23 Apr
2009
23 Apr
'09
7 p.m.
On Fri, 23 Jan 2009 11:30:12 -0800, Scott Silva wrote:
Cron a "clamscan -ir /" It will check the entire filesystem and report infected files. You probably don't want to automatically delete what you find, though.
You can also scan for things like ssn's in datafiles laying around.
Congratulations, anyone who can write to /tmp is all set to pwn you on the next ClamAV vuln.