Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 27 Jul 2012 12:47:29 +0100
From:      Daniel Bye <>
Subject:   Re: On-access AV scanning
Message-ID:  <>
In-Reply-To: <>
References:  <> <> <> <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jul 27, 2012 at 07:19:45AM -0400, Daniel Feenberg wrote:
> On Fri, 27 Jul 2012, Daniel Bye wrote:
> >On Fri, Jul 27, 2012 at 12:51:04PM +0200, Wojciech Puchar wrote:
> >>>Are there any current options available to support on-access antivirus
> >>>scanning on FreeBSD?
> >>>
> >>FreeBSD doesn't need this as there are no viruses on that system.
> >
> >Well, thanks.
> >
> >>
> >>>And yes, I know that neither FreeBSD nor Solaris are renowned for their
> >>>sickly vulnerability to viruses, but we operate in a mixed environment=
, with
> >>>a lot of Windows machines and ZFS file systems exported by SMB/CIFS, s=
o we
> >>>need the AV to ensure any viruses are stopped before they infect a
> >>>susceptible machine.  It seems a small price to pay to finally get a d=
> >>>workstation!
> >>No idea - YOU will not spread wiruses, and viruses from other
> >>winstations will not affect you.
> >>
> >>so just install antivirus software on winstations.
> >>
> >>Or finally educate users as it is really simple to avoid viruses
> >>even with windows
> >
> >I refer you to the part where I specifically talk about our corporate IT
> >policy. All desktops/workstations (that is, all of them, every single on=
> >must have AV software running on them. There will be no exceptions, on p=
> Well, there is AV software for FreeBSD - we use Kaspersky on our
> FreeBSD based mailserver, but the viruses it looks for are Windows
> viruses. I don't know if that will satisfy your IT policy. Maybe you
> should be looking at Cygwin? Or, can FreeBSD run under HyperV?

Thanks, Daniel. I have looked at Kaspersky, and various others, but the main
sticking point, as I see it, is that there is no on-access scanning
capability in any of the AV packages available for FreeBSD.  It's not
essential to build my case, but it would certainly strengthen it.  I use
ClamAV on my home mail server, and it works well.  I have also tested it out
on a desktop machine to run on-demand scans, and it works just fine, and
doesn't impose so much of a load as to be a nuisance.

We have had a couple of virus outbreaks recently, so this is quite a high
profile concern around here at the moment. The CIO is from a technical
background, so I might well be able to convince him of FreeBSD's strengths
as a very secure system, but I will still need to accede to the IT policy,
sadly - no way around it.


Daniel Bye
                                              ASCII ribbon campaign ( )
                                         - against HTML, vCards and  X
                                - proprietary attachments in e-mail / \

Content-Type: application/pgp-signature

Version: GnuPG v1.4.12 (FreeBSD)



Want to link to this message? Use this URL: <>