Re: [Clamav-users] Feature Request Scanlist
On 29.01.09 13:26, Andre Hübner wrote: during practical work with webspace/virus etc. i missed a function in clamscan to scan files which were given by list in file. Often after a Hackattack by ftp/upload etc. a lot of files with alike date of creation are found in filesystem. there's mod_clamav for ProFTPD. Sometimes it is not necessary to scan whole filesystem with thousends of files. I could imagine to create a list in file by typical *nix commands with fileselection which is base for clamscan. Thsi fileselection could be reduced by date of creation, special filetypes, chmod, whatever... Sure, a complete scan should also be done, but to get fast results or to do quick automated scans of suspicious files this could be a nice feature. you'll have to check for ctime, even if that means scanning more files, since mtime can be changed. On filesystems without ctime, you'll have to scan anything -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #98652: Operation completed successfully. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] Feature Request Scanlist
Hi, during practical work with webspace/virus etc. i missed a function in clamscan to scan files which were given by list in file. Often after a Hackattack by ftp/upload etc. a lot of files with alike date of creation are found in filesystem. Sometimes it is not necessary to scan whole filesystem with thousends of files. I could imagine to create a list in file by typical *nix commands with fileselection which is base for clamscan. Thsi fileselection could be reduced by date of creation, special filetypes, chmod, whatever... Sure, a complete scan should also be done, but to get fast results or to do quick automated scans of suspicious files this could be a nice feature. How about that? Thanks, Andre ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Feature Request Scanlist
On Thu, 29 Jan 2009 13:26:29 +0100 Andre Hübner andre.hueb...@gmx.de wrote: Hi, during practical work with webspace/virus etc. i missed a function in clamscan to scan files which were given by list in file. Often after a Hackattack by ftp/upload etc. a lot of files with alike date of creation are found in filesystem. Sometimes it is not necessary to scan whole filesystem with thousends of files. I could imagine to create a list in file by typical *nix commands with fileselection which is base for clamscan. Thsi fileselection could be reduced by date of creation, special filetypes, chmod, whatever... Sure, a complete scan should also be done, but to get fast results or to do quick automated scans of suspicious files this could be a nice feature. How about that? Please search the archives; it was already described how to use clamdscan for that purpose. -- oo. Tomasz Kojm tk...@clamav.net (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Thu Jan 29 13:30:37 CET 2009 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Feature Request Scanlist
Tomasz Kojm wrote: On Thu, 29 Jan 2009 13:26:29 +0100 Andre Hübner andre.hueb...@gmx.de wrote: snip with fileselection which is base for clamscan. Thsi fileselection could be reduced by date of creation, special filetypes, chmod, whatever... Sure, a complete scan should also be done, but to get fast results or to do quick automated scans of suspicious files this could be a nice feature. How about that? Please search the archives; it was already described how to use clamdscan for that purpose. You also have to be careful. The date/time of creation or modification can be faked or changed. So, I wouldn't rely entirely on that alone to determine what files to scan and which not to scan. James signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml