[CentOS] Antivirus for CentOS? (yuck!)

Thu Jan 22 13:27:23 UTC 2009
Craig White <craigwhite at azapple.com>

On Thu, 2009-01-22 at 14:15 +0100, Ralph Angenendt wrote:
> Anne Wilson wrote:
> > I'm sure there are plenty of people that can give Ralph detailed information 
> > about using it efficiently. 
> Sorry, I do not want to know how to "use clamav efficiently", I am just
> wondering what good clamav will do on a server, as there aren't really
> any hooks into file writing or reading. Sure, I can hook up clamav into
> my email stream or into my proxy on that machine for filtering out
> requests to people who use windows boxes behind those.
> But I do not understand which sense clamav makes on a linux server, if
> there are no hooks into the kernel (I know about dazuko, but a) we don't
> ship it and b) last time I looked at it I couldn't get it to run
> properly without a *huge* speed penalty). 
> As far as I know there is no AntiVirus solution for Linux which works
> the same as all the solutions under Windows do. And if you do not have
> real time scanning on a server/workstation, an anti virus scanner
> doesn't do you any good, as the time frame for attacks is just too
> large. Either you get it on the first shot or you can just forget about
> it. 
> So again: If you want to be PCI-DSS compliant - what's the use of
> clamav?
re: the last question, I simply don't know.

I do know that I have an 'unsupported' version of Symantec Anti-Virus
for Linux which came with their 'End Point Protection' package which I
gather is a 'real-time' package but I am not interested in finding out
what that would do to performance of the system.

I also know that samba has a 'vfs' option for using clamd on your
samba/Windows file server.