Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 27 Jul 2012 13:38:11 +0100
From:      Daniel Bye <freebsd-questions@slightlystrange.org>
To:        freebsd-questions@freebsd.org
Subject:   Re: On-access AV scanning
Message-ID:  <20120727123811.GF4834@catflap.slightlystrange.org>
In-Reply-To: <20120727191529.01222988@AMD620.ovitrap.com>
References:  <20120727104308.GA4834@catflap.slightlystrange.org> <alpine.BSF.2.00.1207271249160.20428@wojtek.tensor.gdynia.pl> <20120727110019.GB4834@catflap.slightlystrange.org> <alpine.DEB.2.00.1207270715360.9614@nber9.nber.org> <20120727114729.GC4834@catflap.slightlystrange.org> <20120727191529.01222988@AMD620.ovitrap.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--Il7n/DHsA0sMLmDu
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jul 27, 2012 at 07:15:29PM +0700, Erich Dollansky wrote:
> Hi,
>=20
> On Fri, 27 Jul 2012 12:47:29 +0100
> Daniel Bye <freebsd-questions@slightlystrange.org> wrote:
>=20
> > On Fri, Jul 27, 2012 at 07:19:45AM -0400, Daniel Feenberg wrote:
> > >=20
> > >=20
> > > On Fri, 27 Jul 2012, Daniel Bye wrote:
> > >=20
> > > >On Fri, Jul 27, 2012 at 12:51:04PM +0200, Wojciech Puchar wrote:
> > > >>>Are there any current options available to support on-access
> > > >>>antivirus scanning on FreeBSD?
>=20
> why should it be available when it is not needed?

Because the IT policy (currently) requires it. I don't agree with that
policy, but there you are - I don't have the authority to simply ignore it.


> > > >>>
> > > >>FreeBSD doesn't need this as there are no viruses on that system.
>=20
> Ok, this is a bad reasoning.
> > > >
> > Thanks, Daniel. I have looked at Kaspersky, and various others, but
> > the main sticking point, as I see it, is that there is no on-access
> > scanning capability in any of the AV packages available for FreeBSD.
>=20
> You will not find them. The scanners running on FreeBSD are looking for
> Windows pests.

Yes, I know. But we have petabytes of file systems shared over SMB/CIFS, so
if a Windows machine inroduces something to the network, it strikes me as
reasonable that if my (still putative) FreeBSD system finds it before
another Windows system, I have potentially prevented a much wider problem.


>=20
> > It's not essential to build my case, but it would certainly
> > strengthen it.  I use ClamAV on my home mail server, and it works
> > well.  I have also tested it out on a desktop machine to run
> > on-demand scans, and it works just fine, and doesn't impose so much
> > of a load as to be a nuisance.
> >=20
> Does it scan for FreeBSD viruses? I would wonder.

I wouldn't waste your time wondering, if I were you. Of course they *all*
look for malware that infests Windows machines. But, that nontwithstanding,
I have to adhere to the policy, whether I like it or not.

>=20
> > We have had a couple of virus outbreaks recently, so this is quite a
> > high profile concern around here at the moment. The CIO is from a
> > technical background, so I might well be able to convince him of
> > FreeBSD's strengths as a very secure system, but I will still need to
> > accede to the IT policy, sadly - no way around it.
>=20
> You will have to give it a miss then.
>=20
> The security concepts of FreeBSD are 100% different. They will never
> match this kind of policy.

Yes, and I am hoping that that fact is enough to persuade him that the
current policy (which he inherited, by the way, he didn't have a hand it its
establishment) is no longer applicable in an increasingly mixed environment
(Polytropon brought up the obvious matter of smartphones and tablets and
other devices).

Thanks for your thoughts.

Dan

--=20
Daniel Bye
                                                                     _
                                              ASCII ribbon campaign ( )
                                         - against HTML, vCards and  X
                                - proprietary attachments in e-mail / \

--Il7n/DHsA0sMLmDu
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (FreeBSD)

iEYEARECAAYFAlASi7MACgkQixf5fBYiFmrShwCdG305ci1lool7cCZi7ssbbmCI
MgcAoJQZ1c5clNMCs65ab6QrV2DC9A5Z
=yLit
-----END PGP SIGNATURE-----

--Il7n/DHsA0sMLmDu--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120727123811.GF4834>