Scanning windows from linux
in [Firewalls]
|
Prev: Another firewall to replace Kerio Personal Firewall (KPF) v2.1.5in XP Pro. SP3?
Next: Download Bit Defender Antivirus 2009 (FREE)
From: G on 27 Dec 2009 05:27 In article <d8c20d66-1f1f-48af-add3-a490c8df2248 @r33g2000prh.googlegroups.com>, karthikbalaguru79(a)gmail.com says... > > On Dec 26, 1:41 am, G <geoffstempbox-use...(a)yahoo.com> wrote: > > In article <c6af182c-2b00-4f9a-bcf9-fc3509251558 > > @d4g2000pra.googlegroups.com>, karthikbalagur...(a)gmail.com says... > > > > > > > > > Hi, > > > Is there a virus scanner that can scan the windows > > > from linux environment ? > > > > > Hope the virus scanners and security related tools > > > are available for free. > > > > > Thx in advans, > > > Karthik Balaguru > > > > Avira and Kaspersky both have free options available at their websites. > > You just download the program and run it. It will automatically burn a > > Linux distro with AV scanner to a CD. Just reboot from the CD any you're > > in the new system. > > First of all, Thx for your response. > > I analyzed both the tools. > I checked Avira Anti-virus (Free version). It seems to be > based on DazukoFS and has on-access & on-demand > scanning support. But, i am unable find an option to scan > a Windows Machine from Linux Machine in the same Network. > > So, > I checked the Kaspersky Anti-virus (Free version) also. > It has an option of remote administration of Kas-persky > Anti-Virus.For remotely using Kaspersky Administration > Kit, the Network Agent has to be installed on the > system that has to be remotely monitored. > But, is there a method of avoiding the Network agent > in the remote machine/client and scanning from this > Administrator machine itself ? > > I find that, > Kaspersky Administration Kit enables the complete > remote administration of Kaspersky Anti-Virus on individual > client computers, including: starting and pausing scans, > general configuration such as enabling and disabling > protection, and configuring settings for report creation. > > It seems that only linux clients can be monitored > from windows machine. But, does it support the scanning > of a Windows Machine from Linux Machine using the > method of Remote monitoring ? > > Any ideas ? > > Thx in advans, > Karthik Balaguru I'm sorry that I wasn't more clear in what I suggested. I was talking about these two tools that are available: http://majorgeeks.com/Avira_AntiVir_Rescue_System_d6005.html http://majorgeeks.com/Kaspersky_Free_Cleaner_d4515.html In order to use them, you don't actually need anything other than the Windows system. When you download and run the .exe file on windows, it will burn what is essentially a "LiveCD" that is a minimal Linux distro that was specifically designed to deal with infections on a Windows machine. You don't even need a second computer. Just boot from the LiveCD on the machine you want to check, and run the scanner. I don't know if that's exactly what you're looking for, but it's the simplest way (in my opinion) to scan a machine when you have the physical machine with you. I've used each one several times, and they do a very nice job. Both companies typically update it several times a day, so the definition files will always be current.
From: Wanna-Be Sys Admin on 27 Dec 2009 06:39 karthikbalaguru wrote: > Hi, > Is there a virus scanner that can scan the windows > from linux environment ? > > Hope the virus scanners and security related tools > are available for free. > > Thx in advans, > Karthik Balaguru Sure, if you can mount the partition/drive or whatever, have it scan the file system, or use it as a system for incoming data that's transfered to the system via email, FTP, etc. -- Not really a wanna-be, but I don't know everything.
From: karthikbalaguru on 27 Dec 2009 08:34 On Dec 27, 3:27 pm, G <geoffstempbox-use...(a)yahoo.com> wrote: > In article <d8c20d66-1f1f-48af-add3-a490c8df2248 > @r33g2000prh.googlegroups.com>, karthikbalagur...(a)gmail.com says... > > > > > > > > > On Dec 26, 1:41 am, G <geoffstempbox-use...(a)yahoo.com> wrote: > > > In article <c6af182c-2b00-4f9a-bcf9-fc3509251558 > > > @d4g2000pra.googlegroups.com>, karthikbalagur...(a)gmail.com says... > > > > > Hi, > > > > Is there a virus scanner that can scan the windows > > > > from linux environment ? > > > > > Hope the virus scanners and security related tools > > > > are available for free. > > > > > Thx in advans, > > > > Karthik Balaguru > > > > Avira and Kaspersky both have free options available at their websites. > > > You just download the program and run it. It will automatically burn a > > > Linux distro with AV scanner to a CD. Just reboot from the CD any you're > > > in the new system. > > > First of all, Thx for your response. > > > I analyzed both the tools. > > I checked Avira Anti-virus (Free version). It seems to be > > based on DazukoFS and has on-access & on-demand > > scanning support. But, i am unable find an option to scan > > a Windows Machine from Linux Machine in the same Network. > > > So, > > I checked the Kaspersky Anti-virus (Free version) also. > > It has an option of remote administration of Kas-persky > > Anti-Virus.For remotely using Kaspersky Administration > > Kit, the Network Agent has to be installed on the > > system that has to be remotely monitored. > > But, is there a method of avoiding the Network agent > > in the remote machine/client and scanning from this > > Administrator machine itself ? > > > I find that, > > Kaspersky Administration Kit enables the complete > > remote administration of Kaspersky Anti-Virus on individual > > client computers, including: starting and pausing scans, > > general configuration such as enabling and disabling > > protection, and configuring settings for report creation. > > > It seems that only linux clients can be monitored > > from windows machine. But, does it support the scanning > > of a Windows Machine from Linux Machine using the > > method of Remote monitoring ? > > > Any ideas ? > > > Thx in advans, > > Karthik Balaguru > > I'm sorry that I wasn't more clear in what I suggested. I was talking > about these two tools that are available: > > http://majorgeeks.com/Avira_AntiVir_Rescue_System_d6005.html > http://majorgeeks.com/Kaspersky_Free_Cleaner_d4515.html > > In order to use them, you don't actually need anything other than the > Windows system. When you download and run the .exe file on windows, it > will burn what is essentially a "LiveCD" that is a minimal Linux distro > that was specifically designed to deal with infections on a Windows > machine. You don't even need a second computer. Just boot from the > LiveCD on the machine you want to check, and run the scanner. > The method of creation of a minimal Linux distro(LiveCD) on windows for dealing with the infections on windows sounds fantastic ! Thats cool ! Interesting method for scanning viruses :-) > I don't know if that's exactly what you're looking for, but it's the > simplest way (in my opinion) to scan a machine when you have the > physical machine with you. I am looking for a Linux-based application that could scan computers by accessing them via network. (Especially the systems(windows based systems) that cannot be booted). But, the below link seems to suggests a linux-based application that allows accessing computers that cannot be booted anymore. http://majorgeeks.com/Avira_AntiVir_Rescue_System_d6005.html Though it is not via network, I think, this will serve the purpose for the time being. Lemme know incase if there is a tool(Freeware) that has a feature of performing it via network. Your response has been very helpful !! >I've used each one several times, and they do > a very nice job. Both companies typically update it several times a day, > so the definition files will always be current. > Interesting ! I will check this out. Karthik Balaguru
From: G on 27 Dec 2009 12:01 In article <0b7249a1-3a24-4948-9d0d-2dd203a81872 @o9g2000prg.googlegroups.com>, karthikbalaguru79(a)gmail.com says... > > I am looking for a Linux-based application that could scan > computers by accessing them via network. (Especially the > systems(windows based systems) that cannot be booted). > I would imagine that there is a way to accomplish this on running networked machines using something like ClamAV, but I don't personally know how to do it. > But, the below link seems to suggests a linux-based application > that allows accessing computers that cannot be booted anymore. > http://majorgeeks.com/Avira_AntiVir_Rescue_System_d6005.html > Though it is not via network, I think, this will serve the purpose for > the time being. Lemme know incase if there is a tool(Freeware) that > has a feature of performing it via network. > That tool is probably your best choice, as long as the BIOS is set to allow you to boot from the CD. If the machine won't boot into Windows, then it isn't going to show up on your network anyway. The only other way I know to check the drive is by physically removing it and hooking it up to another machine. You might want to check the HD as well if it doesn't boot at all. You could run it through something like Spinrite (not free) to check the health of the physical drive. Good luck.
From: Aragorn on 27 Dec 2009 13:59
On Sunday 27 December 2009 14:34 in comp.os.linux.setup, somebody identifying as karthikbalaguru wrote... > I am looking for a Linux-based application that could scan > computers by accessing them via network. (Especially the > systems(windows based systems) that cannot be booted). How on earth are you going to access a computer _which_ _cannot_ _be_ _booted_ over the network? A network connection which shares filesystems over the network for scanning requires at least a minimal running operating system on the target machine. > But, the below link seems to suggests a linux-based application > that allows accessing computers that cannot be booted anymore. > http://majorgeeks.com/Avira_AntiVir_Rescue_System_d6005.html > Though it is not via network, I think, this will serve the purpose for > the time being. Lemme know incase if there is a tool(Freeware) that > has a feature of performing it via network. The first requirement is that you can get the infected computer to boot. That means that if the machine is unbootable of itself due to a totally corrupted bootsector, master boot record or Windows installation, you will need to boot the machine off of a rescue system on a CD or DVD. Getting the infected machine to boot from a rescue CD (or DVD) means that you are physically in the vicinity of the infected computer and sitting at its local console, so what would be the point in then scanning it from somewhere else on the network? The machine would only be temporarily running off of a CD-based system anyway and would either way need to be rebooted after the scan/repair is complete, so you might as well stay sitting there at the machine's local console until after the clean-up and repair have been completed and the machine is ready for reboot into its native operating system. If on the other hand you are talking about scanning Windows partitions on *running* Windows machines over the network as some sort of preemptive scan, then you'd need to export *all* of their files over the network, including the Windows "C:" drive and all system files thereon, which is not exactly the safest way of setting up a network share, and which will in addition not scan the *RAM* of the Windows computers, where a virus might be hiding. The only possible way of performing a virus scan without any viruses hiding in the Windows machine's RAM is to boot the Windows machine from such a rescue CD, which - as explained higher up - and this requires local access to the machine in question. -- *Aragorn* (registered GNU/Linux user #223157) |