will see an item called f-prot available as an item

ias long as you are connected to the net it will automatically download f-prot to your computers RAM...

after it downloads there will be a new icon on the desktop that you can use to start f-prot.(note it wont be called f-prot)

but when you start the f-prot GUI be sure to click on get updates before you click on scan partitions....

to answer your second question... writing to ntfs is still unstable.... but you can do it... also in the knoppix menu is the captive NTFS driver it searched your hard disk and uses the windows driver to mount the partition in your system... i recommend only using that for small writes though... it seems to me that it is stable during single file writes but not when copying hundreds of megabytes of data....


sorry for the clouded reply but it is 3 am almost here... and im very tired... try comin over to #knoppix on ird.freenode.net sometime and checking out some chat room help too ^^. - burnt-toast

monkymind
11-26-2004, 10:53 AM
Ok previous poster did not really answer your question... anyways...
burnt-toast

:roll: No - I only pointed to easy ways to scan windows for viruses with full read-write support for NTFS-partitions using captive.

Cheers
rob

sunpascal
11-29-2004, 02:45 PM
i think there isn't as many viruses on linux as on windows, since far more people use windows, which also has more security issues.

kn2user
11-29-2004, 07:24 PM
Does Insert and LinuxDefender need to connect to the internet to scan for virus?

If so, is there a way around or a different distro that does not need internet connection because one pc that I would like to scan is not able to connect to the internet currently?

I check the sites but I did not see an answer to my question.

probono
11-29-2004, 08:39 PM
Hi,

you can use F-Prot,
http://www.knoppix.net/forum/viewtopic.php?t=15196

First, on the Computer WITH Internet:
You can install klik from the Internet to the Knoppix Live CD as it is described on http://klik.berlios.de -be sure to update your virus definitions, too.

Then simply copy the ~/f-prot directory (e. g. over network, with USB stick or on CD) to the computer WITHOUT Internet connection and run the copied ~/f-prot/wrapper with Knoppix there.

This is very easy because the whole application is inside one single directory, ~/f-prot ("AppDir philosophy").

Greetings,
probono

monkymind
11-30-2004, 12:40 AM
Does Insert and LinuxDefender need to connect to the internet to scan for virus?

If so, is there a way around or a different distro that does not need internet connection because one pc that I would like to scan is not able to connect to the internet currently?

I check the sites but I did not see an answer to my question.

At this stage I think the easiest way to use them .... is to get the lastest virus definition files live from the internet (and you need to add the captive driver files too!). But there are probably ways of storing these downloaded files on a usb stick if you are willing to experiment a bit.

FWIW The Insert site states they are planning to provide a tool to install Insert on a USB stick (but who knows when that will be).

I should also point out I haven't used these rescue CDs in quite a while. I've been installing linux on my friends, family and neighbours PCs instead. For some reason these people who had no interest in ever trying linux last year became fed up with all the windows security scares and have now moved to linux for all their internet related stuff :D .

Cheers
rob

bsaber
11-30-2004, 11:39 PM
Hi,

I was wondering how to update the definition files for LinuxDefender. I looked at the knowledge base on the official site but it doesn't seem to be working. Can anyone help me?