Slashdot Mirror
Anti-Viral Software Recommendations?
Kris_J asks: "My InoculateIT Personal Edition anti-virus scanner will no longer be updated from around mid-March. I've really enjoyed this package, particularly the price (it's free for personal use). The company is complaining that so many new ways are being found for virii/worms/trojans to spread that they can't afford to keep the personal edition updated. Whatever. Does anyone have a recommendation for either a particular anti-virus package/bundle, or a good place for trusted, independant, reviews of anti-virus software, or even products to avoid. (If Zonealarm Pro was bundled with an anti-virus option I'd just get that.)" For those of you who have to deal with operating systems where viruses are a problem, what software do you use to detect them and weed them out? How about software that will scan your entire network?
I have heard ver nice things about GriSoft.
This is a great product. It includes Norton's AntiVirus product (much better than McAfee, in my experience), as well as their 'software' firewall product (based on AtGuard). It also can block web ads in your browser. Very nice product, lots of features, and well worth the price.
At work, we use Sophos for Windows 2000 and 98 workstations. Antigen for Exchange 2000 (which utilises McAfee & Sophos engines in our config, but there are more). Norton with wrapper for Mailsweeper. Personally, I use Sophos on my Win2k workstation. It is constantly updated, and the support from Sophos is great. Plus it's a UK company ;) so I'm biased!
Im personally using Mcafee, mainly because i have good experiences with it from work where we have it running both on all windows clients and linux file servers. And if you aren't behind a "real" firewall it does come with McAfee firewall included, which i haven't actually tried myself. I think there is a trial version but im not sure. And if you like all kinds of other crap^H^H^H^Hutilities then you can get it from McAfee as well.
An alternative i have heard some good things about though is Panda antivirus. One of the good things is that you can get an evalution version so you can try it before shelling out the money.
Another one i haven't seen mentioned on here, and that i actually own but havent tried (came with my motherboard) is PC-cillin. This one allows you to download an evaluation version as well.
I could mention a few others, but they have already been mentioned by others... (Norton antivirus for instance)
I recommend Grisoft's AVG. It's doesn't seem to slow my XP at all. In comparison I installed Norton and my machine slowed to a crawl. It checks all email and can be intergrated into the shell making it very easy to scan files. I download sharware and other programs a lot so I need to scan them. You can download updates regularly also. I has so far found a couple infected files and let me delete them safely.
Scanning for and removing mail viruses should be handled by your mail gateway (as well as your desktops for the following reasons).
1) This way viruses are removed from your network at first opportunity
2) You can bounce messages and let the sender / recipient / admin know the sender has a potential virus problem
3) One server is easier to maintain than a few hundred desktops
3) 2 layers provide more protection than one
4) Why waste resources getting virus laden enail to desktops? A mail gateway provides a convenient choke point to get this stuff out of your network ASAP.
With that in mind here's a guide I wrote for my employer for doing so at clients, using Red Hat Linux, Postfix, and Sophos MailMonitor.
In the setup outlined below,
1) Postfix accepts incoming mails on port 25 and leads them to a content_filter.
2) The content_filter is Sophos MailMonitor, which takes over the mails on port 10025. After the mails have been scanned, they are placed back to postfix on port 10026.
3) Finally postfix delivers the mails.
Anyway, you should be able to read the guide at my rather unfinished website in a short while. If it isn't there yet, it will be soon.