virus scans
Sponsored Links
Sponsored Links
Secleted [ 0 ] software to compare
Results 1 - 15 of about 621
Qmail virus scanner 1.4
The Qmail virus scanner (QScan) is a mail filter for Qmail that scans incoming messages using the Sophos Antivirus engine. more>>
The Qmail virus scanner (QScan) is a mail filter for Qmail that scans incoming messages using the Sophos Antivirus engine, immediately rejecting infected content.
It is designed to be minimalistic, yet extremely fast and secure, and uses multiple pipes instead of the traditional temporary files and privilege separation. It works with non-native versions of the virus scanner like under OpenBSD with Linux or FreeBSD emulation.
You must create a temporary directory to extract MIME attachments, and replace Qmails original qmail-queue program with Qscan. Quick way to achieve this for the impatients :
mkdir /var/qmail/qscan
chmod 700 /var/qmail/qscan
chown qmaild:qmail /var/qmail/qscan
ln /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue-old
Now, lets compile and install Qscan :
./configure --help
./configure [your beloved flags]
make install-strip
The last step is to replace the original qmail-queue program with our filter :
rm /var/qmail/bin/qmail-queue
ln -s /usr/local/sbin/qscan /var/qmail/bin/qmail-queue
Depending on your local configuration, it may be needed or not, but start with doing it :
chown qmaild:qmail /usr/local/sbin/qscan
chmod 6711 /usr/local/sbin/qscan
After testing, if everythings ok for you, remove the setuid bit :
chown 0:0 /usr/local/sbin/qscan
chmod 711 /usr/local/sbin/qscan
<<lessIt is designed to be minimalistic, yet extremely fast and secure, and uses multiple pipes instead of the traditional temporary files and privilege separation. It works with non-native versions of the virus scanner like under OpenBSD with Linux or FreeBSD emulation.
You must create a temporary directory to extract MIME attachments, and replace Qmails original qmail-queue program with Qscan. Quick way to achieve this for the impatients :
mkdir /var/qmail/qscan
chmod 700 /var/qmail/qscan
chown qmaild:qmail /var/qmail/qscan
ln /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue-old
Now, lets compile and install Qscan :
./configure --help
./configure [your beloved flags]
make install-strip
The last step is to replace the original qmail-queue program with our filter :
rm /var/qmail/bin/qmail-queue
ln -s /usr/local/sbin/qscan /var/qmail/bin/qmail-queue
Depending on your local configuration, it may be needed or not, but start with doing it :
chown qmaild:qmail /usr/local/sbin/qscan
chmod 6711 /usr/local/sbin/qscan
After testing, if everythings ok for you, remove the setuid bit :
chown 0:0 /usr/local/sbin/qscan
chmod 711 /usr/local/sbin/qscan
Download (0.083MB)
Added: 2006-07-10 License: GPL (GNU General Public License) Price:
1201 downloads
AntiVirus Scanner 3.2.1
AntiVirus Scanner is an anti-virus scanner for Endeavour Mark II that uses the ClamAV library (libclamav). more>>
AntiVirus Scanner is an anti-virus scanner for Endeavour Mark II that uses the ClamAV library (libclamav).
AntiVirus Scanner allows you to create a list of scan items for frequently scanned locations and features easy virus database updating, all in a simple GUI environment.
<<lessAntiVirus Scanner allows you to create a list of scan items for frequently scanned locations and features easy virus database updating, all in a simple GUI environment.
Download (0.50MB)
Added: 2007-08-02 License: GPL (GNU General Public License) Price:
843 downloads
Aegis Virus Scanner 2.0.0
Aegis is a virus scanner for Linux, Unix and Windows with a simple and intuitive user interface. more>>
Aegis project is a virus scanner for Linux, Unix and Windows with a simple and intuitive user interface.
Aegis supports scanning of subdirectories, hidden files and .zip and .tar archive files, and drag-and-drop of files from the Nautilus file browser, or your Gnome desktop. When a virus is detected you can choose to delete, quarantine or rename the file.
<<lessAegis supports scanning of subdirectories, hidden files and .zip and .tar archive files, and drag-and-drop of files from the Nautilus file browser, or your Gnome desktop. When a virus is detected you can choose to delete, quarantine or rename the file.
Download (0.021MB)
Added: 2006-09-20 License: GPL (GNU General Public License) Price:
1134 downloads
Kvirus 0.5.2
Kvirus project is a board/puzzle game for the KDE Environment. more>>
Kvirus project is a board/puzzle game for the KDE Environment.
Kvirus is a board game for the KDE Environment and a clone of Ataxxlet originally written in Java.
The goal is to copy or jump your virus to eat up the enemy virus. Kvirus provides a cute interface with hours of fun.
<<lessKvirus is a board game for the KDE Environment and a clone of Ataxxlet originally written in Java.
The goal is to copy or jump your virus to eat up the enemy virus. Kvirus provides a cute interface with hours of fun.
Download (0.30MB)
Added: 2006-12-05 License: Freely Distributable Price:
1053 downloads
POP3 Virus Scanner Proxy 0.4
POP3 Virus Scanner Proxy is a full-transparent proxy daemon which scans all mails for viruses more>>
POP3 Virus Scanner Proxy is a full-transparent proxy daemon which scans all mails for viruses using third party scanners (built-in support for AVPD and Trophie).
You have to set up a port redirection in the linux-netfilter (iptables) so that all connections from e.g. inside your office to any POP3 server outside in the world will not leave your router, but come a local port, on which POP3VScan listens. POP3VScan receives from the linux kernel the original destinations of packets (the POP3 server outside in the world) and will connect to them.
All data we receive from the client will be sent to the server, and vice versa. With a little enhancement: we parse the neccessary parts of the POP3 protocol and when an email is sent from the server, we store it into a file, invoke a virusscanner and send it if it is good, or we just replace it with a virus notification. It should be possible to use all scanners using the scannertype=basic. Also POP3VScan provides scannertype=avpd for high-speed scanning using Kaspersky Anti-Virus for Linux, every C programmer can easily adept other scan-daemons (trophie, sophie, antivir, ...).
Neither the client nor the server has to be configured, none of them will take notice that theres a mailscanner (except the client when he gets a virus notification or if he looks into the header, and the server gets our ip as source).
<<lessYou have to set up a port redirection in the linux-netfilter (iptables) so that all connections from e.g. inside your office to any POP3 server outside in the world will not leave your router, but come a local port, on which POP3VScan listens. POP3VScan receives from the linux kernel the original destinations of packets (the POP3 server outside in the world) and will connect to them.
All data we receive from the client will be sent to the server, and vice versa. With a little enhancement: we parse the neccessary parts of the POP3 protocol and when an email is sent from the server, we store it into a file, invoke a virusscanner and send it if it is good, or we just replace it with a virus notification. It should be possible to use all scanners using the scannertype=basic. Also POP3VScan provides scannertype=avpd for high-speed scanning using Kaspersky Anti-Virus for Linux, every C programmer can easily adept other scan-daemons (trophie, sophie, antivir, ...).
Neither the client nor the server has to be configured, none of them will take notice that theres a mailscanner (except the client when he gets a virus notification or if he looks into the header, and the server gets our ip as source).
Download (0.13MB)
Added: 2006-07-07 License: GPL (GNU General Public License) Price:
1208 downloads
simscan 1.1
Simscan is a simple program that enables qmail-smtpd to reject email malware. more>>
Simscan is a simple program that enables qmail-smtpd to reject viruses, spam, and block attachments during the SMTP conversation so the email never makes it into your computers. Very efficient and written in C. It is made from open source components and is completely free
Main features:
- Runs as a separate program under a separate user than any other qmail program to limit possible security problems.
- clamav virus scanning ( --enable-clamav (default yes ) ). Rejects email containing viruses.
- trophie/TrendMicro virus scanning.
- support for spamassassin 3.0 and 2.6 series.
- spamassassin scanning ( --enable-spam (default no ) ). Rejects email that has X-Spam-Flag: YES set.
- spamassassin hit level rejection ( --enable-spam-hits (default 10.0 ) ). Requires --enable-spam to be enabled. Allows for rejection of email above a certain hit count. All other email is passed through with spamassassin headers and changes.
- attachment blocking ( --enable-attach (default no ) ). Blocks emails with attachments listed in a control file.
- fine grained control of clamav/trophie/spamassassin/attachment blocking per user/per domain/per system. ( --enable-per-domain (default no))
- logging of virus name, IP and to/from addresses to smtpd log file when a virus is detected.
- configuration option to set custom spamc arugments --enable-spamc-args
- configuration option to add -u user@domain argument to spamc --enable-spamc-user
- received header which includes virus scanner and spamassassin version nformation
- works with open source Clam AntiVirus by the Clam Team.
- works with open source trophie virus scanner interface to TrendMicro.
- works with open source SpamAssassin by the Apache Group.
- works with open source QMAILQUEUE patch by Bruce Guenter.
- works with open source ripmime by Paul Daniels.
- works with freely distributable Qmail by D. J. Bernstien.
Enhancements:
- virus drop message was not exiting at the right time. Found by Russ Lists
- use per domain hit count on spam log message if set.
- if read from standard in fails the temp file was not closed so the temporary work directory would not be removed.
<<lessMain features:
- Runs as a separate program under a separate user than any other qmail program to limit possible security problems.
- clamav virus scanning ( --enable-clamav (default yes ) ). Rejects email containing viruses.
- trophie/TrendMicro virus scanning.
- support for spamassassin 3.0 and 2.6 series.
- spamassassin scanning ( --enable-spam (default no ) ). Rejects email that has X-Spam-Flag: YES set.
- spamassassin hit level rejection ( --enable-spam-hits (default 10.0 ) ). Requires --enable-spam to be enabled. Allows for rejection of email above a certain hit count. All other email is passed through with spamassassin headers and changes.
- attachment blocking ( --enable-attach (default no ) ). Blocks emails with attachments listed in a control file.
- fine grained control of clamav/trophie/spamassassin/attachment blocking per user/per domain/per system. ( --enable-per-domain (default no))
- logging of virus name, IP and to/from addresses to smtpd log file when a virus is detected.
- configuration option to set custom spamc arugments --enable-spamc-args
- configuration option to add -u user@domain argument to spamc --enable-spamc-user
- received header which includes virus scanner and spamassassin version nformation
- works with open source Clam AntiVirus by the Clam Team.
- works with open source trophie virus scanner interface to TrendMicro.
- works with open source SpamAssassin by the Apache Group.
- works with open source QMAILQUEUE patch by Bruce Guenter.
- works with open source ripmime by Paul Daniels.
- works with freely distributable Qmail by D. J. Bernstien.
Enhancements:
- virus drop message was not exiting at the right time. Found by Russ Lists
- use per domain hit count on spam log message if set.
- if read from standard in fails the temp file was not closed so the temporary work directory would not be removed.
Download (0.12MB)
Added: 2006-07-11 License: GPL (GNU General Public License) Price:
1227 downloads
OpenAntivirus ScannerDaemon 0.6.0
ScannerDaemon is the virus scanner of the OpenAntivirus project. more>>
ScannerDaemon is the virus scanner of the OpenAntivirus project. You can send a filename to it via simple TCP and it will scan the file for viruses and tell you if the file is infected or not.
The ScannerDaemon listens on localhosts port 8127 for absolute filenames and absolute directorynames. It scans the files/all files in the directory and reports OK if no virus has been found or FOUND: if a virus has been detected.
You can start the ScannerDaemon simply by typing:
java -jar ScannerDaemon.jar
If you did not forget the Credo-files, it should come up and listen on port 8127. You can also give the name of the directory as a command-line parameter, like
java -jar ScannerDaemon.jar -credo.directory
Enhancements:
- Adaptions to new listener and filter scheme
- Bugfix: allow more than one signature file in one credo file
- Bugfix: close files used by UPXFilter
- Bugfix: wrong failure transitions
- Improvement: less memory consumption for nodes
- Improvement: UPXFilter scans uncompressed and compressed file
<<lessThe ScannerDaemon listens on localhosts port 8127 for absolute filenames and absolute directorynames. It scans the files/all files in the directory and reports OK if no virus has been found or FOUND: if a virus has been detected.
You can start the ScannerDaemon simply by typing:
java -jar ScannerDaemon.jar
If you did not forget the Credo-files, it should come up and listen on port 8127. You can also give the name of the directory as a command-line parameter, like
java -jar ScannerDaemon.jar -credo.directory
Enhancements:
- Adaptions to new listener and filter scheme
- Bugfix: allow more than one signature file in one credo file
- Bugfix: close files used by UPXFilter
- Bugfix: wrong failure transitions
- Improvement: less memory consumption for nodes
- Improvement: UPXFilter scans uncompressed and compressed file
Download (0.12MB)
Added: 2006-07-08 License: GPL (GNU General Public License) Price:
1206 downloads
gadoyanvirus 0.4
gadoyanvirus is a virus checker for qmail. more>>
gadoyanvirus is a virus checker for qmail that works with the QMAILQUEUE patch by Bruce Guenter. gadoyanvirus scans incoming messages using the ClamAV anti-virus library.
Suspected messages are quarantined and a notification message can optionally be sent to the recipients.
<<lessSuspected messages are quarantined and a notification message can optionally be sent to the recipients.
Download (0.11MB)
Added: 2005-12-07 License: GPL (GNU General Public License) Price:
1416 downloads
Virus Killer 1.0
Virus Killer is a game where you must shoot the buggers before they can destroy your files! more>>
Your computer has been invaded! Dozens of little viruses are pouring in via security holes in Microsoft Internet Explorer, Microsoft Outlook, Microsoft MSN Messenger and Microsoft Recycle Bin!!
Using your trusty mouse you must shoot the buggers before they can destroy your files! Some will steal them from their home directories and take them back to their security hole.
Others will just eat them right there on the spot! See how long you and your computer can survive the onslaught!
Main features:
- 3 different virus types.
- Builds directories and files to protect based on your computer!
- Increasing difficulty level
- Highscore table
- 3 difficulty settings
<<lessUsing your trusty mouse you must shoot the buggers before they can destroy your files! Some will steal them from their home directories and take them back to their security hole.
Others will just eat them right there on the spot! See how long you and your computer can survive the onslaught!
Main features:
- 3 different virus types.
- Builds directories and files to protect based on your computer!
- Increasing difficulty level
- Highscore table
- 3 difficulty settings
Download (4.2MB)
Added: 2005-09-06 License: GPL (GNU General Public License) Price:
1541 downloads
Viralator Proxy Virus Scanner 0.9.7
Viralator Proxy Virus Scanner is a Perl script that virus scans HTTP/FTP downloads request on a UNIX server. more>>
Viralator is a Perl script that virus scans HTTP/FTP downloads request on a UNIX server after passing through the Squid proxy server.
Even when I implemented virus protection for my network email server we still continued to get the odd virus. Most of the viruses came from people using free webmail accounts like Hotmail or Yahoo and downloading the infected attachments to their machines or through downloading junk.
Rather than block access to the users I decided to look at how we could better protect the network. I looked at a couple of different products both comercial and free but they were either too expensive or did not meet my needs.
That is how Viralator was born. Viralator Proxy Virus Scanner is licenced under the GPL.
Viralator should work in any UNIX system that uses Apache and Squid servers. We have reports about successful instalations on:
- RedHat Linux
- Mandrake Linux
- SuSe Linux
- e-Smith Linux
- Slackware Linux
- Conectiva Linux
- Debian Gnu Linux
Supported Redirectors:
- Squirm
- SquidGuard
- Jesred
Supported Virus Scanners
- AntiVir
- AVP
- RAV
- Inoculate
- Sophos Sweep
- McAfee
- Trend
- Clamav
- Bit Defender (free edition)
The original concept for Viralator came from the Viromat project. Without Viromat the Viralator project would not have had a starting point. We can also thank Ralph Meyer for badgering me into releasing the script under the GPL.
Enhancements:
- Parenthesis are included on the regular expression used to validate URLs.
- The character set checking step, which was not working before last patch released, has been fixed.
<<lessEven when I implemented virus protection for my network email server we still continued to get the odd virus. Most of the viruses came from people using free webmail accounts like Hotmail or Yahoo and downloading the infected attachments to their machines or through downloading junk.
Rather than block access to the users I decided to look at how we could better protect the network. I looked at a couple of different products both comercial and free but they were either too expensive or did not meet my needs.
That is how Viralator was born. Viralator Proxy Virus Scanner is licenced under the GPL.
Viralator should work in any UNIX system that uses Apache and Squid servers. We have reports about successful instalations on:
- RedHat Linux
- Mandrake Linux
- SuSe Linux
- e-Smith Linux
- Slackware Linux
- Conectiva Linux
- Debian Gnu Linux
Supported Redirectors:
- Squirm
- SquidGuard
- Jesred
Supported Virus Scanners
- AntiVir
- AVP
- RAV
- Inoculate
- Sophos Sweep
- McAfee
- Trend
- Clamav
- Bit Defender (free edition)
The original concept for Viralator came from the Viromat project. Without Viromat the Viralator project would not have had a starting point. We can also thank Ralph Meyer for badgering me into releasing the script under the GPL.
Enhancements:
- Parenthesis are included on the regular expression used to validate URLs.
- The character set checking step, which was not working before last patch released, has been fixed.
Download (0.029MB)
Added: 2006-06-16 License: GPL (GNU General Public License) Price:
1240 downloads
tiffscan 0.2
tiffscan is an advanced SANE frontend. more>>
tiffscan is an advanced SANE frontend. It has batch mode capabilities and can generate compressed multi-page TIFF files. The project handles from black and white to 8-bit and 16-bit scans.
<<less Download (0.012MB)
Added: 2007-01-26 License: GPL (GNU General Public License) Price:
1001 downloads
Virge 3.04rc3
Virge is mail scanner written in C. more>>
Virge is mail scanner written in C, which replaces/substitutes procmail for a while, checks the incoming mail, and then sends the mail to the procmail. It will check mail for viruses and/or attachment names. Check the FEATURES/README/NEWS files for more details. Virge requires Sendmail and (optionally) AVPDaemon, Sophie or Trophie (to check attachments for viruses).
Virge replaces temporarily procmail. When new mail comes in, Sendmail will pass the contents of the mail to Virge. At that point, Virge performs set of checks:
Checks if the mail has attachments. If it does not, it sends it to procmail for delivery.
If mail has attachments, Virge creates temporary directory, unpacks attachments there, and asks AVP/Sophie/Trophie to scan the temporary directory for viruses. Virge was created with 2 things in mind: performance and security. Because of performance issues, it was not feasible to use any command line scanners like TrendMicro of McAfee ones.
AVP/Sophie/Trophie are instructed to scan attachments for viruses next. If it finds any viruses, mail is immediately isolated in a directory not (hopefully) accessible to anyone except administrators.
If no viruses were found, Virge will then perform attachment check, and see if any of the attachments are not allowed to be sent to the end user. A configuration file is consulted for list of extensions (or full filenames) that should not be allowed in. If any such attachments were found, tricky part comes - Virge will *hopefully* properly "rewrite" the whole email, and strip the attachments that are not allowed. Small notice is attached at the end of the mail, with names of stripped attachments. Mail is also isolated, in case poor overworked sysadmin ever gets some free time to take a closer look.
IMPORTANT: Please, keep in mind that Virge will *NOT* rewrite & send mails when virus has been found. I will *NOT* implement any such features, since it doesnt make any sense (I havent seen a mail with virus that actually had some valuable content in it for many months - maybe even years).
If AVP/Sophie/Trophie are not available (daemon is down), Virge will still deliver mails and annoy admins through syslog messages. Attachment check is still performed.
Users for which no checks should be performed can also be configured. Location of the file can be specified in the configuration file.
Virge is definitelly trying to not let any lame script kiddies abuse it in any way. It is trying to resist to race conditions, buffer overflows, and similar neat tricks. No guarantees, of course, that there are no security problems in Virge.
Virge tries to be as fast as possible, and not waste CPU time or any other resources. It is still possible to make it perform even better, although I presume it would be in 1-5% range. Will take some more time later, and try to fix all the small performance problems.
And yes - Virge *is* fast. I have made a complete Virge V1 in Perl some time ago, but it was absolute failure. Although I tried to use as little modules as possible and make it as fast as possible... it was crap. 2 minutes after I started a script that sends 3-5 mails per second, I started wondering "Why the hell cant I login to the mailserver anymore?". Perl is nice, but its not good for tools like this. Not at all (except if you have low traffic on your mailserver).
And Virge still needs a *lot* of testing. I have tried to test Virge with many different mail (MIME) formats and tried different tricks in order to bypass its decoding techniques (in order to send a virus or .exe to users), but it handles things pretty well. There are cases, though, when it is possible to trick librfc2045 and send attachments that dont get caught, but those attachments are violating RFCs anyway. If your mail client is so stupid to decode invalid/malformed attachments/mails - you deserved it. Dont use stupid mail clients then. Im not going to start adding all those crappy features into Virge that would let someone detect all possible tricks which can be used. Use good mail clients, dont rely on Virge to save you.
Main features:
- Virge can check every incoming mail for attachments, and can remove attachments that are considered dangerous.
- "Dangerous" can be defined:
- email with specific kinds of attachments (e.g., .EXE, .COM, etc.)
- email that contains a virus as identified by Sophie ( http://www.vanja.com )
- email that contains a virus as identified by trophie ( http://www.vanja.com )
- email that contains a virus as identified by AVPDaemon (http://www.avp.ch)
- Any combination of the above.
- Dangerous email can trigger:
- rewriting that removes virus.
- alert back to sender.
- alert to recepient.
- alert to system manager.
- rewrite to remove virus.
- All offending mail messages can be isolated for later reviewing.
- Written in C, so it is very fast, doesnt waste resources, and doesnt depend on a complicated perl installation (which is subject to breaking).
- Notification can be sent (configurable) to sender/recipient of suspicious/infected mail. Templates can be used to define the layout of the mail.
- Regular expressions can be used for filename matching
- Virge was made with security in mind, and should be hard to abuse
- Can be configured to fail open or fail closed if load on the machine goes too high.
- Virge 3.0 designed for easy integration with Postfix
<<lessVirge replaces temporarily procmail. When new mail comes in, Sendmail will pass the contents of the mail to Virge. At that point, Virge performs set of checks:
Checks if the mail has attachments. If it does not, it sends it to procmail for delivery.
If mail has attachments, Virge creates temporary directory, unpacks attachments there, and asks AVP/Sophie/Trophie to scan the temporary directory for viruses. Virge was created with 2 things in mind: performance and security. Because of performance issues, it was not feasible to use any command line scanners like TrendMicro of McAfee ones.
AVP/Sophie/Trophie are instructed to scan attachments for viruses next. If it finds any viruses, mail is immediately isolated in a directory not (hopefully) accessible to anyone except administrators.
If no viruses were found, Virge will then perform attachment check, and see if any of the attachments are not allowed to be sent to the end user. A configuration file is consulted for list of extensions (or full filenames) that should not be allowed in. If any such attachments were found, tricky part comes - Virge will *hopefully* properly "rewrite" the whole email, and strip the attachments that are not allowed. Small notice is attached at the end of the mail, with names of stripped attachments. Mail is also isolated, in case poor overworked sysadmin ever gets some free time to take a closer look.
IMPORTANT: Please, keep in mind that Virge will *NOT* rewrite & send mails when virus has been found. I will *NOT* implement any such features, since it doesnt make any sense (I havent seen a mail with virus that actually had some valuable content in it for many months - maybe even years).
If AVP/Sophie/Trophie are not available (daemon is down), Virge will still deliver mails and annoy admins through syslog messages. Attachment check is still performed.
Users for which no checks should be performed can also be configured. Location of the file can be specified in the configuration file.
Virge is definitelly trying to not let any lame script kiddies abuse it in any way. It is trying to resist to race conditions, buffer overflows, and similar neat tricks. No guarantees, of course, that there are no security problems in Virge.
Virge tries to be as fast as possible, and not waste CPU time or any other resources. It is still possible to make it perform even better, although I presume it would be in 1-5% range. Will take some more time later, and try to fix all the small performance problems.
And yes - Virge *is* fast. I have made a complete Virge V1 in Perl some time ago, but it was absolute failure. Although I tried to use as little modules as possible and make it as fast as possible... it was crap. 2 minutes after I started a script that sends 3-5 mails per second, I started wondering "Why the hell cant I login to the mailserver anymore?". Perl is nice, but its not good for tools like this. Not at all (except if you have low traffic on your mailserver).
And Virge still needs a *lot* of testing. I have tried to test Virge with many different mail (MIME) formats and tried different tricks in order to bypass its decoding techniques (in order to send a virus or .exe to users), but it handles things pretty well. There are cases, though, when it is possible to trick librfc2045 and send attachments that dont get caught, but those attachments are violating RFCs anyway. If your mail client is so stupid to decode invalid/malformed attachments/mails - you deserved it. Dont use stupid mail clients then. Im not going to start adding all those crappy features into Virge that would let someone detect all possible tricks which can be used. Use good mail clients, dont rely on Virge to save you.
Main features:
- Virge can check every incoming mail for attachments, and can remove attachments that are considered dangerous.
- "Dangerous" can be defined:
- email with specific kinds of attachments (e.g., .EXE, .COM, etc.)
- email that contains a virus as identified by Sophie ( http://www.vanja.com )
- email that contains a virus as identified by trophie ( http://www.vanja.com )
- email that contains a virus as identified by AVPDaemon (http://www.avp.ch)
- Any combination of the above.
- Dangerous email can trigger:
- rewriting that removes virus.
- alert back to sender.
- alert to recepient.
- alert to system manager.
- rewrite to remove virus.
- All offending mail messages can be isolated for later reviewing.
- Written in C, so it is very fast, doesnt waste resources, and doesnt depend on a complicated perl installation (which is subject to breaking).
- Notification can be sent (configurable) to sender/recipient of suspicious/infected mail. Templates can be used to define the layout of the mail.
- Regular expressions can be used for filename matching
- Virge was made with security in mind, and should be hard to abuse
- Can be configured to fail open or fail closed if load on the machine goes too high.
- Virge 3.0 designed for easy integration with Postfix
Download (0.17MB)
Added: 2006-07-10 License: BSD License Price:
1201 downloads
Milter-Virus 2.0.0
Milter-Virus is a wrapper that can be used with many commercial and freely available virus scanners. more>>
Milter-virus is not a virus scanner. It is a wrapper that can be used with many commercial and freely available virus scanners. Milter-Virust is written completely in C, and requires (few skills??).
It is run-able with the Milter interface, but then will only scan for "double extensions".
If you wish it to scan for more, you need at Ripmime or other tools to extract files from MIME-encoded emails. You also need a (command-line) virus scanner.
The difference between this program and the original is that this is much more configurable via the config file. The original version has the advantage that it is simpler and easier to bugfix.
Enhancements:
- This is a large update.
- Many problems in the statistik module were fixed.
- Some spam protection features were included.
<<lessIt is run-able with the Milter interface, but then will only scan for "double extensions".
If you wish it to scan for more, you need at Ripmime or other tools to extract files from MIME-encoded emails. You also need a (command-line) virus scanner.
The difference between this program and the original is that this is much more configurable via the config file. The original version has the advantage that it is simpler and easier to bugfix.
Enhancements:
- This is a large update.
- Many problems in the statistik module were fixed.
- Some spam protection features were included.
Download (0.11MB)
Added: 2007-01-04 License: GPL (GNU General Public License) Price:
1032 downloads
mdns-scan 0.4
mdns-scan is a tool for scanning for mDNS/DNS-SD published services on the local network. more>>
mdns-scan is a tool for scanning for mDNS/DNS-SD published services on the local network. mdns-scan issues a mDNS PTR query to the special RR _services._dns-sd._udp.local for retrieving a list of all currently registered services on the local link.
mdns-scan is not a good mDNS citizen since it queries continuously for services and doesnt implement features like Duplicate Suppression. It is intended for usage as a debugging tool only.
mdns-scan is incomplete since it doesnt resolve mDNS services for you - it just dumps their PTR RRs. To understand these records you need minimal knowledge of DNS-SD and how it works.
mdns-scan does not terminate on its own behalf. It scans for services continuously until the user kills it by pressing C-c.
mdns-scan does not rely on a local mDNS responder daemon. It has no dependencies besides the GNU libc. It has been tested on Linux only.
mdns-scan does NOT scan for local mDNS enabled hosts or A/AAAA RRs, it scans for DNS-SD registered services, nothing else.
Enhancements:
- Add man pages
- Improvements to the Debianization
<<lessmdns-scan is not a good mDNS citizen since it queries continuously for services and doesnt implement features like Duplicate Suppression. It is intended for usage as a debugging tool only.
mdns-scan is incomplete since it doesnt resolve mDNS services for you - it just dumps their PTR RRs. To understand these records you need minimal knowledge of DNS-SD and how it works.
mdns-scan does not terminate on its own behalf. It scans for services continuously until the user kills it by pressing C-c.
mdns-scan does not rely on a local mDNS responder daemon. It has no dependencies besides the GNU libc. It has been tested on Linux only.
mdns-scan does NOT scan for local mDNS enabled hosts or A/AAAA RRs, it scans for DNS-SD registered services, nothing else.
Enhancements:
- Add man pages
- Improvements to the Debianization
Download (0.016MB)
Added: 2006-05-17 License: GPL (GNU General Public License) Price:
1257 downloads
FIRE 0.4a
FIRE is a portable bootable cdrom based distribution with the goal of providing an environment to perform forensic analysis. more>>
FIRE is a portable bootable cdrom based distribution with the goal of providing an immediate environment to perform forensic analysis, incident response, data recovery, virus scanning and vulnerability assessment.
Also provides necessary tools for live forensics/analysis on win32, sparc solaris and x86 linux hosts just by mounting the cdrom and using trusted static binaries available in /statbins.
Main features:
Forensics workstation/Data Recovery
- Instantly deploy a forensics workstation with tct, tctutils, mac-robber, and autopsy also provides perl 5.6.1 compiled with Large File Support.
Live System Incident Response
- Binaries are available for Incident Response on a live machine.
Virus Scanning
- Utilizing F-Prot 3.11beta http://www.f-prot.com you can scan for virii, worms, trojans, and all around harmful code.
- Just mount the filesystems that you want to scan and execute f-prot .
- Any filesystem you can mount, you can scan. mount and scan fat/ntfs/ext2/ext3/reiserfs partitions
- Scan your windows machines offline for virii that may not be detected with an "after the fact" anti-virus
- software installation.
Pen-Testing Platform
- I should NOT have to explain this portion: If the tools you would like to use are not in the distribution please make a request!
<<lessAlso provides necessary tools for live forensics/analysis on win32, sparc solaris and x86 linux hosts just by mounting the cdrom and using trusted static binaries available in /statbins.
Main features:
Forensics workstation/Data Recovery
- Instantly deploy a forensics workstation with tct, tctutils, mac-robber, and autopsy also provides perl 5.6.1 compiled with Large File Support.
Live System Incident Response
- Binaries are available for Incident Response on a live machine.
Virus Scanning
- Utilizing F-Prot 3.11beta http://www.f-prot.com you can scan for virii, worms, trojans, and all around harmful code.
- Just mount the filesystems that you want to scan and execute f-prot .
- Any filesystem you can mount, you can scan. mount and scan fat/ntfs/ext2/ext3/reiserfs partitions
- Scan your windows machines offline for virii that may not be detected with an "after the fact" anti-virus
- software installation.
Pen-Testing Platform
- I should NOT have to explain this portion: If the tools you would like to use are not in the distribution please make a request!
Download (578MB)
Added: 2005-05-18 License: GPL (GNU General Public License) Price:
1635 downloads
Secleted [ 0 ] software to compare
Copyright Notice:
Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future software development. The above virus scans search only lists software in full, demo and trial versions for free download. Download links are directly from our mirror sites or publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
