Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 23 Mar 2016 16:31:54 +1030
From:      Wayne Sierke <ws@au.dyndns.ws>
To:        krad <kraduk@gmail.com>, Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
Cc:        questions@freebsd.org
Subject:   Re: Anti-virus for FreeBSD
Message-ID:  <1458712914.1578.37.camel@au.dyndns.ws>
In-Reply-To: <CALfReyeHNrqZsCd_-3gMb+5RDEnW8aK2QfYCDRSBG+3bN5tpsQ@mail.gmail.com>
References:  <wu7vb4fm8ji.fsf@banyan.cs.ait.ac.th> <CALfReyeHNrqZsCd_-3gMb+5RDEnW8aK2QfYCDRSBG+3bN5tpsQ@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Tue, 2016-03-22 at 09:07 +0000, krad wrote:

> Other than that clamav
> is good enough.

I'm curious as to whether that's an objective or subjective view?

I've got clam-av set up on a couple of mail boxes scanning incoming
messages and find a worrying amount of viral content still gets
through. Even after submitting false-negative reports, manual tests
conducted (days!) later have failed to detect them.

To be fair, some of that also fails to be detected initially by
commercial AV scanners on MS Windows. However in one instance, for
example, one AV provider had an update deployed and distributed less
than two hours after they were notified.

I've submitted suspect attachments to the Virus-Total web site to find
that it was already submitted previously, sometimes long ago, and clam-
av is listed with a negative detection result.




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?1458712914.1578.37.camel>