From owner-freebsd-questions@FreeBSD.ORG Sat Apr 29 23:49:19 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D4FE816A412 for ; Sat, 29 Apr 2006 23:49:19 +0000 (UTC) (envelope-from jdow@earthlink.net) Received: from elasmtp-banded.atl.sa.earthlink.net (elasmtp-banded.atl.sa.earthlink.net [209.86.89.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 719C543D69 for ; Sat, 29 Apr 2006 23:49:11 +0000 (GMT) (envelope-from jdow@earthlink.net) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net; b=lyYzD06FGWmKgQVkOuntYYIW4nKOJXn1bI3Y7Rq2IdlWisN2OuIwOtF9qVxR8ntF; h=Received:Message-ID:From:To:References:Subject:Date:MIME-Version:Content-Type:Content-Transfer-Encoding:X-Priority:X-MSMail-Priority:X-Mailer:X-MimeOLE:X-ELNK-Trace:X-Originating-IP; Received: from [71.116.183.98] (helo=Wednesday) by elasmtp-banded.atl.sa.earthlink.net with asmtp (Exim 4.34) id 1FZzBW-0002O4-Ej for freebsd-questions@freebsd.org; Sat, 29 Apr 2006 19:49:10 -0400 Message-ID: <033b01c66be7$82f37ad0$0225a8c0@Wednesday> From: "jdow" To: References: <80f4f2b20604290606h64e259d5w3d3c21891779eb06@mail.gmail.com> <20060429153724.6ED1.GERARD@seibercom.net> Date: Sat, 29 Apr 2006 16:49:09 -0700 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="UTF-8"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2869 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2869 X-ELNK-Trace: bb89ecdb26a8f9f24d2b10475b5711209dbe130b096fe9b5b0d7cda1ff4d5ed9900f0771c95f4286350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 71.116.183.98 Subject: Re: Antivirus to scan files before going onto a Windows machine:clamav? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Apr 2006 23:49:19 -0000 From: "Gerard Seibert" > Jim Stapleton wrote: > >> Anyone have experience with ClamAV? Good, Bad, Ugly? >> >> Should I use something else, or is the only good alternative >> pay/expensive (such as avast)? >> Am I better at leaving the antivirus stuff to the Windows machine >> (which has McAfee Enterprise)? >> >> Background: >> System lags occasionally, and has crashed a few times, and is getting >> disk errors (both HDs, one IDE, one SATA started this at the same >> time). I suspect the motherboard, but can't be certain, could be Mem >> or PSU. >> >> Could also be virus. >> >> So, I want to scan my backed up files while reinstalling Windows on >> the other machine, before letting them go back home to play. >> >> Thanks >> -Jim >> > Personally, I use ZoneAlarm Suite on my WinXP machines. I have several > networked together with my FreeBSD machine. > > On several occasions, ZoneAlarm has caught a virus that ClamAV missed > during mail scanning. I am not sure why though. From what I could gather, > the ClamAV signatures had not caught up to the new virus. I reload the > Clamav signatures every 4 hours. The ZoneAlarm signatures are done once > a day, however. Different tools have different update cycles, different crews working on them, and your machine has different automatic updates for the various AV tools. That's why I like my defense in depth. So far nothing has triggered the final F-Secure stage. But that's mainly for the web browsing viruses anyway. The first line of defense is Earthlink's virus blocker. So far it appears that ClamAV, the second line of defense, has mostly caught scam rather than virus problems. I suppose the SpamAssassin I run is another half a level of defense. It's not really an AV tool. But an awful lot of malware emails look like spam so they trigger the SpamAssassin stage for many people. I figure it's almost time to get to the Trend site and run their free online scan to get a solid fourth opinion about the sanctity of my machine here. Color me paranoid if you wish; but, they ARE out to get me - but it's nothing personal. They'll be happy to get you, too. {^_-} Joanne