Free aegis virus scanner 2.0.0 software for linux

Aegis project is a virus scanner for Linux, Unix and Windows with a simple and intuitive user interface.

Aegis supports scanning of subdirectories, hidden files and .zip and .tar archive files, and drag-and-drop of files from the Nautilus file browser, or your Gnome desktop. When a virus is detected you can choose to delete, quarantine or rename the file.

The Qmail virus scanner (QScan) is a mail filter for Qmail that scans incoming messages using the Sophos Antivirus engine, immediately rejecting infected content.

It is designed to be minimalistic, yet extremely fast and secure, and uses multiple pipes instead of the traditional temporary files and privilege separation. It works with non-native versions of the virus scanner like under OpenBSD with Linux or FreeBSD emulation.


You must create a temporary directory to extract MIME attachments, and replace Qmails original qmail-queue program with Qscan. Quick way to achieve this for the impatients :

mkdir /var/qmail/qscan
chmod 700 /var/qmail/qscan
chown qmaild:qmail /var/qmail/qscan
ln /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue-old

Now, lets compile and install Qscan :

./configure --help

./configure [your beloved flags]

make install-strip

The last step is to replace the original qmail-queue program with our filter :

rm /var/qmail/bin/qmail-queue
ln -s /usr/local/sbin/qscan /var/qmail/bin/qmail-queue

Depending on your local configuration, it may be needed or not, but start with doing it :

chown qmaild:qmail /usr/local/sbin/qscan
chmod 6711 /usr/local/sbin/qscan

After testing, if everythings ok for you, remove the setuid bit :

chown 0:0 /usr/local/sbin/qscan
chmod 711 /usr/local/sbin/qscan

POP3 Virus Scanner Proxy is a full-transparent proxy daemon which scans all mails for viruses using third party scanners (built-in support for AVPD and Trophie).

You have to set up a port redirection in the linux-netfilter (iptables) so that all connections from e.g. inside your office to any POP3 server outside in the world will not leave your router, but come a local port, on which POP3VScan listens. POP3VScan receives from the linux kernel the original destinations of packets (the POP3 server outside in the world) and will connect to them.

All data we receive from the client will be sent to the server, and vice versa. With a little enhancement: we parse the neccessary parts of the POP3 protocol and when an email is sent from the server, we store it into a file, invoke a virusscanner and send it if it is good, or we just replace it with a virus notification. It should be possible to use all scanners using the scannertype=basic. Also POP3VScan provides scannertype=avpd for high-speed scanning using Kaspersky Anti-Virus for Linux, every C programmer can easily adept other scan-daemons (trophie, sophie, antivir, ...).

Neither the client nor the server has to be configured, none of them will take notice that theres a mailscanner (except the client when he gets a virus notification or if he looks into the header, and the server gets our ip as source).

Viralator is a Perl script that virus scans HTTP/FTP downloads request on a UNIX server after passing through the Squid proxy server.
Even when I implemented virus protection for my network email server we still continued to get the odd virus. Most of the viruses came from people using free webmail accounts like Hotmail or Yahoo and downloading the infected attachments to their machines or through downloading junk.
Rather than block access to the users I decided to look at how we could better protect the network. I looked at a couple of different products both comercial and free but they were either too expensive or did not meet my needs.
That is how Viralator was born. Viralator Proxy Virus Scanner is licenced under the GPL.
Viralator should work in any UNIX system that uses Apache and Squid servers. We have reports about successful instalations on:
- RedHat Linux
- Mandrake Linux
- SuSe Linux
- e-Smith Linux
- Slackware Linux
- Conectiva Linux
- Debian Gnu Linux
Supported Redirectors:
- Squirm
- SquidGuard
- Jesred
Supported Virus Scanners
- AntiVir
- AVP
- RAV
- Inoculate
- Sophos Sweep
- McAfee
- Trend
- Clamav
- Bit Defender (free edition)
The original concept for Viralator came from the Viromat project. Without Viromat the Viralator project would not have had a starting point. We can also thank Ralph Meyer for badgering me into releasing the script under the GPL.
Enhancements:
- Parenthesis are included on the regular expression used to validate URLs.
- The character set checking step, which was not working before last patch released, has been fixed.

Port Scanner provides a tool to check for open ports.

Port Scanner will try to connect on every port you define for a particular host. If a connection is made, it will try to read any data returned.

This product is intended for individuals to test their own equipment for weak security, and the author will take no responsibility if it is put to any other use.

Amazon sell many books on Security that will enhance your ability to keep your computer secure.

The Windows version has been withdrawn. Apologies for this, but it is too popular and uses my bandwidth up too quickly. If anyone want to host the binary for me, I will happily post a link here. It should also be possible to compile Version 2.1 for Windows.

Whats New in this release:

.(QT) Takes multiple port ranges.
.Minor bugfixes.

Multi Purpose Scanner is a simple scanner written in C that starts a number of child processes, connects to a list of IP addresses, and logs a certain number of characters to standard out or a file.
Low band use is one consecuence of a single connection per child that recieve an only defined num of characters.
Main features:
- $ mpscan -e -p 25 -t 15 -r 100 -T 20 -R 192.168.1.0-10
- Fast mp-scan 0.04-testing ...
- Total ip: 11
- 11/11 91% 192.168.1.10
- Generated 11 ip in 0.199 seconds
- Ip range parsed... 11 ip found
- Scan on 25 started...
- 0:192.168.1.0 -> Network is unreachable
- 3:192.168.1.3 -> Connection refused
- 2:192.168.1.2 -> Connection refused
- 1: 192.168.1.1 -> 220 zeus.olimpo.hm ESMTP Postfix (Debian/GNU)
- 6:192.168.1.6 -> No route to host
- 5:192.168.1.5 -> connected but no data retrived within 7 sec
- 4:192.168.1.4 -> No route to host
- 8:192.168.1.8 -> connect timeout after 15
- 7:192.168.1.7 -> No route to host
- 9:192.168.1.9 -> No route to host
- 10:192.168.1.10 -> No route to host
- Waiting for child dead...
- Scanned 10 ip in 3.14821 seconds
- Scan ended... enjoy the result
Enhancements:
- added T and I option,
- added changelog,
- added debian rules,
- added man page,
- Makefile created.

onesixtyone is an efficient SNMP scanner which utilizes a sweep technique to achieve extreme performance. The SNMP protocol is a stateless, datagram oriented protocol. An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply. Unfortunately SNMP servers dont respond to requests with invalid community strings and the underlying UDP protocol does not reliably report closed UDP ports. This means that no response from the probed IP address can mean either of the following:
machine unreachable
SNMP server not running
invalid community string
the response datagram has not yet arrived
The approach taken by most SNMP scanners is to send the request, wait for n seconds and assume that the community string is invalid. If only 1 of every hundred scanned IP addresses responds to the SNMP request, the scanner will spend 99*n seconds waiting for replies that will never come.
Thats why traditional SNMP scanners are very inefficient.
onesixtyone takes a different approach to SNMP scanning. It takes advantage of the fact that SNMP is a connectionless protocol and sends all SNMP requests as fast as it can. Then the scanner waits for responses to come back and logs them, in a fashion similar to Nmap ping sweeps. By default onesixtyone waits for 10 milliseconds between sending packets, which is adequate for 100Mbs switched networks. The user can adjust this value via the -w command line option. If set to 0, the scanner will send packets as fast as the kernel would accept them, which may lead to packet drop.
Running onesixtyone on a class B network (switched 100Mbs with 1Gbs backbone) with -w 10 gives us a performance of 3 seconds per class C, with no dropped packets. All 65536 IP addresses were scanned in less than 13 minutes.
onesixtyone sends a request for the system.sysDescr.0 value, which is present on almost all SNMP enabled devices. This returned value gives us a description of the system software running on the device. Here is an excert of a log file:
192.168.120.92 [1234] HP ETHERNET MULTI-ENVIRONMENT,ROM A.05.03,JETDIRECT,JD24,EEPROM A.05.05
130.160.108.146 [public] Hardware: x86 Family 15 Model 0 Stepping 10 AT/AT
COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)
192.168.112.64 [public] Power Macintosh, hardware type 406; MacOS 9.0; OpenTransport 2.5.2
192.168.104.254 [public] Novell NetWare 4.11 August 22, 1996
192.168.112.83 [public] Macintosh Quadra 650, System Software 7.1
192.168.244.210 [public] RICOH Aficio 850 / RICOH Network Printer D model
192.168.240.39 [public] Cisco Systems WS-C5000
192.168.244.103 [public] HPJ3210A AdvanceStack 10BT Switching Hub Management Module, ROM A.01.02, EEPROM A.01.01, HW A.01.00
Enhancements:
- fixed version number and added a Makefile

MailScanner is an email virus scanner, vulnerability protector, and spam tagger. It supports the Postfix, Sendmail, Exim, Qmail, and ZMailer MTAs, and the Sophos, McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan, eTrust, Kaspersky, Nod32, AntiVir, BitDefender, RAV, Panda, DrWeb, ClamAV, and other anti-virus scanners.

MailScanner uses SpamAssassin for highly successful spam identification, and is designed to handle denial of service attacks. It will detect password-protected zip files and apply filename checking to their contents.

It is very easy to install, requires no changes at all to your sendmail.cf file, is designed to be lightweight, and wont grind your mail system to a halt with its load. It can be integrated into any email system, regardless of the software in use.