RE: [Clamav-users] Can clanscan scan attachments in mails in.dbxor .pst files?
Hi, You are right, but given that I'm analysng a Windows post-mortem filesystem from a GNU/Linux enviroment is difficult to execute a Windows-native scanner. Maybe should I change my analysis enviroment (from GNU/Linux - Windows :) Have a look at: http://alioth.debian.org/projects/libpst/ Thanks! This could be useful for .pst files. For .dbx I've found the following reference (althought it seems unmantained since April, 2002): http://oedbx.aroh.de/ Best regards, -- Fermín ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] Can clanscan scan attachments in mails in.dbxor .pst files?
I would guess that your best bet is going for a scanner (actually, scanners I you want to do a thorough job) that has Windows as its native platform (ClamAV is designed for *nix) and doing it from a Windows environment (which would allow you to use the MAPI-interface to scan inside the pst's). But it really depends on what kind of system and compromise (accidental or professionally targeted) you're dealing with. I do forensics for hobby, it isn't a professional target. You are right, but given that I'm analysng a Windows post-mortem filesystem from a GNU/Linux enviroment is difficult to execute a Windows-native scanner. Maybe should I change my analysis enviroment (from GNU/Linux - Windows :) Have a look at: http://alioth.debian.org/projects/libpst/ MrC ___ http://lurker.clamav.net/list/clamav-users.html
