You've got worms...

You've got worms...

I need to spend some time looking into ClamAV logging. Right now I have it set to just forward a report an account when something is caught, which is fine, but hard to keep an eye on just what the exact numbers.

Right now I'm using a sort of hackneyed bash script I whipped up that gives me a report like so for the week so I can see what's going on:

Virus & Worm Count: +++ 1 Trojan.Dropper.C 9 W32.Magistr.A 1 Worm.Bagle.E 3 Worm.Bagle.F-zippwd-3 11 Worm.Bagle.Gen-1 1 Worm.Bagle.J 1 Worm.BugBear.B 2 Worm.Cjdra.A 4 Worm.Cidra.D 8 Worm.Gibe.F 4 Worm.Klez.H 1 Worm.Mimail.J 727 Worm.SCO.A 4 Worm.Sober.D 552 Worm.SomeFool 53 Worm.SomeFool.B 48 Worm.SomeFool.B-petite 15 Worm.SomeFool.I 28 Worm.SomeFool.D 331 Worm.SomeFool.Gen-1 102 Worm.SomeFool.Gen-2 +++

Yeah, I know, I need to cleanup the output a little but it works for now. The problem is that it's only reasonably efficient, and most of the efficiency is due to it only taking me a few minutes. It's basically just sucking in a list of virus signatures and using grep to comb the files and output a number. But I'm going to have to keep updating that list as new viruses come out, which would be a drag, so I'm going to have to spend some time seeing if ClamAV offers anything, or if a 3rd party tool exists.

And yeah, that's about what I've gotten this week. I can't quite believe the original SCO.A is still out there as much as it is.

yummy alcohol

Posted by drunkenbatman
March 12, 2004, at 11:47 PM

Comments ⁽²⁾

Posted by: Peter Beam at May 30, 2004 10:37 PM

Why can't I find WORM.SOMEFOOL.I in any virus databases?

Posted by: drunkenbatman at May 31, 2004 12:11 AM

worm.somefool is often dubbed/known-as NetSky by most anti-virus definitions. This link may be of some help.

Post a comment

alcoholic drink

Search

411 drunkenbatman

Email:
i (at) drunkenblog [dot] com

Support DrunkenBlog

You can donate to the site via PayPal or Credit Card below (You get the full RSS feed, and my avowed appreciation for now).

Alternately, there's the shirt...

sexy shirt

Subscribe

drunkenblog rss feed

Add to My Yahoo!

Subscribe with Bloglines

Categories

Not everything is categorized, but it's a start.
» Apple  (147)
» CherryOS  (9)
» Covercasts  (2)
» Desktops  (3)
» Drinks  (2)
» DrunkenBlog  (91)
» Interviews  (11)
» Mac OS 10.2  (13)
» Mac OS 10.3  (15)
» Mac OS 10.4  (35)
» Mac OS 10.5  (1)
» Mac OS X  (35)
» MXS and VX30  (8)
» OS X Software  (79)
» Reader Mail  (23)
» The Cow  (23)

Archives

Beware the archives, for they kinda bite. Hardly presentable.
» May 2006  (2)
» April 2006  (3)
» March 2006  (1)
» February 2006  (2)
» January 2006  (20)
» December 2005  (15)
» November 2005  (16)
» October 2005  (25)
» September 2005  (39)
» August 2005  (44)
» July 2005  (37)
» June 2005  (12)
» May 2005  (15)
» April 2005  (14)
» March 2005  (30)
» February 2005  (38)
» January 2005  (83)
» December 2004  (11)
» November 2004  (12)
» October 2004  (16)
» September 2004  (6)
» August 2004  (9)
» July 2004  (14)
» June 2004  (10)
» May 2004  (29)
» April 2004  (9)
» March 2004  (29)
» February 2004  (46)
» January 2004  (42)
» December 2003  (21)
» November 2003  (6)
» September 2003  (5)
» August 2003  (3)
» July 2003  (5)
» June 2003  (3)
» May 2003  (7)
» April 2003  (18)
» March 2003  (26)
» February 2003  (17)

video download

fine art