LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-03-2012, 04:48 PM   #1
Fred Caro
Member
 
Registered: May 2007
Posts: 999

Rep: Reputation: 166Reputation: 166
pclinuxos reporting threats when running clamtk and they relate to snort


Dear all,
a general scan from clamtk results in 70 odd 'threats' but these relate to snort which does not appear to be installed correctly, I ran "ps -A | grep snort" and get nothing when I expect at least one line of activity. This might be because I have updated using "apt-upgrade" instead of "apt-upgrade-distro". All in all a confusing mixture of deb associated commands and rpm.
What I want to know is, are the 'threats' a result of my incompetence or real?
I am running LXDE and think some of the functions/programs are cloud based.

Any ideas.

Fred.
 
Old 08-04-2012, 10:26 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
IMHO posting actual application and diagnostics output is way more helpful and efficient for solving a problem than talking about it.
 
Old 08-05-2012, 07:59 AM   #3
Fred Caro
Member
 
Registered: May 2007
Posts: 999

Original Poster
Rep: Reputation: 166Reputation: 166
scan results, I hope

Sorry, unable to copy and paste the screenshot of clamtk's results. Ah, the attachment might have worked! Admittedly only a snippet but still don't know why it (clamav) is picking up on snort stuff, especially when snort does not appear to be running- see above post.

Fred.
Attached Thumbnails
Click image for larger version

Name:	shot11.png
Views:	5
Size:	41.3 KB
ID:	10287  
 
Old 08-05-2012, 09:03 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529Reputation: 3529
Quote:
Originally Posted by Fred Caro View Post
What I want to know is, are the 'threats' (..) real?
Screen shot shows files thought to be part of packages (verify package contents if you want proof) and AV message does not indicate anything that would affects Linux. Maybe Clamtk hasn't (check options?) but I know clamscan accepts --log=/path/to/file. Maybe use that next time as it's more efficient?
 
Old 08-09-2012, 11:10 AM   #5
Fred Caro
Member
 
Registered: May 2007
Posts: 999

Original Poster
Rep: Reputation: 166Reputation: 166
unspawn

Thanks for the responses but drive has now died, only gives morbid clicking noise. Worn state might account for odd behaviour.

Fred.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
smartctl testing not running/reporting NirvanaII Linux - Hardware 2 05-28-2011 04:21 PM
Snort/Base reporting no traffic, Ntop not showing any TCP traffic. a2brute Linux - Security 1 08-10-2009 01:21 PM
Relate snort logs with Internal IPs logicalfuzz Linux - Software 0 01-17-2006 04:10 AM
snort sig reporting 1:1113 a lot tuxmaster Linux - Security 2 06-29-2005 12:44 AM
snort's reporting Bad traffic... TheIrish Linux - Security 4 12-02-2003 09:53 PM


All times are GMT -5. The time now is 07:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration