Date: Mon, 9 Sep 2002 16:05:29 +0400 From: "Nickolay A. Kritsky" <nkritsky@internethelp.ru> To: Lawrence Sica <lomifeh@earthlink.net> Cc: freebsd-security@FreeBSD.ORG, freebsd-doc@FreeBSD.ORG Subject: Re: Fwd: Anti-virus section for FAQ Message-ID: <318821464.20020909160529@internethelp.ru> In-Reply-To: <C65773AC-C1C5-11D6-A71E-000393A335A2@earthlink.net> References: <C65773AC-C1C5-11D6-A71E-000393A335A2@earthlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Lawrence, Friday, September 06, 2002, 10:23:43 PM, you wrote: LS> Oops, helps if I post the url eh ;) LS> http://www.thesicafamily.org/larry/articles/avfaq.html I would like to add to this list following AV solution: "Procmail Email Sanitizer" - http://www.impsec.org/email-tools/procmail-security.html To comment the FAQ itself. I do not think that just the list of antivirus packages is a good answer for FAQ. The thing is, that freqentissimus AV-related question sounds like "What is the best AV for freebsd/sendmail/qmail?" not just "What kind of antiviruses do you know?". I think, that it would be truly useful if people, who have an experience with setting up AV on FreeBSD share their knowledge with us in the manner like this: ;--------------FAQ entry start Q. What are the pros and contras of "Procmail Email Sanitizer"? A. Pros for me 1. It is free. 2. It is quite simple to understand and tweak, because it is written with Perl and procmailrc(see man) and all sources are open. 3. It does not rely on signatures provided by vendor, but uses another algorithm of filtering (see webpage for details). Thus it can stop many virii(viries?) before they are known to public. 4. It has support, which consists of mailing list (never tried) and John Hardin (the developer) who was kind and answered some of my questions. 5. It works. It has not failed yet. But see contras. Contras for me 1. I never used it for stopping MSOffice-based virii. May be it can do it, maybe not. 2. I had to read and understand `man procmailrc'. But maybe it is from "pros" part. Resume: Use it to stop EXE/HTML/JScript/VBScript - based virii and trojans. If somebody has tested it with MSOffice based virii - can you tell me what you think about that? ;--------------FAQ entry end ;------------------------------------------- ; NKritsky ; mailto:nkritsky@internethelp.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?318821464.20020909160529>