What situation are you still seeing virus files deposited? The only situations I'm aware of would be if a client placed the file there via NFS, then no scan takes place, or if a virus-infected file is embedded deep in an archive such as a zip or tar file.
In the first case though, when a windows client attempts to read the file, I believe the virus scan will still take place, so it should get caught then. I'm not sure what solution there is to a deeply embedded virus. Most systems (server or desktop) simply can't handle the performance hit of doing deep scans of every zip file.
-----Original Message----- From: owner-toasters@mathworks.com [mailto:owner-toasters@mathworks.com]On Behalf Of Mike Sphar Sent: Tuesday, March 25, 2003 10:37 AM To: toasters@mathworks.com Subject: RE: Virus Scanning
[snip]
I'm not sure what solution there is to a deeply embedded virus. Most systems (server or desktop) simply can't handle the performance hit of doing deep scans of every zip file.
Especially files like this one: http://www.consume.org/~jshare/42.zip
You may have seen it before, it's a nested set of zip files that expands out to petabytes of data. I think it's 5-deep nested (16 files per nest), with the final "leaf" being 4gigs of 0s (or null, or something).
I think this is kind of a canonical file, however, so AV vendors may deal with it specifically.
For fun, you can mail it to your buddies that /do/ deep scan zip files. (With friends like these.... :)
Jordan
-
Jordan Share -
Mike Sphar