Firewall/Virusscanner
Hello world. A little question: I'm looking for a decent virusscanner to install on my SuSE 6.2 firewall. While all good firewall programs defend you against hackers, I still haven't found a decent virusscanner to defend all workstations behind the firewall. Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations. Anybody have some suggestions? A good scanner scanning incoming mail on my SuSE7.0 + Sendmail 8.10.2 would be a really nice too :) TIA. Ralf Vroomen Engineer I.T. Plus. Tel: 0413-382401 Fax: 0413-382136 Mail: ralf.vroomen@itplus.nl
On Fri, 1 Dec 2000 ralf.vroomen@itplus.nl wrote:
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations.
Anybody have some suggestions? A good scanner scanning incoming mail on my SuSE7.0 + Sendmail 8.10.2 would be a really nice too :)
Well, AMaViS or AMaViS-Perl, inflex, Protector or MIMEDefanger (which uses the libmilter stuff introduced in sendmail 8.10.x, but libmilter is still marked for future release). See www.openantivirus.org/av-unix_e.txt for a list of commerical anti virus products and open source solutions to integrate them into your eMail server (uh, reminds me to update this list soon ...). There's no open source virus scanning engine right now and I'm afraid this won't change in the near future. See www.av-test.com for a recent product comparison of anti virus programs for Linux. HTH P.S. The latest issue of the Information Security Bulletin (the german edition) by CHI Publishing (http://www.chi-publishing.com/) covers this topic, but I don't think this article will be translated for the international edition. best regards, Rainer Link -- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations.
You should also install viruses software on the workstations because it is possible for users to get content a central scanner cannot scan (it is encrypted, comes through a channel it isn't looking at like or a different one entirely like a floppy disk, etc.). Trend Micro makes viruswall, which runs on Linux (we use it) one nice thing it does (that amavis/etc can't do) is scan outgoing emails. http://www.antivirus.com/products/isvw/ Linux: Red Hat Linux 6.1 or above OR Turbo Linux 6.1J. It should work on SuSE. Kurt Seifried, seifried@securityportal.com SecurityPortal - your focal point for security on the 'net
On Fri, 1 Dec 2000, Kurt Seifried wrote:
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations.
You should also install viruses software on the workstations because it is possible for users to get content a central scanner cannot scan (it is encrypted, comes through a channel it isn't looking at like or a different one entirely like a floppy disk, etc.).
Correct. A combination of server-based and client-based virus protection is considered as state-of-the-art. But please don't forget about user education! (do I have to mention the word backup, too ?! ;)))
Trend Micro makes viruswall, which runs on Linux (we use it) one nice thing it does (that amavis/etc can't do) is scan outgoing emails. Huh? That's wrong at least for AMaViS, AMaviS-Perl, (c)inflex and MIMEDefanger. A very nice solution is AV Mail Gate from H+B EDV, too, but it's not open source. But yes, you can't really compare AMaViS with InterScan VirusWall (ISVW).
http://www.antivirus.com/products/isvw/ Linux: Red Hat Linux 6.1 or above OR Turbo Linux 6.1J. It should work on SuSE.
We've been working together with Trend Micro (Germany), as there were some glitches on SuSE Linux. I own a copy of ISVW 3.6 Build 1122 for SuSE Linux 6.4 and 7.0. Trend Micro Germany published a press release some days ago. best regards, Rainer Link -- Rainer Link | SuSE - The Linux Experts link@suse.de | Developer of A Mail Virus Scanner (amavis.org) www.suse.de | Founder OpenAntiVirus Project (www.openantivirus.org)
Hi all, Take a look @: http://www.avp.com/trial.html http://www.avp.com/topdownloads.html http://www.avp.ch/E/products.htm http://www.avp.ch/E/dlinux.htm May be this is interesting, i haven't tested any of these. Regards, Joop Boonen. Kurt Seifried wrote:
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations.
You should also install viruses software on the workstations because it is possible for users to get content a central scanner cannot scan (it is encrypted, comes through a channel it isn't looking at like or a different one entirely like a floppy disk, etc.).
Trend Micro makes viruswall, which runs on Linux (we use it) one nice thing it does (that amavis/etc can't do) is scan outgoing emails.
http://www.antivirus.com/products/isvw/ Linux: Red Hat Linux 6.1 or above OR Turbo Linux 6.1J.
It should work on SuSE.
Kurt Seifried, seifried@securityportal.com SecurityPortal - your focal point for security on the 'net
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
I have, AVP works like a champ on both SuSE and Redhat. Especially if you use it with MFilter. (http://sourceforge.net/projects/mfilter) Disclaimer: I occasionally do some work for the Mfilter project :) Nix At 10:29 PM 1/12/2000 +0100, you wrote:
Hi all,
Take a look @: http://www.avp.com/trial.html http://www.avp.com/topdownloads.html http://www.avp.ch/E/products.htm http://www.avp.ch/E/dlinux.htm
May be this is interesting, i haven't tested any of these.
Regards,
Joop Boonen.
Kurt Seifried wrote:
Okay, you could install virusscanners on all worstation, but my goal
is to
catch the virus and those damn pokémon BEFORE they can reach the workstations.
You should also install viruses software on the workstations because it is possible for users to get content a central scanner cannot scan (it is encrypted, comes through a channel it isn't looking at like or a different one entirely like a floppy disk, etc.).
Trend Micro makes viruswall, which runs on Linux (we use it) one nice thing it does (that amavis/etc can't do) is scan outgoing emails.
http://www.antivirus.com/products/isvw/ Linux: Red Hat Linux 6.1 or above OR Turbo Linux 6.1J.
It should work on SuSE.
Kurt Seifried, seifried@securityportal.com SecurityPortal - your focal point for security on the 'net
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hi all, Take a look @: http://www.avp.com/trial.html http://www.avp.com/topdownloads.html http://www.avp.ch/E/products.htm http://www.avp.ch/E/dlinux.htm May be this is interesting, i haven't tested any of these. Regards, Joop Boonen. Kurt Seifried wrote:
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations.
You should also install viruses software on the workstations because it is possible for users to get content a central scanner cannot scan (it is encrypted, comes through a channel it isn't looking at like or a different one entirely like a floppy disk, etc.).
Trend Micro makes viruswall, which runs on Linux (we use it) one nice thing it does (that amavis/etc can't do) is scan outgoing emails.
http://www.antivirus.com/products/isvw/ Linux: Red Hat Linux 6.1 or above OR Turbo Linux 6.1J.
It should work on SuSE.
Kurt Seifried, seifried@securityportal.com SecurityPortal - your focal point for security on the 'net
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hi all, Take a look @: http://www.avp.com/trial.html http://www.avp.com/topdownloads.html http://www.avp.ch/E/products.htm http://www.avp.ch/E/dlinux.htm May be this is interesting, i haven't tested any of these. Regards, Joop Boonen. Kurt Seifried wrote:
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations.
You should also install viruses software on the workstations because it is possible for users to get content a central scanner cannot scan (it is encrypted, comes through a channel it isn't looking at like or a different one entirely like a floppy disk, etc.).
Trend Micro makes viruswall, which runs on Linux (we use it) one nice thing it does (that amavis/etc can't do) is scan outgoing emails.
http://www.antivirus.com/products/isvw/ Linux: Red Hat Linux 6.1 or above OR Turbo Linux 6.1J.
It should work on SuSE.
Kurt Seifried, seifried@securityportal.com SecurityPortal - your focal point for security on the 'net
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
I use amavis and it is really good it even scans relayed e-mails. http://www.amavis.org On Fri, 1 Dec 2000 ralf.vroomen@itplus.nl wrote:
Hello world.
A little question:
I'm looking for a decent virusscanner to install on my SuSE 6.2 firewall. While all good firewall programs defend you against hackers, I still haven't found a decent virusscanner to defend all workstations behind the firewall.
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pok�mon BEFORE they can reach the workstations.
Anybody have some suggestions? A good scanner scanning incoming mail on my SuSE7.0 + Sendmail 8.10.2 would be a really nice too :)
TIA.
Ralf Vroomen Engineer I.T. Plus. Tel: 0413-382401 Fax: 0413-382136 Mail: ralf.vroomen@itplus.nl
On Fri, Dec 01, 2000 at 14:29 +0100, ralf.vroomen@itplus.nl wrote:
[ ... ] While all good firewall programs defend you against hackers, I still haven't found a decent virusscanner to defend all workstations behind the firewall.
Okay, you could install virusscanners on all worstation, but my goal is to catch the virus and those damn pokémon BEFORE they can reach the workstations.
Not to leave you with a wrong impression: It's not the "good firewall" defending you, it's employing it in the right way which does! And I consider it dangerous to believe that a central scanner could defend all workstations. What about crypted communication? What about Web and FTP transfer? What about removable media? Do yourself a favour and consider using *all* the tools available to you. Install a central scanner, maybe use multiple engines which complement their scanning success, and do install scanners at the workstations, too! And please turn off this f*** HTML in your email messages, at least when posting to lists. There's no point in tripling the volume for null gain in information value. Thanks! virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.
participants (7)
-
Gerhard Sittig
-
Joop Boonen
-
Kurt Seifried
-
Nix
-
Rainer Link
-
ralf.vroomen@itplus.nl
-
semat