# Virus scan over Network Gentoo->Win

## Baarn

Hey,

I wonder if its possible to virus-scan my windows laptop from my gentoo server via network?

I haven't found any solutions on this topic, so I'm asking here  :Wink: 

my goal is to install a virus scanner on my gentoobox and let it scan my windowsbox (win7) and of course itself if needed.

in the near future i want to route all network traffic going to my winbox through my gentoobox (at least if at home), so network scanning would be a big bonus. 

so, which software would you recommend? (should be free, is clamAV really that bad? wikipedia says so:( )

whats the easiest way to get started? i mean at the moment i can't even get a ping onto my winbox, strangely

I am really new to these topics, especially when it comes to gentoo, so even some hints, abbreviations for google or gentoo-wiki links would be a great help.

Thanks  :Smile: 

----------

## BradN

To properly virus scan a machine, you have to be accessing the data through a method that can't be rootkit-ed or similar.  So, scanning over the network with windows running is a bad approach (might catch the easy viruses but not the bad ones that take over the filesystem layer).

My suggested approach for a networked scanning system is network booting a good operating system on the machine to be scanned, then either running the scan locally or exporting the hard drive contents over the network and scanning from another machine.  Scanning locally will be less network intensive.

If network booting isn't possible, then either CD booting or USB flash booting (with hardware write-protect USB stick) are possible options.  But, I suggest avoiding trying to scan within the installed OS as it gives a false sense of security.  I have seen tons of viruses evade avast and similar on the local machine, but when the hard drive is plugged into another machine, they can be found because they weren't able to load and interfere with scanning.

Good luck!

----------

## Baarn

Good point. Thanks!

I will try it with a LiveDVD first I think.

Is there a way to realtime-scan network traffic going through a machine, I only found business solutions so far.

----------

## Sysa

1. If you want it - you can share your Windows disks, mount the shares into your Linux box and scan it. Of course, it is not reliable and untrusted solution.

2. Try http://www.sysresccd.org/ - it has ClamAV included. Do not forget to freshclam first!  :Wink: 

----------

