Some more on AV scanners.

Glenn Steen glenn.steen at gmail.com
Thu Aug 17 16:54:28 IST 2006 

On 17/08/06, Brad Beckenhauer <bbecken at aafp.org> wrote:
> I install Norman yesterday.   The rpm install was straight forward (rpm
> -ivh style) and after registering the license key (via command line) you
> can get the dat file updates.  I posted the needed changes for mailwatch
> to the mailwatch forum yesterday.  I'd like to hear comments from anyone
> who has been running Norman for a longer period.

Good info, thanks. I too am most interested in a bit of "long term use" stories.

> Kaspersky...  I also have it installed & configured, but I cannot get
> MailScanner 4.54.6 to use it.
>
> This test works and it detects the eicar virus in the tmp directory.
> /usr/lib/MailScanner/kaspersky-wrapper  /opt/kav/5.5/kav4unix /tmp
>
> MailScanner in debug mode has given me nothing informational either.
> Any suggestions are welcome to troubleshoot this further.
>
Can't really help you there, since I've never used Kaspersky.
I suppose you've looked at the wiki page(s) for it?
Also, if MS uses any command line options, you should tag them on last
on the commandline for the wrapper. I'm not at work (and too lazy to
connect and check:-) so I can't really tell if it does. Look through
SweepViruses.pm for the init function for kav.... Should detail any
options.

> >>> glenn.steen at gmail.com 8/17/2006 9:04 AM >>>
> Since bdc has turned into payware, I'm thinking about the
> alternatives.
> Today I run with ClamAV, McAfee and BitDefender.
>
> Looking at the list of supported scanners, I'm leaning either toward
> implementing AVG or Norman. Does anyone have any experience with these
> two they'd care to share?
> Or perhaps F-secure or Antivir... same there, what's your experience?
> Or how about Kaspersky or DrWeb?
>
> The cheapest alternative is likely Panda (buy their cheapest product
> so that you can get at the updates), but .... I've never particularly
> liked that one:).
>
> Sophos, vexira, f-prot and nod32 seemed a bit steep, which would
> likely cull them from my list (tightfisted PHB:-). And I just detest
> Trend, Symantec and CA, so those went out before the start:-).
>
> Going through the list of supported scanners in MailScanner.conf I
> noted that the URL for Norman points to their German site, which is a
> bit strange considering they are Norwegian... www.norman.com or
> www.norman.no would be better... And the link to Command just doesn't
> seem to work at all. Does it still exist?
> BTW, I suppose Jules could cull RAV from the list pretty soon too...
> It's "Microsoft" nowadays, and I couldn't find any *nix scanner at all
> at their site (rather unsurprising:-).
>
> I've also noted that there are a few(!) scanners we don't support...
> Would there be any interest in getting a wrapper going for Avast!, Una
> or some other AV?
>
> --
> -- Glenn
> email: glenn < dot > steen < at > gmail < dot > com
> work: glenn < dot > steen < at > ap1 < dot > se
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
>


-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se

More information about the MailScanner mailing list