Kaspersky DaemonClient

Julian Field mailscanner at ecs.soton.ac.uk
Mon Dec 9 16:34:16 GMT 2002

At 16:11 09/12/2002, you wrote:
>Hi All,
>I am using Kaspersky with it's DaemonClient but as I understand there is
>no support for DaemonClient. kavscanner and AvPDaemonClient produces
>different outputs so SweepVirusess.pm can't parse the output??
>Due to high CPU load and long database loading time, I don't use
>AvpLinux. Is there any method to use kaspersky other then Daemon which
>take less CPU load and database loading time?

I have tried various of the other daemon-based scanners, and always found
them to actually be slower than the command-line ones in the only situation
where it matters.

Once you have a high load, MailScanner will be handling large batches of
messages at 1 go.

If you use a daemon you have to send the location of every file to be
scanned along a network socket to the daemon so it knows what to scan. If
you use the command-line scanner, you have to just give it the starting
directory and tell it to scan recursively. Agreed, you have to wait the
startup time of the command-line scanner each time, but this is always
outweighed by the overhead of having to send the full pathname of several
hundred files along a network socket to the daemon.

So while it may appear to be more efficient when scanning a few files at
once, the only time it actually matters is when you are running out of
server capacity and the message batches have grown very large. At this
point, the command-line scanner is faster than the daemon.

Which is why I don't support the daemons. You also have the reliability
aspect that
a) the daemon may crash, leaving you with a hung system,
b) the daemon may well leak resources, slowly degrading your system over time.
MailScanner is specifically designed to ensure that those problems never

>These are the outputs which produced by using AvpLinux and
>AvpDaemonClient with kaspersky-swapper options.
>|  AntiViral Toolkit Pro by Eugene Kaspersky for Linux  |
>|         Copyright(C) Kaspersky Lab. 1998-2000         |
>|                 Version 3.0  build 135.2              |
>|                                                       |
>                    Registration info:
>Key name      Ser. number            Price pos.             Exp. date
>AvpUnix.key   0117-000067-00047606   AVP Server Suite 1Y    11.6.2002
>000313F1.key  0097-000113-00201713   Kaspersky Anti-Vi...   3.5.2003
>Antiviral databases were loaded. Known records: 61105
>Current object: /home/fscheck/virus-ornek/HELL.COM
>/home/fscheck/virus-ornek/HELL.COM infected: Pixel.936
>/home/fscheck/virus-ornek/HELL.COM deleted: Pixel.936
>Scan process completed.
>          Sector Objects :      0              Known viruses :      1
>                   Files :      1               Virus bodies :      1
>                 Folders :      0                Disinfected :      0
>                Archives :      0                    Deleted :      1
>                  Packed :      0                   Warnings :      0
>                                                  Suspicious :      0
>          Speed (Kb/sec) :      1                  Corrupted :      0
>               Scan time :  00:00:01              I/O Errors :      0
>and AvpDaemonClient output.
>Current object: /home/fscheck/virus-ornek/HELL.COM
>Test result: 4
>Known viruses were detected
>Found viruses: /tmp/AVD4954f.tmp        infected: Pixel.936
>Number of pure objects:                                   0
>Number of objects with detected viruses                   1
>Number of disinfected objects:                            0
>Number of deleted objects:                                0
>Number of suspicious objects:                             0
>Number of objects with corrupted or changed viruses:      0
>Number of corrupted(or disabled) objects                  0
>Number of interrupted scan                                0
>Scan time:                                         00:00:01
>Return code: 4

Julian Field
MailScanner thanks transtec Computers for their support

This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses

More information about the MailScanner mailing list