[Mageia-discuss] malware checking on our repositories?
Michael Scherer
misc at zarb.org
Mon Mar 14 18:59:43 CET 2011
Le lundi 14 mars 2011 à 14:26 +0000, Mattias Kilbo a écrit :
> > > I do not know if we have anything like this already
> > but if not:
> > >
> > > How about we put some anti malware checking on our
> > repositories? So
> > > when someone adds or changes a package an automatic
> > anti malware check
> > > is done.
> >
> > Well, what do you propose to setup ?
> >
> > Do you have a product that would have detected what
> > happened to gentoo ?
> >
> > -- Michael Scherer
> >
>
> I do not have deep enough knowledge in packaging to have a setup. But something along the lines of:
> A package is uploaded
> An automatic test is done with some anti-malware program
> If anything suspicious if found the update is set on hold until some "admin" checks the potential malware.
>
> There are some anti virus programs for Linux
> http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications
> And some of them (at least on windows) can find malware in code that is not yet know as malware. I do not know if any of it would have detected the Unreal malware.
How does it find the difference between :
openssh listen on port 22 when run, and accept command,
and
malware listen on some port, and accept command that run some software ?
--
Michael Scherer
More information about the Mageia-discuss
mailing list