From owner-freebsd-questions@FreeBSD.ORG Fri Jul 27 12:38:25 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A1E7E106567B for ; Fri, 27 Jul 2012 12:38:25 +0000 (UTC) (envelope-from dan@slightlystrange.org) Received: from lhscloud01.localhostservices.net (lhscloud01.localhostservices.net [83.222.226.222]) by mx1.freebsd.org (Postfix) with ESMTP id 4294F8FC21 for ; Fri, 27 Jul 2012 12:38:25 +0000 (UTC) Received: from client-82-26-202-194.pete.adsl.virginmedia.com ([82.26.202.194] helo=catflap.slightlystrange.org) by lhscloud01.localhostservices.net with esmtps (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.80 (FreeBSD)) (envelope-from ) id 1Sujo4-000JV7-C9 for freebsd-questions@freebsd.org; Fri, 27 Jul 2012 13:38:24 +0100 Received: from dan by catflap.slightlystrange.org with local (Exim 4.80 (FreeBSD)) (envelope-from ) id 1Sujo3-0001Ec-Rc for freebsd-questions@freebsd.org; Fri, 27 Jul 2012 13:38:11 +0100 Date: Fri, 27 Jul 2012 13:38:11 +0100 From: Daniel Bye To: freebsd-questions@freebsd.org Message-ID: <20120727123811.GF4834@catflap.slightlystrange.org> References: <20120727104308.GA4834@catflap.slightlystrange.org> <20120727110019.GB4834@catflap.slightlystrange.org> <20120727114729.GC4834@catflap.slightlystrange.org> <20120727191529.01222988@AMD620.ovitrap.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Il7n/DHsA0sMLmDu" Content-Disposition: inline In-Reply-To: <20120727191529.01222988@AMD620.ovitrap.com> X-PGP-Fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 User-Agent: Mutt/1.5.21 (2010-09-15) Sender: Daniel Bye Subject: Re: On-access AV scanning X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Bye List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2012 12:38:25 -0000 --Il7n/DHsA0sMLmDu Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 27, 2012 at 07:15:29PM +0700, Erich Dollansky wrote: > Hi, >=20 > On Fri, 27 Jul 2012 12:47:29 +0100 > Daniel Bye wrote: >=20 > > On Fri, Jul 27, 2012 at 07:19:45AM -0400, Daniel Feenberg wrote: > > >=20 > > >=20 > > > On Fri, 27 Jul 2012, Daniel Bye wrote: > > >=20 > > > >On Fri, Jul 27, 2012 at 12:51:04PM +0200, Wojciech Puchar wrote: > > > >>>Are there any current options available to support on-access > > > >>>antivirus scanning on FreeBSD? >=20 > why should it be available when it is not needed? Because the IT policy (currently) requires it. I don't agree with that policy, but there you are - I don't have the authority to simply ignore it. > > > >>> > > > >>FreeBSD doesn't need this as there are no viruses on that system. >=20 > Ok, this is a bad reasoning. > > > > > > Thanks, Daniel. I have looked at Kaspersky, and various others, but > > the main sticking point, as I see it, is that there is no on-access > > scanning capability in any of the AV packages available for FreeBSD. >=20 > You will not find them. The scanners running on FreeBSD are looking for > Windows pests. Yes, I know. But we have petabytes of file systems shared over SMB/CIFS, so if a Windows machine inroduces something to the network, it strikes me as reasonable that if my (still putative) FreeBSD system finds it before another Windows system, I have potentially prevented a much wider problem. >=20 > > It's not essential to build my case, but it would certainly > > strengthen it. I use ClamAV on my home mail server, and it works > > well. I have also tested it out on a desktop machine to run > > on-demand scans, and it works just fine, and doesn't impose so much > > of a load as to be a nuisance. > >=20 > Does it scan for FreeBSD viruses? I would wonder. I wouldn't waste your time wondering, if I were you. Of course they *all* look for malware that infests Windows machines. But, that nontwithstanding, I have to adhere to the policy, whether I like it or not. >=20 > > We have had a couple of virus outbreaks recently, so this is quite a > > high profile concern around here at the moment. The CIO is from a > > technical background, so I might well be able to convince him of > > FreeBSD's strengths as a very secure system, but I will still need to > > accede to the IT policy, sadly - no way around it. >=20 > You will have to give it a miss then. >=20 > The security concepts of FreeBSD are 100% different. They will never > match this kind of policy. Yes, and I am hoping that that fact is enough to persuade him that the current policy (which he inherited, by the way, he didn't have a hand it its establishment) is no longer applicable in an increasingly mixed environment (Polytropon brought up the obvious matter of smartphones and tablets and other devices). Thanks for your thoughts. Dan --=20 Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ --Il7n/DHsA0sMLmDu Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (FreeBSD) iEYEARECAAYFAlASi7MACgkQixf5fBYiFmrShwCdG305ci1lool7cCZi7ssbbmCI MgcAoJQZ1c5clNMCs65ab6QrV2DC9A5Z =yLit -----END PGP SIGNATURE----- --Il7n/DHsA0sMLmDu--