Firewall questions
Paul Schmehl
pauls at utdallas.edu
Wed Mar 23 15:01:41 PST 2005
--On Wednesday, March 23, 2005 09:45:56 PM +0000 RW
<list-freebsd-2004 at morbius.sent.com> wrote:
>
> Clamav is supposed to be good for filtering windows viruses out of email.
> I know Fastmail.fm dropped Kaspersky in favour of Clamav, they claimed
> the updates to be at least as good.
>
We did some pretty thorough testing of Clamav, uvscan (McAfee) and sophie
(Sophos) side by side on a mail gateway using amavisd.
Clamav was *almost* as good as McAfee and definitely better than Sophos at
detecting viruses. Clamav beat uvscan hands down on cpu usage and
detection of Phishing scams.
Here's our latest stats - clamav is primary. uvscan only gets used if
clamav doesn't detect a virus.
These statistics represent data from 2005-03-01 to yesterday
Total detections - 7369
Total phishing scams - 7080
Total viruses - 289
Total McAfee - 23
Total ClamAV - 266
The last two lines are *unique* detections. Basically what it means is
that clamav missed 23 viruses that uvscan subsequently caught. So clamav
has a 92.04% virus detection rate so far for the month. (Updates are
fetched and installed automatically for both scanners.)
When I was keeping separate stats on each, clamav ran about a half a
percent behind uvscan and sophie *never* had an independent detection. It
also had a much lower detection rate. (E.g. clamav 94.6, uvscan 95.3,
sophie 91.8)
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu
More information about the freebsd-questions
mailing list