On-access AV scanning

Daniel Bye freebsd-questions at slightlystrange.org
Fri Jul 27 11:47:33 UTC 2012 

On Fri, Jul 27, 2012 at 07:19:45AM -0400, Daniel Feenberg wrote:
> 
> 
> On Fri, 27 Jul 2012, Daniel Bye wrote:
> 
> >On Fri, Jul 27, 2012 at 12:51:04PM +0200, Wojciech Puchar wrote:
> >>>Are there any current options available to support on-access antivirus
> >>>scanning on FreeBSD?
> >>>
> >>FreeBSD doesn't need this as there are no viruses on that system.
> >
> >Well, thanks.
> >
> >>
> >>>And yes, I know that neither FreeBSD nor Solaris are renowned for their
> >>>sickly vulnerability to viruses, but we operate in a mixed environment, with
> >>>a lot of Windows machines and ZFS file systems exported by SMB/CIFS, so we
> >>>need the AV to ensure any viruses are stopped before they infect a
> >>>susceptible machine.  It seems a small price to pay to finally get a decent
> >>>workstation!
> >>No idea - YOU will not spread wiruses, and viruses from other
> >>winstations will not affect you.
> >>
> >>so just install antivirus software on winstations.
> >>
> >>Or finally educate users as it is really simple to avoid viruses
> >>even with windows
> >
> >I refer you to the part where I specifically talk about our corporate IT
> >policy. All desktops/workstations (that is, all of them, every single one),
> >must have AV software running on them. There will be no exceptions, on pain
> 
> Well, there is AV software for FreeBSD - we use Kaspersky on our
> FreeBSD based mailserver, but the viruses it looks for are Windows
> viruses. I don't know if that will satisfy your IT policy. Maybe you
> should be looking at Cygwin? Or, can FreeBSD run under HyperV?

Thanks, Daniel. I have looked at Kaspersky, and various others, but the main
sticking point, as I see it, is that there is no on-access scanning
capability in any of the AV packages available for FreeBSD.  It's not
essential to build my case, but it would certainly strengthen it.  I use
ClamAV on my home mail server, and it works well.  I have also tested it out
on a desktop machine to run on-demand scans, and it works just fine, and
doesn't impose so much of a load as to be a nuisance.

We have had a couple of virus outbreaks recently, so this is quite a high
profile concern around here at the moment. The CIO is from a technical
background, so I might well be able to convince him of FreeBSD's strengths
as a very secure system, but I will still need to accede to the IT policy,
sadly - no way around it.

Dan

-- 
Daniel Bye
                                                                     _
                                              ASCII ribbon campaign ( )
                                         - against HTML, vCards and  X
                                - proprietary attachments in e-mail / \
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20120727/27a3d6a3/attachment.pgp

More information about the freebsd-questions mailing list