[kwlug-disc] so ... what's your opinion on linux anti-virus software?

Oksana Goertzen ogoertzen at gmail.com
Thu Feb 5 14:10:20 EST 2009


On Thu, Feb 5, 2009 at 10:15 AM, <john at netdirect.ca> wrote:

> -----kwlug-disc-bounces at kwlug.org wrote: -----
> >IIRC, if you want on the fly scanning, for, at least, avg and clamav
> >(note the c not the k) [but klamav calls clamav], you have to rebuild
> >
> >your kernel removing a module (capability) so you can add one
> >(dazuko).
> >
> >A non-trivial operation if not an expert.
> >
> >Have you found this to be true John / your experiences?
>
> We decided on using Trend for that. Here's why. We only put AV on email
> servers (that handle external email) or file servers. And it's only there to
> protect the Windows PCs that are using the server. As a result we've relied
> on Trend Micro OfficeProtect/ServerProtect to provide both automatic updates
> to Windows and real-time protection of the shares on the system.
>

We also use Trend AV for Windows servers (Officescan) and ServerProtect
for NetWare & Linux as well as ScanMail for Domino.  I've been quite happy
with their suite of products.




> As a result  we only used ClamAV for email filtering either in addition to
> Trend (if it was a file server too) or in place of Trend (if the server did
> email only.)
>
> One thing your question reminds me of is that with Trend we had a limited
> number of kernels that it supported. For real-time scanning it needed to
> load proprietary kernel modules and despite lots of updates they didn't
> support every kernel, often not supporting the most recent or interim
> releases. It could often be a problem finding a kernel that Trend supported
> and was also supported by a hardware vendor (if we needed the functionality
> of their driver.)
>

FYI
>From the Trend website:

"In ServerProtect for Linux 3.0, the Kernel Hook Module (KHM) is open
source licensed under General Public License (GPL). This provides users
the flexibility to recompile the KHM when they upgrade their Linux kernel
versions without waiting for Trend Micro to release the official KHMs."

- Oksana
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://astoria.ccjclearline.com/pipermail/kwlug-disc_kwlug.org/attachments/20090205/99ea99e5/attachment.html>


More information about the kwlug-disc_kwlug.org mailing list