Hello, I've got a couple of questions for the anti virus gurus here...
I've got a multi-boot pentium 3 with win98se, Slackware 8.0, SuSE 7.3,
Mandrake 8.2, RedHat 9, [and a semi-functional RedHat 7.3 installation].
I've got f-prot installed in RedHat 9, & Mandrake 8.2. I've used it to
scan every single partition on my hard drives. And the only partition
that didn't come up squeaky clean was RedHat 9. I already had F-prot
installed in Mandrake the day I installed RH9 from a boxed set. So I
immediately ran it. At the time it complained about 14 Suspicious files.
Mostly in RH9's /usr/lib/debug/usr/bin dir, but also including the one
it's still complaining about <see below>. I updated the "SIGNATURE"
files today, and ran f-prot from RH9 on only RH9. The output text is
below...
Now for the questions:
1) Does anyone know why an up to date f-prot would call this file
{that was put there by the installation program} "suspicious"?
2) Given that neither of MDK8.2 nor RH9 are located on /dev/hda, can
anyone tell me how to get it to actually check the mbr?
3) Bonus question for RH7.3 enthusiasts, I called it semi functional
because of some problem with dialup ppp communications, It connects
to my isp via the gui or "# ifup ppp0". But once connected a normal
user Can connect to a remote host via ssh, or sftp. But only root can
get to any webpage or my isp's mailservers. That is to say, for a
regular user mozilla says www.google.com not found, and pine says
my isp's pop3 -or- smtp servers don't exist. But in same dialup
session root can get to any of them...
===>the question: Is there a known old RH7.3 problem that would cause
this? or better still, does anybody know of a fix?
Thanks in advance!
--
| ~^~ ~^~
| <?> <?> Joe (theWordy) Philbrook
| ^ J(tWdy)P
| \___/ <<[EMAIL PROTECTED]>>
- - - - - - - - -< s n i p >- - - - - - - - - -
Virus scanning report - 7 July 2003 @ 8:48
F-PROT ANTIVIRUS
Program version: 3.13
Engine version: 3.13.1
VIRUS SIGNATURE FILES
SIGN.DEF created 4 July 2003
SIGN2.DEF created 4 July 2003
MACRO.DEF created 30 June 2003
Search: /
Action: Disinfect/Query
Files: "Dumb" scan of all files
Switches: -ARCHIVE
/var/mailman/tests/msgs/nimda.txt->readme.exe could be infected with an unknown virus
Virus-infected files in archives cannot be disinfected.
Results of virus scanning:
Files: 132568
MBRs: 0
Boot sectors: 0
Objects scanned: 140476
Infected: 0
Suspicious: 1
Disinfected: 0
Deleted: 0
Renamed: 0
Time: 18:41
--
redhat-list mailing list
unsubscribe mailto:[EMAIL PROTECTED]
https://www.redhat.com/mailman/listinfo/redhat-list
