On 4/20/19 2:44 AM, Rob Gordon wrote:
I was hoping someone knew of a tool where this could be safely downloaded and checked.
It could be something innocent, like a PGP signature.
Anyway, download it to a Linux box, and extract the file.
Linux, not Windows. Malware operators default to Windows, unless they
know that their target exclusively uses Mac or Linux. For a mailing
list, the assumption is that the users will be on Windows.
There are a couple of AV programs that run on Linux, specifically to
look for malware targetting Windows.
I have no idea what the name of the AV software is, or even if it is any
good.
I've got a sacrificial Linux box with WINE installed, to run suspicious
files on. Most malware for Windows does a crash and burn under WINE, but
usually leaves enough evidence to indicate what it was attempting to do.
I also run tripwire, which tells me what was installed, and where it was
installed.tripwire
jonathon
