On Thu, 2009-01-22 at 14:15 +0100, Ralph Angenendt wrote: > Anne Wilson wrote: > > I'm sure there are plenty of people that can give Ralph detailed information > > about using it efficiently. > > Sorry, I do not want to know how to "use clamav efficiently", I am just > wondering what good clamav will do on a server, as there aren't really > any hooks into file writing or reading. Sure, I can hook up clamav into > my email stream or into my proxy on that machine for filtering out > requests to people who use windows boxes behind those. > > But I do not understand which sense clamav makes on a linux server, if > there are no hooks into the kernel (I know about dazuko, but a) we don't > ship it and b) last time I looked at it I couldn't get it to run > properly without a *huge* speed penalty). > > As far as I know there is no AntiVirus solution for Linux which works > the same as all the solutions under Windows do. And if you do not have > real time scanning on a server/workstation, an anti virus scanner > doesn't do you any good, as the time frame for attacks is just too > large. Either you get it on the first shot or you can just forget about > it. > > So again: If you want to be PCI-DSS compliant - what's the use of > clamav? ---- re: the last question, I simply don't know. I do know that I have an 'unsupported' version of Symantec Anti-Virus for Linux which came with their 'End Point Protection' package which I gather is a 'real-time' package but I am not interested in finding out what that would do to performance of the system. I also know that samba has a 'vfs' option for using clamd on your samba/Windows file server. Craig