Ubunto 8.10 and AVG 7.5.51

Bart Silverstrim bsilver at chrononomicon.com
Fri Mar 20 13:51:12 UTC 2009

Dirk Freitag wrote:

> That's really interesting.  So what would be the best Linux AV?

Depends on what you're going to do.

AV is largely a PITA in my opinion...it takes up CPU cycles and disk use 
and still there's a lag between malware being released and you getting a 
signature, if it even detects the issue in a reasonable amount of time. 
It's like having body armor that just swings around your body, shielding 
some percentage of you at any given time. And you can't overlap AV's 
because they can interfere with each other.

If you're running a mail server, ClamAV would be best bet, although I 
prefer just blocking executable attachments, period. If I could I'd 
sanitize everything to text too, stripping out the dancing mini-pics and 
day-glo backgrounds.

I've never heard of someone, a home linux user, accidentally sending 
Windows viruses to Windows users. Is it possible? Sure...if you're doing 
file sharing and/or forwarding executables to people. But I've not seen 
it happen personally. Or if you're playing with WINE and run a Windows 
malware executable I suppose it's also possible.


If you want automated on-access-scanning (which ClamAV doesn't really 
do, it's on-demand without some hacking around) use f-prot or AVG. I've 
used AVG for home systems. But it's not a cure-all. No AV is. Paranoid 
application of best practices is the closest you'll come to a cure...

More information about the ubuntu-users mailing list