Will clam AV find issues inside WINE?
Is there any advantage/disadvantage scanning for rootkits / AV / trojans etc. from inside WINE (installed into....) or outside?
Is there something avail to install inside?
What is best recommended choice to check WINE re: rootkits / AV / trojans etc. ?
If you wanted to do so.
Which Linux AV/rootkit hunters will not really work to detect WINE issues?
Thanks
clam AV
Re: clam AV
Yes, clamav can detect viruses installed in wine.
Six years ago, someone even integrated it into wine:
http://www.christoph-probst.com/soc2006/wine/
You can also run wine in a virtual machine to study viri;
http://zerowine.sourceforge.net/
does this.
Best advice for the moment is probably "run clamav yourself
on everything you download, run it nightly in cron, and
remove the Z: symlink in the .wine/dosdevices directory".
If you're handy with chroot jails or other native Linux security
tools, you could try them, too. (We kind of need a writeup
on how to do this, since it's not really easy, and not many
people have tried it.)
Six years ago, someone even integrated it into wine:
http://www.christoph-probst.com/soc2006/wine/
You can also run wine in a virtual machine to study viri;
http://zerowine.sourceforge.net/
does this.
Best advice for the moment is probably "run clamav yourself
on everything you download, run it nightly in cron, and
remove the Z: symlink in the .wine/dosdevices directory".
If you're handy with chroot jails or other native Linux security
tools, you could try them, too. (We kind of need a writeup
on how to do this, since it's not really easy, and not many
people have tried it.)
