[CentOS] Antivirus for CentOS? (yuck!)

Craig White craigwhite at azapple.com
Thu Jan 22 12:46:46 UTC 2009


On Thu, 2009-01-22 at 12:16 +0000, Anne Wilson wrote:
> On Thursday 22 January 2009 09:35:11 Ralph Angenendt wrote:
> > What do you do with clamav on a linux server? Especially: How is it run
> > by you? What do you think it protects you against on a linux server?
> 
> 1 - it protects you against passing on any windows viruses to windows users
> 2 - it satisfied those auditors who can't think beyond what they have been 
> told, especially if you have log proof.  Logwatch's daily report:
> 
>  --------------------- clam-update Begin ------------------------ 
> 
>  Last ClamAV update process started at Wed Jan 21 04:02:23 2009
>  
>  Last Status:
>     main.cvd is up to date (version: 49, sigs: 437972, f-level: 35, builder: 
> sven)
>     daily.cld is up to date (version: 8881, sigs: 56877, f-level: 38, builder: 
> ccordes)
>  
>  ---------------------- clam-update End ------------------------- 
> 
>  
>  --------------------- Clamav Begin ------------------------ 
> 
>  
>  **Unmatched Entries**
>  Database correctly reloaded (936952 signatures) 
>  
>  ---------------------- Clamav End -------------------------
> 
> That should satisfy and auditor.
----
the above suggests that clamav signature files were updated and the
database reloaded but nowhere does it suggest that any scanning of the
file system occurred nor the output of such scanning which probably
never occurred. What you have demonstrated is a gymnastic exercise which
accomplishes little. clamd might be able to do something useful but it
is not indicated above.

Craig



More information about the CentOS mailing list