You are not logged in.

#1 2019-02-04 04:24:57

Bearded_Blunder
Dodging A Bullet
From: Seat: seat0; vc7
Registered: 2015-09-29
Posts: 730

Open Source AV is a nightmare

For MONTHS, ClamWin was flagging legitimate windows files (with valid Microsoft signatures) It finally stopped spamming my inbox over that, now it's started spamming me about more false-positives..

The irony? it's its OWN uninstaller it installed itself. & yes I've reported it, and just like the Windows files it'll do no good whatsoever. I'm facing months of spam, & since I'm now habituated to ignoring the alerts, I actually won't notice if a virus DOES creep in.  You'd think they might spot it flagging themselves as a virus though.


Blessed is he who expecteth nothing, for he shall not be disappointed...
If there's an obscure or silly way to break it, but you don't know what.. Just ask me

Offline

#2 2019-02-04 11:22:35

earlybird
ほやほや
Registered: 2015-12-16
Posts: 699
Website

Re: Open Source AV is a nightmare

Since the late Windows XP days my Windows install just has Security Essentials/now Windows Defender, straight from Microsoft. Why would you use a third-party product in 2019 if not for corporate auditors shoving stupid compliance requirements down your throat?

Offline

#3 2019-02-04 14:12:30

iMBeCil
WAAAT?
From: Edrychwch o'ch cwmpas
Registered: 2015-09-29
Posts: 641

Re: Open Source AV is a nightmare

Bearded_Blunder wrote:

...  You'd think they might spot it flagging themselves as a virus though.

But, but ... they correctly identified their software as a virus, since it does severely reduce performance, doesn't it? big_smile  big_smile

Seriously, long time ago, one of the reason I jumped to Linux was just this necessity of having an antivirus program - piece of software needed thanks to poor security design. And piece of software reducing the overall performance of normal computer to a crawl. And often highly bloated with self-ads, recommendations, and visually distracting pop-ups and ... oh, I don't want to remember those days anymore.


Postpone all your duties; if you die, you won't have to do them ..

Offline

#4 2019-02-04 15:10:03

S7.L
Member
Registered: 2018-09-16
Posts: 338

Re: Open Source AV is a nightmare

^ ha, same story for me, im pretty sure i spent around $500 or more on anti virus software back in the early 2000's. Biggest f,ing rort. Norton would really bog windows down, somedays i couldnt use it until "updates" had finished which would take a few hours in some cases. The early days of the net preyed upon people who had no idea. Still does now but atleast most are better informed.

Offline

#5 2019-02-04 23:29:34

Bearded_Blunder
Dodging A Bullet
From: Seat: seat0; vc7
Registered: 2015-09-29
Posts: 730

Re: Open Source AV is a nightmare

earlybird wrote:

Since the late Windows XP days my Windows install just has Security Essentials

Only on non-server editions is it that easy, there *is* an undocumented flag on the installer that can force it to install on Server versions, this configuration is unsupported & quite possibly in breach of the EULA.  When i did it anyway in Server 2008 on an AD Domain-Controller I soon afterward had a 6 GiB+ USN journal, & removing that isn't as harmless on an AD controller as on other installs. I've not tried since.  That's why I'd use something else.

iMBeCil wrote:

But, but ... they correctly identified their software as a virus, since it does severely reduce performance, doesn't it?

Actually not so much, apart from actual scheduled scans, which I've set to quiet times, it doesn't do realtime or on-access scanning, on the mailserver where it scans passing messages maybe some impact, even less there than when I tried the commercial Avast version.

Shifting the servery-stuff or most of it from Win 2012 to Debian, is on my to-do, it's one of those jobs where something else always seems to have priority, it's been on the list since Stretch released, maybe I'll get it done before Buster's replacement freezes ....


Blessed is he who expecteth nothing, for he shall not be disappointed...
If there's an obscure or silly way to break it, but you don't know what.. Just ask me

Offline

#6 2019-02-05 03:34:28

bigbenaugust
Member
From: unc.edu / the 919 / KIGX
Registered: 2017-05-20
Posts: 133

Re: Open Source AV is a nightmare

We use ClamAV (that ships with RHEL) to do some attachment scanning in a few webapps via its API, and some NFS storage scanning (yes, that's a compliance thing). No troubles as yet.

Did the MS policy about Windows Defender on Windows Server change? I had some Windows Server 2003/2008 machines at my previous job, and I used Windows Defender on all of them.


--Ben
BL / MX / Raspbian... and a whole bunch of RHEL boxes. :)

Offline

#7 2019-02-05 03:40:35

Bearded_Blunder
Dodging A Bullet
From: Seat: seat0; vc7
Registered: 2015-09-29
Posts: 730

Re: Open Source AV is a nightmare

Probably your previous employer just used that installer switch AFAIK it's never been officially supported by Microsoft but it's fairly common since the commercial options are silly money especially for someone who's merely a hobbyist with server installs rather than a commercial enterprise, & there's a whole slew of exclusions you need to set up on Domain Controllers with pretty much any AV, most of the commercial server editions have those set per default I think, took me ages with ClamWin & the appropriate KB article open.

Don't get me started on compliance issues I couldn't use Linux at my last place:

"BYOD policy' wrote:

Any personal device connected to the network must have current on-access anti-virus software installed.

Well clam/clam-tk won't cut it, not on-access couldn't use Sophos either X86_64 only & had 32 bit hardware at the time...

Last edited by Bearded_Blunder (2019-02-05 03:55:50)


Blessed is he who expecteth nothing, for he shall not be disappointed...
If there's an obscure or silly way to break it, but you don't know what.. Just ask me

Offline

Board footer

Powered by FluxBB