[clamav-users] Which anti-virus do you prefer on Linux desktop?

Fri Jan 2 00:55:13 UTC 2015

well, ClamAV != ClamAv, especially in context of a inbound mailserver 
where you want to get rid of phishing/fraud and mostly executeables 
inside archives *before* they are known to contain malware

http://sanesecurity.com/usage/signatures/

sadly ClamAV on Fedora can't unpack rar-archives and so you should 
consider reject them in general

[root at mail-gw:~]$ cat postfix/mime_header_checks.cf
# Reject Attachment Extensions
/^Content-(?:Disposition|Type):(?:.*?;)? \s*(?:file)?name \s* = 
\s*"?(.*?(\.|=2E)(386|acm|ade|adp|awx|ax|bas|bat|bin|cdf|chm|cmd|cnv|com|cpl|crt|csh|dll|dlo|drv|exe|hlp|hta|inf|ins|isp|jse|lnk|mde|mdt|mdw|msc|msi|msp|mst|nws|ocx|ops|pcd|pif|pl|prf|rar|reg|scf|scr|script|sct|sh|shb|shm|shs|so|sys|tlb|vb|vbe|vbs|vbx|vxd|wiz|wll|wpc|wsc|wsf|wsh))(?:\?=)?"?\s*(;|$)/x 
REJECT Attachment Blocked (Executables And RAR-Files Not Allowed) "$1"

Am 02.01.2015 um 01:57 schrieb Franklin Wang:
> Of course, it's wonderful to know more friends with the same hobby. But
> I wonder to know the answer about it for long. The virus db of clamav
> may be the same on the several types of platforms, but the commercial
> softwares maybe not. I copied a result of 'Day0 Summary' from
> shadowserver.org a few days ago, as following:
>
> vendor     detected     total     percent
> Avira (Windows)     164,659     185,034     88.9885
> Comodo (Windows)     115,889     136,109     85.1443
> Eset (Windows)     153,248     182,528     83.9586
> K7 (Windows)     153,676     185,244     82.9587
> Avast (Windows)     147,266     185,226     79.5061
> Avast (Linux)     135,715     170,938     79.3943
> Symantec (Windows)     141,871     182,075     77.9190
> Sunbelt (Windows)     144,019     185,080     77.8145
> Eset (Linux)     142,373     183,664     77.5182
> BitDefender (Linux)     136,308     179,849     75.7902
> BitDefender (Windows)     136,844     184,910     74.0057
> AVG (Windows)     125,048     170,394     73.3876
> Authentium (Windows)     133,643     185,109     72.1969
> Kaspersky (Windows)     104,849     145,413     72.1043
> Avira (Linux)     124,587     177,928     70.0210
> Authentium (Linux)     121,364     179,559     67.5900
> FProt (Windows)     123,574     183,055     67.5065
> Ikarus (Windows)     109,977     164,330     66.9245
> Ikarus (Linux)     110,824     179,525     61.7318
> FProt (Linux)     110,122     180,409     61.0402
> Fortinet (Windows)     102,059     172,655     59.1115
> Clam (Linux)     104,644     179,285     58.3674
> Clam (Windows)     77,253     137,575     56.1534
> McAfee (Windows)     100,531     180,003     55.8496
> Norman (Windows)     91,194     163,996     55.6075
> Lionic (Windows)     93,746     185,134     50.6368
> QuickHeal (Windows)     84,592     168,558     50.1857
> McAfee (Linux)     73,338     146,264     50.1408
> FSecure (Windows)     89,352     181,299     49.2843
> AVG (Linux)     89,843     183,814     48.8771
> QuickHeal (Linux)     84,423     175,364     48.1416
> Sophos (Linux)     66,169     138,320     47.8376
> Microsoft (Windows)     76,974     169,284     45.4703
> GData (Windows)     80,961     184,597     43.8582
> TrendMicro (Windows)     77,177     179,421     43.0145
> Sophos (Windows)     69,207     171,143     40.4381
> TrendMicro (Linux)     49,049     128,919     38.0464
> AhnLab (Windows)     59,945     176,238     34.0137
> Panda (Linux)     35,155     117,398     29.9451
> Norman (Linux)     26,108     128,670     20.2907
> FSecure (Linux)     37,175     184,466     20.1528

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/security/attachments/20150102/3cb2d785/attachment.sig>