Arthur Sherman wrote:
Hi Jim,
What AV would you suggest for SAMBA?
Sorry, I have no suggestions as I have never tried to do this. We have
symantec AV on all our windows workstations and I use only clamav on our
mail server. Im sure others will have many suggestions.
-Jim
Best,
--
Arthur Sherman
+972-52-4878851
CPTeam
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jim Maul
Sent: Monday, November 27, 2006 3:18 PM
To: ClamAV users ML
Subject: Re: [Clamav-users] clamscan sped
Erez Epstein wrote:
well, i'm not sure if thats the right solution, as smart
virus or old
file with new virus definiton will not be found.
also i know all other virus scanners do scan all files.
Then perhaps you should be using other virus scanners. Use the tool
that best fits the job. If you find that clamav takes a long time to
scan a large drive, that may be because this was not the
primary purpose
of the product.
Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main
purpose of
this software is the integration with mail servers
(attachment scanning).
While im sure the number of uses for clamav is growing all
the time, if
you try to use a product for a task that it was not designed
for and it
does that task poorly, why continue to try to make it work? Find a
product that works for you in this particular situation and use that
instead.
-Jim
On 11/26/06, Dennis Peterson <[EMAIL PROTECTED]> wrote:
Erez Epstein wrote:
and how can i shorten it while still scaning all files
every night.
Don't scan all of them every night. There is no need to
scan a file that
has not been modified since the last scan. There is
probably no need to
scan your logs, /var, /usr, /opt, /proc, /dev, /bin,
/sbin, or /devices
(or any root owned directory) unless you think you have
been hacked and
had your root account compromised.
You probably don't want to scan NFS mounts or Samba mounts as it is
rather expensive in terms of network traffic and speed,
and introduces
all kinds of interesting permissions and connection
reliability issues.
Clam is not a good intrusion detection tool so you might
want to run
TripWire or some similar tool that will tell you which
files have been
modified so you can limit your scan to those few files that require
scanning.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit
http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
_______________________________________________
Help us build a comprehensive ClamAV guide: visit
http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
_______________________________________________
Help us build a comprehensive ClamAV guide: visit
http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
