Klez.H

Robert A. Thompson ucs_rat at SHSU.EDU
Fri May 31 19:38:01 IST 2002


Below is the verion of uvscan I use and I'm picking up between 5 and 10
thousand a day.... this doesn't mean some are not slipping through, but
I'm not hearing about them.  We did see when klez first come out uvscan
was letting a lot through, but when we started testing the virus on a
quarintined network we discovered they were broken copies of the virus.
However, this was corrected on the next dat release.  Some scanners
(generally dependent on the version) would pick up the broken copy and
some wouldn't.  However, the broken virus would not run when you tried
to execute it.

--robert

./uvscan --version
Virus Scan for Linux v4.14.0
Copyright (c) 1992-2001 Networks Associates Technology Inc. All rights
reserved.
(408) 988-3832  LICENSED COPY - Jan 18 2001

Scan engine v4.1.40 for Linux.
Virus data file v4205 created May 29 2002
Scanning for 60684 viruses, trojans and variants.




On Fri, 2002-05-31 at 11:10, Thom Paine wrote:
> I just received a phone call from a site running mailscanner and
> apparently a klez.h virus got through to a workstation. It was picked up
> there by PC Cillin and halted.
>
> The site is running mailscanner with Mcafee 4.1.6 and just autoupdated
> the defs yesterday to 4205.
>
> Anyone else experience something similar?
>
> --
> -=/>Thom
> Red Hat Linux release 7.3 (Valhalla) running Linux Kernel 2.4.18-4
> Uptime:  12:08pm  up 8 days, 18:31,  2 users,  load average: 1.31, 1.28,
> 1.33
> Registered Linux User 214499



More information about the MailScanner mailing list