0nekoneko7@lemmy.world to Linux@lemmy.mlEnglish · 6 months agoKaspersky releases free tool that scans Linux for known threatswww.bleepingcomputer.comexternal-linkmessage-square69fedilinkarrow-up1106arrow-down163
arrow-up143arrow-down1external-linkKaspersky releases free tool that scans Linux for known threatswww.bleepingcomputer.com0nekoneko7@lemmy.world to Linux@lemmy.mlEnglish · 6 months agomessage-square69fedilink
minus-squareboredsquirrel@slrpnk.netlinkfedilinkarrow-up24arrow-down4·6 months agoI HIGHLY doubt that they would detect the XZ backdoor
minus-squarefar_university1990@feddit.delinkfedilinkarrow-up2·6 months agoBöhmermann in freier Wildbahn gesichtet
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up4·edit-26 months agoEven if it did, what would you do? rm -rf /? XZ is part of the core system
minus-squareatzanteol@sh.itjust.workslinkfedilinkEnglisharrow-up4arrow-down1·edit-230 days agoRemoved by mod
minus-squareboredsquirrel@slrpnk.netlinkfedilinkarrow-up7·6 months agoYes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore. As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits
minus-squareboredsquirrel@slrpnk.netlinkfedilinkarrow-up1·6 months agoThis is obviously not about this known file. It is about “would this scanner detect a system package from the official repos opening an ssh connection”
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up2·edit-26 months agoThat doesn’t work against polymorphic malware I think the best way is to monitor calls and behavior. Doing that is a privacy nightmare
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up1·6 months agoOh well in that case there is no chance
I HIGHLY doubt that they would detect the XZ backdoor
Böhmermann in freier Wildbahn gesichtet
War auch überrascht
Even if it did, what would you do? rm -rf /?
XZ is part of the core system
Removed by mod
Yes and if viruses use something like base64 encoding or other methods, the hashes dont match anymore.
As far as I understood it, it is pretty easy to make your virus permanently un-hashable by just always changing some bits
Removed by mod
This is obviously not about this known file.
It is about “would this scanner detect a system package from the official repos opening an ssh connection”
Removed by mod
That doesn’t work against polymorphic malware
I think the best way is to monitor calls and behavior. Doing that is a privacy nightmare
Removed by mod
Oh well in that case there is no chance