On Thu, 3 Oct 2013, John P. Rouillard wrote:
> Hi all: > > Does anybody have anything to say about Trend Micro, Kapersky, Sophos > or Eset which are on my to look at list? (I have had really bad luck > with McAfee and Symantec in the past on pc's, so I have removed them > from the list.) > We have used Kaspersky for many years with FreeBSD and Sendmail, but I presume Linux will be similar. The executable can read a file from the standard input and report a hit with the return code, so it is quite flexible as to what happens to files, reporting, etc if you can do a little shell scripting. I suppose you would have a script that ran it against all the files newer than the last run and removed rx permissions from hits while emailing the sysadmin and owner. We don't actually use it that way. A cron job can update the signiture file. It is not unfriendly to "the Unix way". False virus positives are extremely rare to non-existent. dan feenberg > Also on the wishlist: > > Automatic quarantining or denial of access to infected files > (with some method to override it to react to false positives) > > On premises execution, not cloud based is prefered as the server > is firewalled to the outside currently > > Automatic signature (not software) update. > > Notification/reporting that can integrate with nagios and > provide some 'C' level type reports: number of files scanned of > each type, number of signatures in database, number of viruses > detected ... > > For a first pass at evaluating the effectiveness of the commercial > versions, I have been using the AV testing from > > http://chart.av-comparatives.org > and > http://www.av-test.org) > > to do initial filtering of vendors. Thoughts? Other places I should look. > > Thanks for your help. > > -- > -- rouilj > John Rouillard > =========================================================================== > My employers don't acknowledge my existence much less my opinions. > > _______________________________________________ > bblisa mailing list > [email protected] > http://www.bblisa.org/mailman/listinfo/bblisa > _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
