[CentOS] Antivirus for CentOS? (yuck!)

Thu Apr 23 22:10:38 UTC 2009
Ross Walker <rswwalker at gmail.com>

On Apr 23, 2009, at 3:00 PM, NM <nico at altiva.fr> wrote:

> On Fri, 23 Jan 2009 11:30:12 -0800, Scott Silva wrote:
>
>> Cron a "clamscan -ir /"
>> It will check the entire filesystem and report infected files. You
>> probably don't want to automatically delete what you find, though.
>>
>> You can also scan for things like ssn's in datafiles laying around.
>
> Congratulations, anyone who can write to /tmp is all set to pwn you on
> the next ClamAV vuln.

How about running it as the untrusted user 'clamav'?

I know there is a lot of boilerplate regulation out there, I have my  
fair share to deal with myself. Often hidden in the BS there is a good  
intention it just requires a little give and take. Give in to a little  
BS here to get a little break on the BS there.

What the consultant should be working off of is an accurate risk  
assessment of the OS and the applications installed on it, not some  
dumb checklist.

-Ross