I tested with the rspamd clamav instance so it logs in /var/log/maillog but it just works. Thanks for the link, this really seems a nice feature. If such catastrophic failures happen, that whole companies or administrations are not able to work for weeks, this is accepted with a shrug of the shoulders “it was just a software bug”.Īfter 20 years in the IT business, I am increasingly coming to the conclusion that if skyscrapers, hotels, ships or airplanes were built according to the same principles and with the same low standards as software, nobody would use them. Quick money is more important, collateral damage is accepted without fuss.
Inexplicably, we have to live with the fact that established software architectures and development processes are not capable of delivering secure software products and platforms all we can do is stick a band-aid on the bleeding spots.Even worse, the software industry’s mantra of “there can’t be any bug-free and secure software at all” is not even seriously questioned. There will already be a proper AV installed… Ultimately, Linux shifts the responsibility to the clients and their management. That’s exactly what I’ve always wondered about, too. PS: This could be subject of a sub-discussion for end of month meeting… How much of this BS are we believing ourselves?Īny Feedback / Thoughts on this would be very welcome… The components are there, but bricks lying on the floor is not a wall (yet)… And Samba is a great file server, can replace a Windows server easily… And Linux itself has hardly any viruses in the wild…
I’ve had for example Novell Netware Servers with McAfee installed in 1995 - and On Access was the standard! On any properly setup Windows Server, even 20 years ago, “On Access” AV-checking is standard.Įven on other systems, “On Access” was / is the standard. The file in question was never checked on the server!!!ĭuring a working day, not a single file is checked!Īnything kept until the check will be found, but for daily work, clients are unprotected… Then the following happens:Ī user copies a file from a compromised Notebook to the file server.Īnother user / co-worker opens that file, and infects his PC or other Infrastructure. This easily can take 6 hours on a small-medium sized system - and only provides a “pseudo security”, as it’s use is actually zero…ĬlamAV, when installed, does a full check daily, usually at night because of CPU load. What it can do, is a regular check on the whole filesystem.
The same goes for Websites with the squid plug-in / module.īut the mainstay of AntiVirus besides mail is still infected files… And, in my opinion, ClamAV is not really any use as an AntiVirus for any file server - simply as it does not provide a mechanism for “On Access” checking. A good, usable example is mail AV checks, mail with ClamAV has more or less “On access” checks enabled. ClamAV is the defacto standard for AntiVirus on Linux / FOSS.
0 kommentar(er)
