Michelle,
The first thing I would do for performance is to limit your scans to
user home directories unless you're really paranoid. Then you can use
one of the intrusion detectors to make sure none of the system files
were touched. For me, validating that the system files haven't been
tampered
On 2012-12-26 17:13, Michelle Knight wrote:
Hi Folks,
Up until now, I've been using Clam on a linux client to remotely scan my
ZFS volumes overnight every few days; primarily as I don't know anything
about running anti-viru direclty on the OI box. (...)
I don't really suffer viruses; thanks to
Thank you both for your advice.
I neglected to tell you exactly what role OI is being used for, which
could help you target your advice.
The OI machine is a simple text server installation; no frills. It has
two admin users on board, namely root and the irregular user name
that I use when
+1 on the ClamAV thing.
In past lives when I cared about virus', I never had any problem getting
a clean compile of ClamAV on Solaris or Solaris based distro's.
I would also 2nd Jim's recommendation of the VSCAN and related items.
It looks like the following is necessary to get the base VSCAN
http://www.c0t0d0s0.org/uploads/vscanclamav.pdf
And a very quick look at the Solaris 11 docs leaves me with the impression that
Vscan hasn't changed much since OpenSolaris. So it might take a bit more doc
reading and fiddling than the above, but probably not too much.
Haven't tried it myself,