Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
Re: [suse-security] Samba-vscan experience
  • From: Rainer Link <link@xxxxxxxxxxxxxxxxxxxx>
  • Date: Wed, 24 Sep 2003 19:06:04 +0200
  • Message-id: <3F71CEFC.6050807@xxxxxxxxxxxxxxxxxxxx>


Fabiano Felix wrote:

Hi Felix,

as I'm the author bear in mind I'm biased ;)

I want to use the samba-vscan module in a productivity environment, and
I want to know that if someone have experience in this use? What's
problems may be presented? There is some restriction about preformance?

Actually, samba-vscan has been only tested in a smaller workgroup environment by me.

The performance impact varies and could be very huge, depending on the used virus scanner and files (~ types / sizes). You might have a look
at http://www.openantivirus.org/diploma-thesis.pdf for some performance testings and figures.

It's trustworthy?

Hum, what's your definition of trustworthy here? Do you trust me? Do you trust open source? Or commercial, closed sources anti-virus products? :-)

I apreciate some user's story...

Hum, I'm only aware of
http://computerdienst.kleinau.org/modules/tutorials/index.php?op=viewtutorial&tid=8

Once in a while I receive positive feedback from people, who use it a small to mid-size environment.

Some negative reports are
- slowdown is just too big with larger MS Access databases (as the whole file has to be scanned)
- transfering 1 GB of data via ICAP over wire is (obviously) just too slow

Alternatives:
- kernel-based like using Dazuko or closed sources ones like Trend Micros ServerProtect (not yet available for SuSE Linux).
- F-Prot using the library wrapper technique - drawback: can not by design scan files which are put on share

I use the SLES8 version (I believe that is better to make a package
update)...

I would recommend 0.3.4

Or, in short: try it and report the results back to us/me.

HTH

best regards,
Rainer Link



< Previous Next >
References