From owner-freebsd-questions@FreeBSD.ORG Fri Jul 27 12:59:10 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 49A201065674 for ; Fri, 27 Jul 2012 12:59:10 +0000 (UTC) (envelope-from erichfreebsdlist@ovitrap.com) Received: from alogreentechnologies.com (alogreentechnologies.com [67.212.224.110]) by mx1.freebsd.org (Postfix) with ESMTP id 176838FC17 for ; Fri, 27 Jul 2012 12:59:10 +0000 (UTC) Received: from AMD620.ovitrap.com ([49.128.188.2]) (authenticated bits=0) by alogreentechnologies.com (8.13.1/8.13.1) with ESMTP id q6RCwxIQ001202; Fri, 27 Jul 2012 06:59:04 -0600 Date: Fri, 27 Jul 2012 20:01:31 +0700 From: Erich Dollansky To: Daniel Bye Message-ID: <20120727200131.268f2d4e@AMD620.ovitrap.com> In-Reply-To: <20120727123811.GF4834@catflap.slightlystrange.org> References: <20120727104308.GA4834@catflap.slightlystrange.org> <20120727110019.GB4834@catflap.slightlystrange.org> <20120727114729.GC4834@catflap.slightlystrange.org> <20120727191529.01222988@AMD620.ovitrap.com> <20120727123811.GF4834@catflap.slightlystrange.org> X-Mailer: Claws Mail 3.8.0 (GTK+ 2.24.6; amd64-portbld-freebsd10.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: On-access AV scanning X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2012 12:59:10 -0000 Hi, On Fri, 27 Jul 2012 13:38:11 +0100 Daniel Bye wrote: > On Fri, Jul 27, 2012 at 07:15:29PM +0700, Erich Dollansky wrote: > > On Fri, 27 Jul 2012 12:47:29 +0100 > > Daniel Bye wrote: > > > On Fri, Jul 27, 2012 at 07:19:45AM -0400, Daniel Feenberg wrote: > > > > On Fri, 27 Jul 2012, Daniel Bye wrote: > > > > >On Fri, Jul 27, 2012 at 12:51:04PM +0200, Wojciech Puchar > > > > >wrote: > > > > >>>Are there any current options available to support on-access > > > > >>>antivirus scanning on FreeBSD? > > > > why should it be available when it is not needed? > > Because the IT policy (currently) requires it. I don't agree with that > policy, but there you are - I don't have the authority to simply > ignore it. > no, no, I meant why should FreeBSD need them. I am aware of your problem. > > Yes, I know. But we have petabytes of file systems shared over > SMB/CIFS, so if a Windows machine inroduces something to the network, > it strikes me as reasonable that if my (still putative) FreeBSD > system finds it before another Windows system, I have potentially > prevented a much wider problem. > Why don't you get a FreeBSD machine which scans the network traffic and have some fun with the results? > > > The security concepts of FreeBSD are 100% different. They will never > > match this kind of policy. > > Yes, and I am hoping that that fact is enough to persuade him that the > current policy (which he inherited, by the way, he didn't have a hand > it its establishment) is no longer applicable in an increasingly > mixed environment (Polytropon brought up the obvious matter of > smartphones and tablets and other devices). > Why don't you have another try? We use very often a FreeBSD machine with more CPU power as a server and older machines just as thin clients. These machines can be Windows machines running whatever virus scanners you want and an X server (cygwin will do). Your applications run actually on the FreeBSD machine and the Windows machine is only a terminal. I think that this could match your policy and also shows how pointless the policy is. Erich