clam tk

betty nicepenguin at webcanine.com
Wed May 5 06:33:35 MST 2010 

Craig White wrote:
> On Mon, 2010-05-03 at 07:52 -0700, betty wrote:
>   
>> well, no, of course i am not running anything complicated (surely you 
>> jest !) as you know my non-existent level of expertise. the primary 
>> reason why i got the program, and it is running fine (i guess, how would 
>> i know?) is that after 10 years of linux and never using a virus 
>> program, i got an email from a friend that was obviously a bad thing, 
>> didn't even open it of course, but nevertheless, it came into my 
>> mailbox. then after that, firefox started running weird. (maybe 
>> coincidence. so then i got concerned since i always hear buzz about even 
>> linux and mac are not immune blahblah blah.) so what the heck i 
>> installed it.
>>
>> anyway, now everything seems to work fine.
>> i'll be soooo interested in what the list says.
>>     
> ----
> When all you have is a hammer, everything tends to look like a nail.
>
> I noticed that as I acquired the skills/tools to minimize spam on my
> customers mail servers, some of them became paranoid that their mail
> server wasn't working because the spam in their inbox provided a bit of
> 'visual comfort' to them and when spam stopped showing up, they lost
> that indicator. That's sort of like logging all the dropped packets on a
> firewall (iptables?). It's not the packets that are blocked that you
> need to worry about.
>
> Clearly ClamAV is very useful on e-mail servers. But signature based
> pattern matching is incredibly inefficient and imprecise.
> http://en.wikipedia.org/wiki/Antivirus_software  -  pay attention to the
> section on 'Effectiveness'
>
> Probably the most significant issue is that the typical Windows or
> Macintosh user runs as super-user and even knowledgeable people can be
> tricked into executing malicious software. So Windows and Macintosh try
> to implement various methods of 'User Access Control' so people can
> still run as super-user and hopefully be afforded some protection - of
> course they know it doesn't actually work so well in real life...
> http://www.pcmag.com/article2/0,2817,2335122,00.asp (see the last
> paragraph on the first page).
>
> So if you aren't running a mail server or a file server for Windows
> users and it gives you some comfort to run ClamAV scanning, by all
> means, go for it. If the wasted computer cycles are significant enough
> to impair your ability to use the computer, then you probably have more
> problems with your computer than ClamAV.
>
> Recognize that as an AV scanner compared to Windows based virus scan
> software, ClamAV ranked rather poorly...
> http://en.wikipedia.org/wiki/Clam_AntiVirus
> see the section on 'Comparisons'
>
> If you really care about security on any OS - do not run as
> super-user... period, end of story.
>
> As for Firefox... the easiest way to make it run like crap is to install
> Adobe Reader and Adobe Flash. Jobs is right about one thing for sure -
> Flash sucks and HTML 5 is definitely going to be much better for
> everyone. I'm conveniently ignoring the fact that Apple is not the least
> bit interested in open source unless it sells more of their
> proprietary/closed source devices.
>
> Craig
>
>
>   
wow, Craig and LIsa, what nice and informative responses.  You should be 
instructors (then again, maybe you are). Thanks for the helpful responses.

More information about the PLUG-discuss mailing list