lsu at DC.LUTH.SE
Tue Nov 12 15:11:38 GMT 2002
Do you have a patch for that?
Lennart Sundstrom, Incident Response Team,
Luleå University of Technology, S-971 87 Luleå, Sweden
Tel: +46 920 492 528
Email: lsu at dc.luth.se
On Tue, 05 Nov 2002 14:53:06 GMT, Julian Field wrote:
> I have just added virus name logging for F-Secure.
> Please don't all ask for the others, some of them are almost impossible due
> to badly-designed virus scanner output by the manufacturers.
> At 12:57 05/11/2002, you wrote:
> >On Tuesday 05 November 2002 03:01 am, Carl Boberg wrote:
> > > Hi,
> > >
> > > Im trying really hard to make my F-secure log to the maillog as other
> > > scanners do, like:
> > >
> > > Nov 4 17:15:31 host-2 MailScanner: >>> Virus 'W32/Klez-H' found in
> > > file ./gA4HFT803745/coords.scr
> > >
> > > (this is a Sophos log entry)
> > >
> > > Has anyone any knowledge about how this could be done?
> >Well, The code that does the following should be in the next release I would
> >Nov 5 06:52:41 ns2 MailScanner: Virus and Content Scanning: Starting
> >Nov 5 06:52:41 ns2 MailScanner:
> >Infection: EICAR_Test_File
> >Nov 5 06:52:41 ns2 MailScanner: Virus Scanning: F-Prot found virus
> >Nov 5 06:52:41 ns2 MailScanner: Virus Scanning: f-prot found 1
> >Nov 5 06:52:41 ns2 MailScanner: Virus Scanning: Found 1 viruses
> >Nov 5 06:52:41 ns2 MailScanner: Saved infected "eicar_com.zip" to
> >This is with f-prot but my output from the wrapper looks identical to yours so
> >I would guess you might get the same output.
> >Lewis Bergman
> >Texas Communications
> >4309 Maple St.
> >Abilene, TX 79602-8044
> >915-695-6962 ext 115
> Julian Field Teaching Systems Manager
> jkf at ecs.soton.ac.uk Dept. of Electronics & Computer Science
> Tel. 023 8059 2817 University of Southampton
> Southampton SO17 1BJ
More information about the MailScanner