SOT: AntiVirus Software

Fri Jan 26 17:56:22 CET 2007

Dimitri Yioulos wrote:
> On Thursday 25 January 2007 6:58 pm, Scott Silva wrote:
>> Matt Kettler spake the following on 1/25/2007 3:11 PM:
>>> Glenn Steen wrote:
>>>> On 25/01/07, Scott Silva <ssilva at sgvwater.com> wrote:
>>>>>> The free version still includes this statement in it;
>>>>>>
>>>>>>     Thank  you  for  choosing  to  install  the  freeware version of
>>>>>>     BitDefender for Linux Console Free Edition. It can be used  free
>>>>>>     of  charge.  It is fully functional and without any restrictions
>>>>>>     regarding the licensed version of the product.
>>>>>>
>>>>>> I'm not a lawyer, but it looks like it is still free.
>>>>> Looking at my logs, it doesn't seem to be hitting anything here lately.
>>>>> Especially the new Trojan.Downloader-??? that clam has been getting
>>>>> since last
>>>>> weekend. Even a scan of the quarantined file shows nothing. Even
>>>>> McAfee is
>>>>> getting these!
>>>>>
>>>>> I guess it is time to hit the flusher on Bitdefender.
>>>> Still seems to be on par with mcafee here.... which isn't saying that
>>>> much:-):-)
>>>>
>>>> Cheers
>>> It seems in recent months both sides of the clamav and bitdefender hits
>>> have diverged considerably.
>>>
>>> Let's look at some numbers from my system. Note I've excluded
>>> "HTML-Phishing" matches by clamav from this, as that's not something
>>> BitDefender (aka bdc) looks for.
>>>
>>>
>>> Dec 1, 2006-today:
>>> messages with viruses found by clam but not bdc: 142
>>> messages with viruses found by bdc but clam: 148
>>>
>>> Looks like both bdc and clam are catching about the same number of
>>> messages that the other missed..
>>>
>>>
>>>
>>> July 1, 2006 - Dec 1, 2006
>>> clam not bdc: 39
>>> bdc not clam: 30
>>>
>>> Note that in the previous 5 months, these numbers were MUCH smaller. This
>>> tells me that in the past clam and bdc both matched most of the same
>>> messages. However, recently, that's changed and a lot more viruses are
>>> coming out that are only caught by one of the two.
>>>
>>> This might be due to an increase in how fast viruses mutate, I'm not
>>> sure. However, clearly BitDefender is still doing a lot of good here,
>>> catching several things clam is missing.
>> My volume is still low enough to leave it running. I think I am dumping
>> most of the viruses with blacklists, as my hit rate is very low. And
>> MailScanner is catching them by filetype rules even when the virus scanners
>> miss.
>>
>> --
> 
> I apologize if I'm taking this post OT, but is anyone using the "free" 
> BitDefender console version with MS? 

Erm, yes.. that's what BDC is that I'm referring to above.

 I installed it, and ran MS
> bitdefender-autoupdate, which seemed to work.  But, it's hard to tell if the 
> virus signatures were truly updated.  Does anyone know if this is the case?  

You can always run bdc --update manually right after the autoupdate. If the
autoupdate worked, the manual run shouldn't find anything to update.

> Also, must bitdefender be "started"?  I

No. the free version is a console app. There's nothing to start.

>And, finally, should
> bitdefender-autoupdate be run as a cron job, or does MS handle that?

MS handles that, by default ever hour.

You should see log messages like this:

Jan 26 06:09:53 xanadu update.virus.scanners: Found bitdefender installed
Jan 26 06:09:53 xanadu update.virus.scanners: Running autoupdate for bitdefender

Jan 26 07:09:17 xanadu update.virus.scanners: Found bitdefender installed
Jan 26 07:09:17 xanadu update.virus.scanners: Running autoupdate for bitdefender