LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

May 2013

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS May 2013

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: is this a this virus or an error
From:	Clint Bowman <[log in to unmask]>
Reply To:	Clint Bowman <[log in to unmask]>
Date:	Fri, 24 May 2013 15:01:19 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (124 lines)

ClamAV seems to have a good pedigree--SANS has mentioned it frequently.

Clint Bowman			INTERNET:	[log in to unmask]
Air Quality Modeler		INTERNET:	[log in to unmask]
Department of Ecology		VOICE:		(360) 407-6815
PO Box 47600			FAX:		(360) 407-7534
Olympia, WA 98504-7600

         USPS:           PO Box 47600, Olympia, WA 98504-7600
         Parcels:        300 Desmond Drive, Lacey, WA 98503-1274

On Fri, 24 May 2013, Yasha Karant wrote:

> Currently, which are the "best" antivirus programs for SL 6 X86-64?
>
> I am familiar with several Linux applicable antivirus applications:
> Avast, BitDefender, ClamAV, AVG, amongst others,
> but have not tested any of these on my current environment.
>
> Any current recommendations?
>
> Yasha Karant
>
> On 05/24/2013 10:34 AM, John Lauro wrote:
>> Linux can get viruses too including ones that could cause the
>> symptoms
> described. Not sure what you mean by oos viruses, but the claim was
> blaster like, not the blaster virus. That said, it sounds suspicious
> like an attempt to get you to buy something. Anyways, a virus on Linux
> is possible, but you can use argus or tcpdump or a ton of other network
> monitoring tools on your machine and see if it is spewing out random
> connections that it shouldn't be.
>
>> 
>> 
>> ----- Original Message -----
>> From: "g" <[log in to unmask]>
>> To: "scientific linux users" <[log in to unmask]>
>> Sent: Friday, May 24, 2013 12:50:12 PM
>> Subject: is this a this virus or an error
>> 
>> greetings.
>> 
>> last night while reading articles at 'news.yahoo.com' using firefox 17.0.6,
>> i had 3 pages opened and this message popped up;
>> 
>> +++
>> Excessive Sessions Warning
>> Error
>> 
>> Your 2701HG-B Gateway has intercepted your web page request to provide you
>> with this important message. The following devices on your network are 
>> using
>> a large number of simultaneous Internet sessions:
>> 
>> 192.168.1.144
>> 
>> The most likely cause of this issue is a ~blaster~ type virus which has
>> infected the device. It is strongly recommended that the devices above be
>> scanned for potential viruses.
>> 
>> Note that a large number of sessions may occasionally be the result of
>> application software or gaming software installed on the device. If you
>> believe this is the case, click the ~Do not show me excessive session
>> warnings in the future~ to disable this feature.
>> 
>> To access the requested Web page that was intercepted, please close all
>> browser windows and then restart your Web browser software.
>> 
>> If you continue to see this page after closing all open Web browser 
>> windows,
>> restart your computer.
>> 
>> [ ] Do not show me excessive session warnings in the future
>> +++
>> 
>> i have, at previous times, had 8 to 10 pages opened and not received such
>> a notice.
>> 
>> curious as to what such a virus infected, i looked up 'blaster' at
>> wikipedia.org to find;
>> 
>> +++
>> The Blaster Worm (also known as Lovsan, Lovesan or MSBlast) was a computer
>> worm that spread on computers running the Microsoft operating systems: 
>> Windows
>> XP and Windows 2000, during August 2003.[1]
>> 
>> The worm was first noticed and started spreading on August 11, 2003. The 
>> rate
>> that it spread increased until the number of infections peaked on August 
>> 13,
>> 2003. Filtering by ISPs and widespread publicity about the worm curbed the
>> spread of Blaster.
>> +++
>> 
>> i contacted bellsouth and the rep insisted that i had a virus that was
>> causing message.
>> 
>> when i told her that i had doubt that it was a virus, because i run linux
>> and oos viruses do not effect linux.
>> 
>> she insisted that "viruses have a way of creeping into a system" and that
>> for $100, i could have an online scan run to check my system.
>> 
>> when i mentioned that notice stated;
>>
>>    It is strongly recommended that the devices above be scanned for 
>> potential
>>    viruses.
>> 
>> rep insisted that meant my computer and not the dsl modem.
>> 
>> needless to say, if she did not understand what i was trying to explain
>> to her that i was not using oos, she has little understanding about any
>> virus problem.
>> 
>> so, have any readers run across above notice or know of any virus that can
>> enter a linux system to cause such a message to appear?
>> 
>> tia.
>> 
>

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV