Date: Wed, 23 Mar 2005 17:01:40 -0600 From: Paul Schmehl <pauls@utdallas.edu> To: freebsd-questions@freebsd.org Subject: Re: Firewall questions Message-ID: <423551A7187FB1AEDBCC9A2A@utd49554.utdallas.edu> In-Reply-To: <200503232145.57304.list-freebsd-2004@morbius.sent.com> References: <20050323204710.56664.qmail@web30202.mail.mud.yahoo.com> <3831.216.220.59.169.1111611800.squirrel@216.220.59.169> <200503232145.57304.list-freebsd-2004@morbius.sent.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--On Wednesday, March 23, 2005 09:45:56 PM +0000 RW <list-freebsd-2004@morbius.sent.com> wrote: > > Clamav is supposed to be good for filtering windows viruses out of email. > I know Fastmail.fm dropped Kaspersky in favour of Clamav, they claimed > the updates to be at least as good. > We did some pretty thorough testing of Clamav, uvscan (McAfee) and sophie (Sophos) side by side on a mail gateway using amavisd. Clamav was *almost* as good as McAfee and definitely better than Sophos at detecting viruses. Clamav beat uvscan hands down on cpu usage and detection of Phishing scams. Here's our latest stats - clamav is primary. uvscan only gets used if clamav doesn't detect a virus. These statistics represent data from 2005-03-01 to yesterday Total detections - 7369 Total phishing scams - 7080 Total viruses - 289 Total McAfee - 23 Total ClamAV - 266 The last two lines are *unique* detections. Basically what it means is that clamav missed 23 viruses that uvscan subsequently caught. So clamav has a 92.04% virus detection rate so far for the month. (Updates are fetched and installed automatically for both scanners.) When I was keeping separate stats on each, clamav ran about a half a percent behind uvscan and sophie *never* had an independent detection. It also had a much lower detection rate. (E.g. clamav 94.6, uvscan 95.3, sophie 91.8) Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?423551A7187FB1AEDBCC9A2A>