设为首页收藏本站

LinuxSir.cn,穿越时空的Linuxsir!

 找回密码
 注册
搜索
热搜: shell linux mysql
LinuxSir.cn,穿越时空的Linuxsir!»论坛 运维技术 —— LinuxSir.cn 网络技术\网络安全讨论 心血来潮,杀毒软件扫描系统,结果给大家看看,竟然有病 ...
返回列表 发新帖
查看: 1464|回复: 8

心血来潮,杀毒软件扫描系统,结果给大家看看,竟然有病毒

[复制链接]
windsea
发表于 2005-8-3 23:37:59 | 显示全部楼层 |阅读模式
我用as4系统,开防火墙,没有自己打开任何端口,开selinux


/home/abc/.mozilla/firefox/tbgcn33a.default/Cache/AC53ED7Bd01->&quot  Infection: W32/Bagle.AP@mm
/home/abc/.mozilla/firefox/tbgcn33a.default/Cache/53F5E2EDd01->qubll.exe  could be a suspicious file (encrypted program in archive)
/home/abc/.mozilla/firefox/tbgcn33a.default/Cache/53E5E2EDd01->&quot  Infection: W32/Bagle.Z@mm
/home/abc/.mozilla/firefox/tbgcn33a.default/Cache/66B102B6d01  could be an archive bomb
/home/abc/.evolution/cache/tmp/evolution-tmp-GZZbLs/Legs.zip->ds-rwe.exe  is a security risk named W32/Mitglieder.DT
/usr/lib/debug/usr/libexec/hal.hotplug.debug  could be infected with an unknown virus
/usr/lib/debug/usr/libexec/hal-hotplug-map.debug  could be infected with an unknown virus
/usr/lib/debug/usr/libexec/hal.dev.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/wpd2raw.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kimage_concat.debug  could be infected with an unknown virus/usr/lib/debug/usr/bin/dcopquit.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/khotnewstuff.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopclient.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kde-menu.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kded.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kdontchangethehostname.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/ksvgtopng.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/ksendbugmail.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/meinproc.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/ktelnetservice.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/hal-set-property.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopserver_shutdown.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopserver.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/hal-get-property.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/make_driver_db_cups.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopref.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kconfig_compiler.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/makekdewidgets.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopidl.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kbuildsycoca.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kconf_update.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/lshal.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kioslave.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/wpd2html.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/cvs.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kinstalltheme.debug  could be infected with an unknown virus/usr/lib/debug/usr/bin/kab2kabc.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kio_http_cache_cleaner.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/klauncher.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/make_driver_db_lpr.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kdeinit.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopobject.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kdesu_stub.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/artsmessage.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcop.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/cupsdconf.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kdeinit_wrapper.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/cupsdoprint.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopstart.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/ghns.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/lnusertemp.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/curl.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/openssl.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kwrapper.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopidl2cpp.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kio_uiserver.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kaddprinterwizard.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kshell.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/wpd2text.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/ktradertest.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/dcopfind.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kde-config.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kcookiejar.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kmailservice.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kioexec.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kdeinit_shutdown.debug  could be infected with an unknown virus
/usr/lib/debug/usr/bin/kfile.debug  could be infected with an unknown virus
/usr/lib/debug/usr/sbin/fstab-sync.debug  could be infected with an unknown virus
/usr/lib/debug/usr/sbin/hald.debug  could be infected with an unknown virus
/usr/lib/debug/usr/X11R6/bin/xloadimage.debug  could be infected with an unknown virus
/usr/lib/debug/usr/X11R6/bin/mwm.debug  could be infected with an unknown virus
/usr/lib/debug/usr/X11R6/bin/uil.debug  could be infected with an unknown virus
/usr/lib/debug/usr/X11R6/bin/xmbind.debug  could be infected with an unknown virus
/mnt/wind/desktop/surfer_tutorial/surfer8.exe  is a security risk named W32/Fly.B
回复

使用道具 举报

发表于 2005-8-3 23:48:50 | 显示全部楼层

瓦赛,不懂

请问楼主,怎么linux下也有病毒的?
回复 支持 反对

使用道具 举报

lanyao
发表于 2005-8-4 00:39:18 | 显示全部楼层
什么杀毒软件?
是误报吧
回复 支持 反对

使用道具 举报

发表于 2005-8-4 01:21:21 | 显示全部楼层
搞笑,不是你自己下有病毒的.exe/.zip就是对一些二进制文件的误报,根本就不会对系统有威胁

你搞懂了在说,不要乱跑出来吓人
回复 支持 反对

使用道具 举报

Yuri
发表于 2005-8-4 07:51:59 | 显示全部楼层
exe对系统来说是执行不了的,所以你可以放一堆win下的病毒.
当然其他的bin文件可能是杀毒软件不懂2进制然后误报
回复 支持 反对

使用道具 举报

windsea
 楼主| 发表于 2005-8-4 08:39:27 | 显示全部楼层
冤枉阿,我并没有想吓唬人的想法阿。
上面结果大概分析了一下的。杀毒软件f-prot
could be a suspicious file (encrypted program in archive)这样的基本都可以忽略的,也就是所谓的exe相关的,只是suspicious
但是下面这两个应该是把:
/home/abc/.mozilla/firefox/tbgcn33a.default/Cache/AC53ED7Bd01->&quot Infection: W32/Bagle.AP@mm
/home/abc/.mozilla/firefox/tbgcn33a.default/Cache/53E5E2EDd01->&quot Infection: W32/Bagle.Z@mm
最后报的结果就是有2个infected的。而且这两个并不是我下载的什么exe文件,是在firefox的cache里面的,应该与windows无关把。

         Virus Info >  Virus Threats >  Bagle.AP@mm
Summary of W32/Bagle.AP@mm
Discovered:         29 Oct 2004
Definition files:         29 Oct 2004
Risk Level:         Medium
Distribution:        Medium


Virus Name         Risk Assessment
W32/Bagle.z@MM        
Corporate User         :         Medium
Home User         :         Medium

Virus Information
Discovery Date:         04/26/2004
Origin:         Unknown
Length:         Various (Appended garbage)
Type:         Virus
SubType:         E-mail worm
Minimum DAT:         4353 (04/26/2004)
Updated DAT:         4428 (02/16/2005)
Minimum Engine:         4.2.40
Description Added:         04/26/2004
Description Modified:         04/26/2004 2:36 PM (PT)
回复 支持 反对

使用道具 举报

发表于 2005-8-4 08:56:40 | 显示全部楼层
在firefox的cache里可能是你上网的时候传给你的,但是病毒名称前面的W32说明是针对windows的,不会感染linux系统。
回复 支持 反对

使用道具 举报

troll
发表于 2005-8-5 16:58:32 | 显示全部楼层
除了firefox缓存和evolution附件外都是F-Prot误报。

你装那么一大堆debuginfo包干嘛?很占磁盘空间的。
回复 支持 反对

使用道具 举报

发表于 2005-8-15 21:29:26 | 显示全部楼层
cache里面存的网站的网页,一些恶心的网站如XXX网站的网页经常会放一些类病毒的代码。所以杀毒软件才会报,这些代码多数对于Firefox是不起作用的。不要在这里危言耸听啦。
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

快速回复 返回顶部 返回列表