Re: NOD32 Antivirus and OpenBSD?
On Mon, Oct 30, 2006 at 09:52:00PM -0800, smith wrote: > On Thu, 26 Oct 2006 23:28:41 -0400, STeve Andre' wrote > > On Thursday 26 October 2006 20:16, smith wrote: > > > > Some people like to run antivirus software on UNIX boxes to ensure > > > > they're not carriers for Windows viruses, etc. Personally, I > > > > think it should be the responsibility of the Windows users to secure > > > > their own machines rather than relying on the kindness of others. > > > > > > I second that. Why waste server resources and decrease server security, > > > when all Windows machines should be running their own antivirus software > > > to > > > begin with. > > > > Why? Because an OpenBSD system isn't subject to the possibility of being > > co-opted as a Windows machine can, thats why. > > > > Different perspectives are a good thing. > > If openbsd is running 3rd party software (clamav) it can. If OpenBSD isn't running third party software, we have no reason to assume it can't. As to clamav, my new mail server configuration might include a systrace'd version. But ClamAV isn't that dangerous once it is put in a chroot, and that is not hard to do. Joachim
Re: NOD32 Antivirus and OpenBSD?
On Thu, 26 Oct 2006 23:28:41 -0400, STeve Andre' wrote > On Thursday 26 October 2006 20:16, smith wrote: > > > Some people like to run antivirus software on UNIX boxes to ensure > > > they're not carriers for Windows viruses, etc. Personally, I > > > think it should be the responsibility of the Windows users to secure > > > their own machines rather than relying on the kindness of others. > > > > > > -Damian > > > > I second that. Why waste server resources and decrease server security, > > when all Windows machines should be running their own antivirus software to > > begin with. > > Why? Because an OpenBSD system isn't subject to the possibility of being > co-opted as a Windows machine can, thats why. > > Different perspectives are a good thing. > > --STeve Andre' If openbsd is running 3rd party software (clamav) it can.
Re: NOD32 Antivirus and OpenBSD?
On 10/30/06, smith <[EMAIL PROTECTED]> wrote: Put load on server? b = yes w = no *snicker* Protect a network from an infected laptop? b = no w = yes Pfff! At best I'd say "w = possibly yes" having seen various antivirus programs pop and say "i detected that i'm propagating this malware, but i'm not stopping it!" or "i just received this malware and i dropped the ball now i'm infected too!" -- GDB has a 'break' feature; why doesn't it have 'fix' too?
Re: NOD32 Antivirus and OpenBSD?
On Fri, 27 Oct 2006 08:53:00 -0400, stuartv wrote > > working on it). The reason we run AV at the border AND on the > inside boxes is quite simply that I have seen way too many times in > my carreer a virus be ignored by one AV package but caught by > another. Security is a must where I work and the added protection Good point. > Running anti-malware software on border machines, such as STMP > servers, proxies, etc. is an important countermeasure for network > wide infection. > > It's very much possible to have an outdated or undefended node in the > network but in border defense line, that's not the case. On a border server, I wouldn't recommend clamav or any antivirus software. Clamav has had many vulnerabilities and some of them remotely exploitable. And it's not just the antivirus software you have to keep up-to-date, but all the other software that is required to make it function, like the software that transports the email from the email server to the antivirus software and back again. b = clamav or any antivirus product that checks for viruses in email on some server w = any antivirus software that runs on the users' windows computer such as norton antivirus assume b and w are always updated. Protect email? b = yes w = yes Protect users from malicious websites? b = no w = yes Protect from infected media, like floppy, cd, dvd, or usb drive? b = no w = yes Put load on server? b = yes w = no Protect files that have managed to be distributed by any other means other than email? b = no w = yes Protect laptop users who take their laptops off the company site? b = no w = yes Protect a network from an infected laptop? b = no w = yes Protect users who use file-sharing programs like bittorrent or kazaa? b = no w = yes If b or w stopped working, would users still get their email? b = very possibly no w = very possibly yes With all the complexity that b needs in comparison to w, I'd rather just stick with w (kiss, keep it simple stupid). But you do bring up a good point, security in layers and one software doesn't catch everything.
Re: NOD32 Antivirus and OpenBSD?
Hello List, Guess I have to weigh in on this one. My shop runs ClamAV on the (OpenBSD) mail server and NOD32 on the win* file servers and desktops (yes I know an OpenBSD file server would be neat, I'm working on it). The reason we run AV at the border AND on the inside boxes is quite simply that I have seen way too many times in my carreer a virus be ignored by one AV package but caught by another. Security is a must where I work and the added protection (for free i might add) is a very small price to pay for a little bit more. Remember, Security is like onions lots of layers... stuart -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Berk D. Demir Sent: Friday, October 27, 2006 4:49 AM To: smith Cc: misc@openbsd.org Subject: Re: NOD32 Antivirus and OpenBSD? smith wrote: > > I second that. Why waste server resources and decrease server security, when > all Windows machines should be running their own antivirus software to begin with. > That's the difference between border defense and field defense. Running anti-malware software on border machines, such as STMP servers, proxies, etc. is an important countermeasure for network wide infection. It's very much possible to have an outdated or undefended node in the network but in border defense line, that's not the case. You shouldn't get this as "waste of resources". Security is a process and it's not cheap to achieve. Field defense (node is protecting itself) and border defense are complemental approach to so-called "self defending network" (Hello, Cizzz-coeee)
Re: NOD32 Antivirus and OpenBSD?
smith wrote: I second that. Why waste server resources and decrease server security, when all Windows machines should be running their own antivirus software to begin with. That's the difference between border defense and field defense. Running anti-malware software on border machines, such as STMP servers, proxies, etc. is an important countermeasure for network wide infection. It's very much possible to have an outdated or undefended node in the network but in border defense line, that's not the case. You shouldn't get this as "waste of resources". Security is a process and it's not cheap to achieve. Field defense (node is protecting itself) and border defense are complemental approach to so-called "self defending network" (Hello, Cizzz-coeee)
Re: NOD32 Antivirus and OpenBSD?
On Thursday 26 October 2006 20:16, smith wrote: > > Some people like to run antivirus software on UNIX boxes to ensure > > they're not carriers for Windows viruses, etc. Personally, I > > think it should be the responsibility of the Windows users to secure > > their own machines rather than relying on the kindness of others. > > > > -Damian > > I second that. Why waste server resources and decrease server security, > when all Windows machines should be running their own antivirus software to > begin with. Why? Because an OpenBSD system isn't subject to the possibility of being co-opted as a Windows machine can, thats why. Different perspectives are a good thing. --STeve Andre'
Re: NOD32 Antivirus and OpenBSD?
> Some people like to run antivirus software on UNIX boxes to ensure > they're not carriers for Windows viruses, etc. Personally, I > think it should be the responsibility of the Windows users to secure > their own machines rather than relying on the kindness of others. > > -Damian I second that. Why waste server resources and decrease server security, when all Windows machines should be running their own antivirus software to begin with.
Re: NOD32 Antivirus and OpenBSD?
Leonardo Rodrigues wrote: > with NOD32 and OpenBSD? Or another really good antivirus that I may > consider? Hello, I don't know how good it is, but f-prot has bsd version that used to work on openbsd. http://www.f-prot.com/support/helpfiles/unix/workstation/index.html May be you want to have a look at it. Kind regards, Didier
Re: NOD32 Antivirus and OpenBSD?
hmm, on Tue, Oct 24, 2006 at 02:41:11AM -0300, Leonardo Rodrigues said that > I'm thinking on purchasing this NOD32 anti-virus solution from > ESET.COM and use it here at work. I really want to use it with nod is a breeze to install and maintain, i've installed a couple of linux versions in the past. some 2-3 years ago they had an official openbsd version. 3.4 - 3.6-ish times if i remember correctly. but this is the niche of niche markets, i don't think they have sold a single copy, why maintain the codebase? quite possibly the linux and/or freebsd version would run nicely in binary emulation, but that is never recommended in production environment, losing support is not fun at all. -f -- sex is not the answer. sex is the question. "yes" is the answer.
Re: NOD32 Antivirus and OpenBSD?
On Wednesday 25 October 2006 15:22, edgarz wrote: > All free antiviruses sucks (except a clamav version for UNIX/BSD/Linux). > Virus signatures almost are outdated and don't know a lot of vires Detecting DOS boot sector viruses from the 1980's isn't all that important. It's not how many viruses you can detect that's important, it's what active viruses you detect and how fast that's important. > In corporate networs you should use commercial > software. ClamAV works great in a corporate network, especially for scanning email. --- Lars Hansson
Re: NOD32 Antivirus and OpenBSD?
All free antiviruses sucks (except a clamav version for UNIX/BSD/Linux). Virus signatures almost are outdated and don't know a lot of vires and you have no support for ir. In corporate networs you should use commercial software. For OpenBSD it might be Dr.Web, very good AV software :) Lars Hansson wrote: On Tuesday 24 October 2006 13:41, Leonardo Rodrigues wrote: Or another really good antivirus that I may consider? ClamAV works fine on OpenBSD and it's even in ports. --- Lars Hansson
Re: NOD32 Antivirus and OpenBSD?
On Tuesday 24 October 2006 13:41, Leonardo Rodrigues wrote: > Or another really good antivirus that I may > consider? > ClamAV works fine on OpenBSD and it's even in ports. --- Lars Hansson
Re: NOD32 Antivirus and OpenBSD?
> On 10/24/06, Leonardo Rodrigues <[EMAIL PROTECTED]> wrote: > >Hello everyone, > > > >I'm thinking on purchasing this NOD32 anti-virus solution from > >ESET.COM and use it here at work. I really want to use it with > >OpenBSD, since every other server machine runs OpenBSD as well. The > >problem is that eset.com claims that their product will run on Linux > >and FreeBSD, they say nothing about OpenBSD. I've heard rumors of > >NOD32 being also able to run on OpenBSD, but I *think* that was for > >earlier versions of NOD32. I'm not very fond of rumors, so I came here > >to ask your opinion about it. Does anyone here have any experience > >with NOD32 and OpenBSD? Or another really good antivirus that I may > >consider? > > > >Thanks in advance, > > > >Leonardo Rodrigues > >-- > >An OpenBSD user... and that's all you need to know =) On Tue, Oct 24, 2006 at 01:07:36AM -0500, Der Engel wrote: > lol? Some people like to run antivirus software on UNIX boxes to ensure they're not carriers for Windows viruses, etc. Personally, I think it should be the responsibility of the Windows users to secure their own machines rather than relying on the kindness of others. -Damian
Re: NOD32 Antivirus and OpenBSD?
On Tue, Oct 24, 2006 at 02:41:11AM -0300, Leonardo Rodrigues wrote: > Or another really good antivirus that I may > consider? You could try to check out avira's server tools: http://www.avira.com/en/products/index.html most of which seem to support OpenBSD. The Windows personal edition is quite popular, since it's free. Or, while digging through bsdtalk, I came across: http://bsdtalk.blogspot.com/2006/09/bsdtalk071-interview-with-einar-th.html where f-prot.com's antivirus tools were presented. Also running on OpenBSD. I think both have free or free trial versions. Cheers, Andreas
Re: NOD32 Antivirus and OpenBSD?
lol? On 10/24/06, Leonardo Rodrigues <[EMAIL PROTECTED]> wrote: Hello everyone, I'm thinking on purchasing this NOD32 anti-virus solution from ESET.COM and use it here at work. I really want to use it with OpenBSD, since every other server machine runs OpenBSD as well. The problem is that eset.com claims that their product will run on Linux and FreeBSD, they say nothing about OpenBSD. I've heard rumors of NOD32 being also able to run on OpenBSD, but I *think* that was for earlier versions of NOD32. I'm not very fond of rumors, so I came here to ask your opinion about it. Does anyone here have any experience with NOD32 and OpenBSD? Or another really good antivirus that I may consider? Thanks in advance, Leonardo Rodrigues -- An OpenBSD user... and that's all you need to know =)
NOD32 Antivirus and OpenBSD?
Hello everyone, I'm thinking on purchasing this NOD32 anti-virus solution from ESET.COM and use it here at work. I really want to use it with OpenBSD, since every other server machine runs OpenBSD as well. The problem is that eset.com claims that their product will run on Linux and FreeBSD, they say nothing about OpenBSD. I've heard rumors of NOD32 being also able to run on OpenBSD, but I *think* that was for earlier versions of NOD32. I'm not very fond of rumors, so I came here to ask your opinion about it. Does anyone here have any experience with NOD32 and OpenBSD? Or another really good antivirus that I may consider? Thanks in advance, Leonardo Rodrigues -- An OpenBSD user... and that's all you need to know =)