-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Tuesday 2008-07-08 at 14:38 -0400, James Knott wrote:
The Tuesday 2008-07-08 at 13:42 -0400, James Knott wrote:
FWIW, one thing I would like to scan is USB external drives. Recently I plugged my USB flash drive into a customer's computer and wound up with a virus on it. Many years ago, floppies were a common way of spreading a virus. Now USB drives fill that role.
But surely, that virus was not propagated by the linux machine, and it probably came from another windows machine.
Quite so, but that drive gets plugged into Windows boxes (I use it for work). It included an autorun.inf file, so it would run when that drive was plugged into another Windows box. ClamAV on my Linux box found it.
But how did that autorun.inf get there? It would be the duty of the windows machine that created/wrote it to do the verification for windows viruses, not of the linux machine on which you accessed it later and on which it can not do damage. However, perhaps it could be added a script to the automount process in kde/gnome to scan the usb disk when mounted/umounted. That would be less intrusive that having on-access scan on all the files written to the usb-stick all the time.
I met the first IBM PC virus when I was a student somewhere in the eighties. A dancing ball. There were two viruses then, one a boot sector virus, another attached itself to the end of executables. I killed them with my "bare hands", I had no antivirus, not invented. I used msdos debugger and pctools. Things have changed.
I once got a boot sector virus from a night school computer, via a floppy disk. Fortunately, IBM AV caught it. My computer was running OS/2 then and the boot sector was about the only way in for a virus.
It was a very common intrusion method. I soon learnt to not leave the door of the data floppies closed, so that i would not reboot from them without thinking. And if I did try to reboot, I would power off before pluggin the right disk. And later, when I got my first HD, boot from floppy was disabled. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIc7uctTMYHG2NR9URAp/SAJ9DR5UXc+wsz0hMgEp1Y4eNyee2RQCfRt1Q nYqe7CpoAnzP7/vKuZkTHZ0= =giGe -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org