Slashdot Mirror
ClamAV Forced Upgrade Breaks Email Servers
An anonymous reader writes "A couple of weeks ago Sourcefire announced end-of-life for version 0.94 of its free ClamAV antivirus package (and in fact has been talking about it for six months). The method that Sourcefire chose to retire 0.94 was to shut down the server that provided its service. Those who had failed to upgrade are scrambling now. Many systems have no choice but to disable virus checking in order to continue to process email. I am very glad I saw the announcement last week!"
Enough with this nonsense, we're all enabling Microsoft to produce sub-par, insecure, unstable and easily corrupted products.
It may not have occurred to you that some of us only do IT for out organizations part time, and visiting the blogs of every single open-source component on our servers is not always practical.
All our workstations have client antivirus protection, so monitoring the status of this particular component was a low-priority. Little did I know that they intended to huck a grenade into my mail configuration. Thus I spent three hours in the middle of the night feverishly trying to fix our mailserver after a panicked call from my bosses.
ClamAV could have simply become impotent and started filling my log files with warnings about upgrading. But they didn't stop there, they basically sabotaged my whole mail configuration. Yes, SABOTAGED.
I have to worry about hackers, spam-ham tweaking, DNS bugs, user help desk. And now you want to give me a lecture about not keeping my server-side virus up-to-date? Up yours!
I'll be looking for an alternative to ClamAV in the very near future.
Let me say one last thing to those of you telling the rest of us what lousy sysadmins we are.
This is no different than responding to some poor schmuck who had his system broken into and ransacked by mafia hackers by shaking your head and saying: "Well, it's his fault for not being proactive enough about security."
Maintaining systems is not an easy task, it's a multi-level approach combining security, usability, upgrades, and your budget. The question with security is always, "How paranoid am I going to be?" And you then have to balance usability, your time and the budget against how unlikely it will be that someone can figure out how (and be bothered) to crack your RSA certificate.
Likewise, I have to balance my time and budget against how important I feel certain components are. For an organization that has workstation AV and a lot of technology expansion demands this year, monitoring ClamAV was not at the top of my priority list.
So yeah, you can tell me this is my fault, but I doubt very much the last time someone told you that their car got stolen you simply turned up your nose at them and said it was their own fault and that they were an idiot for not buying a better alarm system.
these people are when it comes to understanding how the business software world works. Cutting off support from a software package released 1 year ago? Are you retarded? If a vendor dropped support 2 years into the lifetime of a major software package release we deploy company-wide, we would drop said vendor immideately. 3 year long support is the bare, absolute minimum that is required for a software package for a vendor to get to the table with us. 5+ years and now we are talking.
The only possible sane rationale I can come up with is that ClamAV developers have absolutel no intention whatsoever to aim at anyone besides the hobbyist tinkerer home user segment, because that's the only area where such vendor behaviour can be tolerated and accepted.
I'm busy because I'm the only IT guy in our organization
I know what you're talking about.
After I got a full time job doing admin/helpdesk work for a larger company with a more proper (though terribly underpaid) IT Dept., I learned that not only is cutting corners hazardous (because it makes you look bad), it often eats up more cash, via your time, than just buying whatever the fully supported and proper solution is for what you need.
If you're flying solo in systems administration, and your boss says, "We need on our network/server/desktop," and you find a couple of products that do what you need, get the cost of closed source product A with a support contract and open source product B's support contract, particularly if said product's failure interrupts line of business, and present them as options to your boss and as the cost thereof.
Having someone to call in the event of a nightmare that knows more about a product than you ever will is quite the life and time saver. Furthermore, assuming that you being on your own for this business is indicative of the amount of equipment you're responsible for, paying even $5k for support contracts annually or even less often is a hell of a lot cheaper than you troubleshooting problems on your own or hiring a second admin or a contractor to fix what you can't or don't have the time for.
Lastly, get yourself a sales rep with an ISV. Personally, I've used PC Connection and Insight, and even though I go to Newegg for my personal purchases, having someone you literally call to ask about products and price quotes is a godsend. It's rather beneficial to have a relationship with a good sales rep, even if you only call them once or twice a year. That ability to pick up the phone, say, "My boss wants me to do X, what do you guys have that'll get X done, and what's the cost/feature difference between the varying products?" and get a comprehensive answer immediately or in a few hours via email while you're doing other work sure beats the hell out of researching it for hours or days, coming up with the same or inferior answer, and having to bill the company for hours where it looks like you've gotten nothing done.
Solo administration isn't always necessarily about what you can do or how much administration knowledge or experience you have---though if you've got no idea how to set up a basic Windows SBS you might want to consider classes or a career change---it's really more about the resources you can exploit to get the job done as quickly, efficiently, and most importantly as correctly as possible.
And remember, if you tell your boss how much something costs, you explain why, and he tells you to GTFO, then just do it. It's not worth your time, and ironically, it's generally not worth the company's time either. The only person who'll give him a lower price quote is someone who's going to struggle with things as much as you will without taking advantage of the things he could and should to get the job done.
Boot Windows, Linux, and ESX over the network for free.
Maybe this is why people are migrating to Ubuntu because of Debian's get-off-my-lawn-ness?