Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am constantly helping friends of mine, who use various flavors of Windows, to disinfect their PC's. This usually requires using Windows based tools to scan for Viruses, Spy/Mal/Ad Ware, Trojans, and so forth.
What I was thinking was "What if I could use a Live CD Linux distro that has Linux based tools to detect Windows security risks".
I did some searches on Google and did not find what I was looking for, so I was wondering if anyone here may have some experience/suggestions.
Here's what I am looking for:
A Linux distro that allows me to boot from CD and include other packages in the setup. The distro would need to be capable of mounting the Windows harddrives and, preferably, see the partitions and mount them automatically.
A Linux based package that could be added to the above distro which would allow me to scan the Windows partitions for security risks and give a report outlining the viruses, Spy/Mal/Ad ware, etc that it finds.
Actually removing these threats would be nice, but not required. As far as I know, many Linux distros still have problems doing anything but reading from NTFS based partitions.
Clamav is a free linux based antivirus program that can scan a windows partition for viruses. I believe it's included in knoppix and kannotix and probably more.
Thanks for the reply, that's good to know. Believe it or not, Knoppix is one of the Distros that I have not yet tried. This sounds though as if it is just Viruses. Are there any *Ware scanner available for Linux that would scan the Windows partitions? I still haven't been able to find any through google. The closest I have come are some of the online scanners, but they all require ActiveX which, to the best of my knowledge, will not run under Linux. Is that correct?
That's correct. ActiveX is a windows abomination and the main reason people have so much spyware in the first place. It allows code to be installed on the user's system through IE without any intervention from the user. One of the worst security blunders that MS ever made IMHO.
I know of no spyware scanners for linux, i.e. a linux app that can scan windows for spyware. You might try running a windows spyware removal app in linux under wine but I doubt that would work.
Here's another nice livecd with clamav called Insert:
Thanks again. I will try both of those distros and see which works. I came across an online scanner from Trend-Micro that uses Java rather than ActiveX to operate, so I'm going to see what happens if I try to run that from a Live CD distro.
I'm still working on this. The Trend-Micro scanner has not worked yet because it says it does not yet work with Multi-Byte addresses. I'm still looking into what I can do about that.
As for using WINE, I know a lot of people have tried it and liked it, but I have never gotten it to work right for me.
I found some programs called Ultimate Boot CD that you can get for free and boot either Windows or DOS with programs embedded on the CD for recovery purposes. The DOS are complete, as they come with FreeDOS. For the Windows version you have to have your own copy of Windows to add into the CD with the Utils. I have tried them however, and they do work.
FYI...Knoppix DVD version comes with the ClamAV Anti-Virus, but the CD version does not. I'm still working with the Inside Security package to see what may work.
I'm not sure how to help you with scanning from linux but your friends should not have problems with this kind of stuff. Let's say that I personally had no spyware or virus for last one year on my win partition. The combination I use is winupdate,spybot search&destroy, nod32 and a firewall that came with SP2..So far so good..So give it a try
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.