bdc BitDefender Console - problems, problems

Ion-Mihai Tetcu itetcu at people.tecnik93.com
Wed Mar 22 08:31:48 UTC 2006


 [ cc'ing port maintainer, which is always a good idea ]

> On Tue, 21 Mar 2006 23:30:21 -0800
Chris <bsd at 1command.com> wrote:

> Hello,
> I built & installed bdc-7.0.1_1 from the ports on a 5.4 system.

uname from your .sig is for that system ?

> I have a couple of problems:
> After the build/ install I logged out/ logged in and performed
> bdc --update. As instructed by the banner displayed upon successful
> installation. After updating bdc. I performed bdc --info which returned:
> 
> Error: core initialization failed: Libfn initialization failed
> 
> Googling for this error returned a solution that someone on the
> freebsd-questions list provided back in June of 2005. Further
> indicationg that "work was underway to release a libfn.so file, which
> will be available in a future update." This was almost a year ago.
> I hate to sound like I'm whining, or ungreatful (which I'm not). But
> isn't this a long time to wait for something that is related to system
> security? Anyway, the cure is to build/ install misc/comapt4x. Which I
> did. 

Interesting. Adi, maybe the port should depend on compat4x until the
problem is fixed ?

> I then rebooted after the install. Only to be greeted with an
> rc message indicating that compat4x was not completely/ correctly
> installed. I quickly discovered that I needed to enable it in rc.conf.
> OK, wouldn't it be prudent to place a banner at the end of the compat4x
> install; warning that an entry in rc is required to ENable compat4x? I
> enabled it in my kernconf already, as well as Linux emulation/ compatibility.
> Linux ABI. As well as Apache and many (most?) of the other ports that require
> rc support *do* inform the user after install of this need. I guess I'm
> just really suprised that something that *is* freebsd doesn't. Just thought
> it was worth mentioning.

Look for the message telling you an rc.d file has been installed and if
you see it you can be 98% sure  you have to enable it via
rc.conf[.local] Eventually all ports start-up scripts will be converted
to rc.d and will have to be enable via rc.onf[.local]

> One last problem; about bdc itself. I ran it against all the mailboxes
> after making it happy about the libfn problem. I used the following:
> 
> bdc --arc --files --log --debug --mail --disinfect --move /var/mail
> 
> which returned:
> 
> BDC/FreeBSD 5.x-Console (v7.0-2545) (i386) (Dec 22 2004 19:56:57)
> Copyright (C) 1996-2004 SOFTWIN SRL. All rights reserved.
> 
> /var/mail/infos=>(message 37)=>[S ...  (CET)]=>(MIME part)=>q361598.exe 
>   infected: Win32.Swen.A at mm <- cevakrnl.xmd
> /var/mail/infos=>(message 37)=>[Subject: ... 6 +0100 (CET)]=>(MIME 
> part)=>q361598.exe  move failed <- cevakrnl.xmd
> 
> It doesn't appear that all that work to get bdc installed and working
> was worth the time and trouble after all. Isn't it capable of disinfection
> yet?

My policy has always been that infected mail should be deleted :)

> It *does* know what it is; as indicated with the following:
> 
> bdc --arc --files --log --debug --mail --disinfect /var/mail
> BDC/FreeBSD 5.x-Console (v7.0-2545) (i386) (Dec 22 2004 19:56:57)
> Copyright (C) 1996-2004 SOFTWIN SRL. All rights reserved.
> 
> /var/mail/infos=>(message 37)=>[S ...  (CET)]=>(MIME part)=>q361598.exe 
>   infected: Win32.Swen.A at mm <- cevakrnl.xmd
> /var/mail/infos=>(message 37)=>[Subject: M ... :16 +0100 (CET)]=>(MIME 
> part)=>q361598.exe  deleted <- cevakrnl.xmd
> /var/mail/infos=>(message 37)=>[Subject: Mic ...  Feb 2006 21:29:16 
> +0100 (CET)]=>(MIME part)  updated <- mime.xmd
> /var/mail/infos=>(message 37)  updated <- mbox.xmd
> /var/mail/infos  update failed
> 
> So it *knows* what it is. But doesn't appear to be a mature enough
> ant-virus application to actually disinfect or protect a system yet.
> Is that true?

Might be true for disinfection for some viruses, but not for all. As to
protection, I believe it does it job adequately: it detects the
viruses and the signatures are updated very quick.


-- 
IOnut - Unregistered ;) FreeBSD "user"
  "Intellectual Property" is   nowhere near as valuable   as "Intellect"

BOFH excuse #369:
Virus transmitted from computer to sysadmins




More information about the freebsd-ports mailing list