(OT) Does anyone use FOSS Virus Scan?
Jason Stephenson
jason at sigio.com
Fri Jul 20 10:33:46 EDT 2007
Bill McGonigle wrote:
>
> Response time from the ClamAV team has been measured to be lower than
> commercial vendors in many cases (virustotal I think was the source
> on that) - that's not an issue to worry about.
I want to add that ClamAV has often caught stuff that Symantec running
our our desktops did not even know about, yet. ClamAV gets constant
updates, and it is recommended that you update your definitions at least
twice a day, though checking every other hour is not unheard of. You are
lucky to get daily (or even weekly) updates from most commercial AV vendors.
[Deletia]
> and there's a project to tag phishing and mail scams using ClamAV
> signatures.
I have never had a virus, worm, or Trojan get through ClamAV. I have
reported a couple of phish emails that got through the filter in the
past. In most of the cases, they were added to the definitions within
hours of being reported. In a couple of cases, someone else beat me to
reporting the same phish.
The phish check is optional. There's a configuration option to disable
it. It is on by default, though, and I have found it catches more than
the virus/worm/trojan definitions do on both of my mail servers.
Probably one of the coolest features of ClamAV is that it is written
entirely in standard C. You can compile it and use it pretty much
anywhere you have a C compiler.
Oh, and 0.91.1 just came out, so if you're running an older version, it
is time to update.
Cheers,
Jason
More information about the gnhlug-discuss
mailing list