2

Q1: Does anyone know of some real-time, on-access protection antivirus software for linux, that is capable of fully utilizing multi-core processors of today?

I am having issues using KAV for Samba, as while it does its on-access scanning, files are being accessed by many clients and that creates a bottleneck on server, as it scans (almost) every file on open.

Another problem that I have with KAV is that it won't work with kernels newer than 2.6.26, which is a problem, since it won't work with new hardware (which requires new kernel versions).

Q2: Does anyone knows of on-access antivirus software for linux that works with newest kernels? A big plus is if one has used software with success.

If anyohe has an idea about solving one (or both) of these problems, please!

I have tried to configure samba-vscan wth ClamAV, but no luck there (some weird error during compiling of samba-vscan module).

By the way, server is being used as samba server, in a network of clients, running Debian-based distro (if it matters anyway).

Thanks!

Improve this question

1 Answer 1

Reset to default
0

I did a little Google checking and ClamAV claims to support both multi-threaded and on-demand scanning. See here for the 0.96.1 release early-to-mid 2010. They offer help in a few ways that should hit your questions directly. This includes forums, a wiki, and even paid support. If this is an employer-directed action, ask them to buy some support so that you can make some progress.

I saw a hint that the Dag Wieers repository may have one prebuilt, but I'm having trouble browsing the repository either on his website or rpmforge.net.

By the way, kernel-based on-access scanning is still not merged the last time I checked. That said, we were able to get the newest Symantec Endpoint to run on some RedHat 5 boxes. I wasn't privy to the details as far as problems and such. I also don't know if there is a Debian distribution or if it is on-access scanning.

Improve this answer
3
  • Were you satisfied with Symantec Endpoint, performance-wise? Commented Nov 8, 2010 at 19:09
  • We don't hate it. We also don't let it run on our servers, just desktops. I don't know about it's performance server-side. Nothing noticeable on the desktop - it integrates nicely and stay out of my way. Mainly there for to be a checked box on our security checklist. Commented Nov 9, 2010 at 4:19
  • ClamAV "supports" on-access scanning, using external, clamfs utility (you remount target directory structure as on-access scanned directory, courtesy of clamd). Marking it as an answer. Commented Nov 23, 2010 at 2:51

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.