Re: [sleuthkit-users] Fiwalk clam scripts miss boot sector virus
Brought to you by:
carrier
Menu
▾
▴
Re: [sleuthkit-users] Fiwalk clam scripts miss boot sector virus
|
From: Simson G. <si...@ac...> - 2014-08-18 19:56:46
|
fiwalk uses sleuthkit auto tools On Aug 18, 2014, at 3:35 PM, Christie Peterson <cpe...@jh...> wrote: > I have some floppy disks known to be infected with the boot sector virus AntiCMOS.B but when I run ficlam.sh/clamconfig.txt(https://github.com/sleuthkit/sleuthkit/tree/master/tools/fiwalk/plugins) against images of these disks, it returns nothing found. > > I’m wondering if this is because of how fiwalk “walks” disk images – would a malware scan using fiwalk to access the contents of a disk image ever find something in the boot sector? I’d appreciate any explanation that you could provide. > > Thanks in advance, > > > Christie Peterson > > > ------------------------------------------------------------------------------ > _______________________________________________ > sleuthkit-users mailing list > https://lists.sourceforge.net/lists/listinfo/sleuthkit-users > http://www.sleuthkit.org |
