OT - Multiple Virus Scanners
Glenn Steen
glenn.steen at gmail.com
Tue Aug 15 13:39:24 IST 2006
On 15/08/06, Jon Bates <jon.bates at summitmotors.com.au> wrote:
>
> > Until recently we only had F-prot. Since this month we also use ClamAV.
> > ClamAV gets more viruses than F-prot but they are mainly phishing
> > attacks. Like this:
> > ClamAV Module: msg-7834-833.html was infected: HTML.Phishing.Bank-626
>
> > Other viruses are detected by both but F-prot often doesn't know what
> > virus it is:
> > F-Prot: ./k7F3rsPS018425/Thomas.zip->bvpqirlyfk.exe could be a
> > suspicious file (encrypted program in archive)
> > While ClamAV mentions:
> > ClamAV Module: msg-9011-774.html was infected: Worm.Bagle
>
> > When only F-prot finds one it is usually an unknown virus too:
> > F-Prot: ./k7F6ORPR032693/Ebay-Rechnung.pdf.zip->Ebay-Rechnung.pdf.exe
> > could be infected with an unknown virus
>
> > Of the 106 viruses detected today on one of our systems 56 were detected
> > by both, 48 only by ClamAV and 2 only by F-prot. Of those 48 detected by
> > only ClamAV only 1 was not a phishing attack. That one was infected
> > with Worm.Lovgate.X (ClamAV name).
>
>
> Wonderful. Thanks very much for your input guys. You've put me on the right
> track.
> I think I'll weigh up the cost of implementing the ones that you've
> mentioned and go from there.
> I've been spoiled by ClamAV - not having to pay a cent for excellent
> protection on my mail servers (although we've since made a donation as a
> token of thanks for an awesome product!). Unfortunately though, there isn't
> many other decent free alternatives to use as a secondary scanner. Oh well!
>
> Thanks again.
>
> Jon
>
That rather depends on the definition of "decent":-).
If you run linux (or freebsd) there are at least BitDefender Command
line. Sure, it's not as light as ClamAV, but not that bad either (all
depends, of course:). And the price is right (free).
If you have a site license for a commercial AV, you might be entiteled
to download/use/update their *nix priduct too. This is true for at
least McAfee.
And finally there is Panda, which is not that great, but... not
absolutely horrid (as it used to be). The download is free
(freeware...), but you need a license to be able to download the
signature updates.
Check
http://wiki.mailscanner.info/doku.php?id=documentation:anti_virus:bitdefender:install
http://wiki.mailscanner.info/doku.php?id=documentation:anti_virus:mcafee:install
http://wiki.mailscanner.info/doku.php?id=documentation:anti_virus:panda:install
for more details.
--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner
mailing list