New "AV" for Linux (actually been around a while)

**Cuddles** · 10-23-2004, 04:33 PM

I am currently looking at AVast Anti-virus software for Linux, it has been a "long standing" FREE to the home user, non-commercial user, anti-virus program for the Windows World for quite some time now... But, I was going to suggest to there marketers and programmers / developers, that if they could "port" that over to Linux, a large community may take to it pretty well...

Well, they appear to have beat me to the punch, on this one...

I have a forum topic started on there message boards on the "usability" and "functionality" of there AV software on a Linux OS - does it take into account specifics to Linux in its security, does it run "native" for Linux, or is it just a "Windows" AV that runs in Linux, kind of thing ( ? )

From what I gather, it appears the program is truely a "ported" Windows program, and not native to a Linux OS, and that it may only be available to a "hard drive install" of Linux ( since, what I am reading is, that you ( possibly ) download the source ( ? ) and have to compile it, not sure, I am trying to get answers on these things )

If things turn out, it may be that Linux will have another anti-virus program that can protect itself, and if the "terms and conditions" of there Windows version, holds true to there Linux version, as long as the program is run on a "non-commercial" computer, i.e. non-business, home user, it will be FREE if you register your version. What I remember in my Windows version was, this included unlimited upgrades, and signature downloads... Not sure on this one, but, you may be able to put the program on a bootable CD, for those who run a "Live CD" Linux...

Stay tuned, or check out the AVast site at
ALWIL / AVast anti-virus site

UPDATE:
It appears that the "company" thinks that anyone using Linux, must be using the OS for "server" purposes, and thus, the product carries a price tag with it. Depending on the amount of "mailboxes" the "server" is watching, lowest price tag is around $114 USD for 10 to 19 mailboxes, with a 1 year subscription / license.

The "company" hopes to release a "home" or "workstation" release, that may be in the "home user" market, i.e. free, but that is in the "works"... Also, what they offer, being that the program is based for a "server", it is only a "back-end" program, and currently doesnt offer a GUI, but rather, for those who are more "linux savy", the traditional CLI only, the GUI is also stated as "in the works"...

As I find out more, I will post
END UPDATE

**firebyrd10** · 10-23-2004, 05:20 PM

Yea, when I was downloading Avast for my windows machine I noticed that.

**Cuddles** · 10-23-2004, 05:41 PM

What gets me is that I am reading through the forum they have on the AVast 4 Linux / Unix threads, and most, if not all, the postings are from "single user" people / machines - not one of them mentions anything about running a "server" system, but, rather, a single user system. What they expect the "Linux" user to PAY, and a "Windows" user to get it for free ? ( rediculous

)

It also appears that since "Linux" doesnt use the extensions of file names as predominantly as in Windows, the "backgrounded scanning" they have, is getting bogged down, and add to this, that certain "areas" of a Linux hard drive install need to be "excluded" from scanning, or the system will crash due to infinate loop problems. ( Windows knows that .exe and .com files can be run, executed, and scanners can "tailor" there scanning to specific file "types", common thing for cutting corners in a full drive scan... Also, the /proc directory needs to be excluded, it is a common issue that it will inifnate loop and crash the system )

I am looking to see if that "price tag" for the program, can be "over looked" if the person "testifies" that they only run it in a "workstation" world, and probably only have a "single" mail box kinda thing... Its a nice program, and in Windows, it sure beat out the cost of McAfee and Nortorn, but, in the Linux world, if it costs $114 for it, it might not make it very well, considering that a lot of what is offered in Linux is FREE...

**firebyrd10** · 10-23-2004, 07:03 PM

Whats it for anyway? To keep a linux system virus free, or to keep the files on a linux system virus free so people don't download viruses.

**Cuddles** · 10-24-2004, 06:26 PM

From the threads that I have read in there forum, it is both. It has an "active" scanner, that checks "inbound" files and e-mail, for viri and trojans, which runs all the time, protecting for "future" attacks, and then it has the "on-demand" scanner, that can check if you have something already. The "engine" is the same, it is just directed to perform two tasks. The engine can be running all the time, as the "active" part, or it can be set to not run all the time, and just run when you want to "on-demand". It pretty much works like the Windows version, and just like the version I used in my Windows, except that it runs in a Linux OS.

The kicker is that it isnt as "powerful" as the Windows version, it doesnt have the "clean" internal to the scanner engine, like it does in the Windows version. If the scanner finds a viri or trojan file, you must then run a "cleaning" program to get rid of the infection, which is not a part of the "engine" program. Also, from what I have been reading, it does not "clean" Linux files very well, mostly due to the foreign nature of Linux files to those of Windows, and can simply tell you that the file is corrupt and will be deleted. E-mail scanning is even worse, if the scanner finds an infected e-mail, most of the time, it will not "quarinteen" the file, or attachment, but simply delete the e-mail, out-right. Though I have read that someone can setup some settings in the engine so that a message is sent to the person that the engine has found an e-mail that has been deleted. This message can be sent to either the person who was to receive the e-mail, or it can be directed to "send-back" to the sender...

As an update, it appears that the "Linux" product is for server only systems, they dont appear to be "open" too much to the idea that a "single home user" would ever use there product, and that the "license" for the Linux product is going to be a common. They also do not appear to be concerned about anyone who cant "pay" for there product, and the the forums they have do not seem to be interested in giving "noobie" posts, like mine, answers to questions on the product usability, or functionaility, of there product on a Linux system - my posted question has received no responses as of this time. Shame. I really thought the product was good in the Windows world, and if they had the same in Linux, it would have been a great product for Linux -=- So, I guess the whole "hoopla" on this new AV program for Linux, is a complete BUST... Sorry about that folks, I surely thought they had something going here...

Sorry to take excess bandwidth on this, and to have it go nowhere

**user unknown** · 10-24-2004, 06:47 PM

There is only a server-system mentioned, because for a linux-client-antivirus program, to protect linux itself, you need some linux-viruses first.

The program is meant to protect a linux-server, which serves windows-clients - a samba or mail-server or something.

**firebyrd10** · 10-24-2004, 06:52 PM

Originally Posted by Cuddles

From the threads that I have read in there forum, it is both. It has an "active" scanner, that checks "inbound" files and e-mail, for viri and trojans, which runs all the time, protecting for "future" attacks, and then it has the "on-demand" scanner, that can check if you have something already. The "engine" is the same, it is just directed to perform two tasks. The engine can be running all the time, as the "active" part, or it can be set to not run all the time, and just run when you want to "on-demand". It pretty much works like the Windows version, and just like the version I used in my Windows, except that it runs in a Linux OS.

The kicker is that it isnt as "powerful" as the Windows version, it doesnt have the "clean" internal to the scanner engine, like it does in the Windows version. If the scanner finds a viri or trojan file, you must then run a "cleaning" program to get rid of the infection, which is not a part of the "engine" program. Also, from what I have been reading, it does not "clean" Linux files very well, mostly due to the foreign nature of Linux files to those of Windows, and can simply tell you that the file is corrupt and will be deleted. E-mail scanning is even worse, if the scanner finds an infected e-mail, most of the time, it will not "quarinteen" the file, or attachment, but simply delete the e-mail, out-right. Though I have read that someone can setup some settings in the engine so that a message is sent to the person that the engine has found an e-mail that has been deleted. This message can be sent to either the person who was to receive the e-mail, or it can be directed to "send-back" to the sender...

As an update, it appears that the "Linux" product is for server only systems, they dont appear to be "open" too much to the idea that a "single home user" would ever use there product, and that the "license" for the Linux product is going to be a common. They also do not appear to be concerned about anyone who cant "pay" for there product, and the the forums they have do not seem to be interested in giving "noobie" posts, like mine, answers to questions on the product usability, or functionaility, of there product on a Linux system - my posted question has received no responses as of this time. Shame. I really thought the product was good in the Windows world, and if they had the same in Linux, it would have been a great product for Linux -=- So, I guess the whole "hoopla" on this new AV program for Linux, is a complete BUST... Sorry about that folks, I surely thought they had something going here...

Sorry to take excess bandwidth on this, and to have it go nowhere

The windows version doesn't clean files ether. It can make backups of the files to revert to if there is a problem, but no cleaning. Still, it works for me.

**Cuddles** · 10-24-2004, 07:30 PM

User Unknown - I think you are right, the threads that I read were based on "shares" within a network of "Windows" based systems, and in that situation, yes, they are right to not release the product as a "home user" solution. Some of the posts were basically about "how to protect a Windows shared space from a Linux system", and not how to protect a Linux system itself...

Firebyrd10 - I thought it worked pretty well for my Windows, and you cant beat the price, hence why I recommend it to people who run Windows...

I just thought they were getting into Linux as a user solution, shame really, cause they could have been another package on the "bandwagon", and given more options to people who choose to run a Linux OS. Currently, Linux is a "newbie" as far as attacks, and things made to attack, the system, but, as time goes on, and more and more people start using the OS, it will become a problem. Notarity, and more people running, the Linux OS, is going to bring those attackers to our doors, someday, and sitting back and saying that "we dont have attacks", is not going to keep us protected from them, they will come, sometime...

Reminds me of San Diego, Ca. -=- they had the gaul to say they dont have graffetti, or gang violence, nor were they ever going to be like there "neighboring" city; Los Angeles... They got it though. Right now, Linux is like that, in a way, saying that you dont have attacks, or security problems like Windows is one thing, but believing that you wont, is foolish. I am not just sitting back, and thinking that I am behind a "impeneterable" wall of security. I may be now, but, that isnt going to be that way forever, cracks and entrys are going to be found, and they will get in, someday, or sometime, and having something in place for when they do, is more of a "better way" of doing things; proactive instead of reactive.

**Cuddles** · 10-25-2004, 04:20 PM

UPDATE:
Just got a response from one of there moderators, and Linux users of there product, on the AVast Forum... It appears that they are working on a "workstation" release, one that would "possibly" be free to the "home" user. They are looking for a release date of this sometime near end-of-year. The workstation product will not only have the "back-end" CLI process, but also provide a GUI front-end, that would run in KDE / GNOME.

Also, it appears that this release, and the "server" release are not just "ports" from a Windows release, they have been designed by Linux users, with all the background of what Linux needs protecting, files, its file structure, etc... Even though, it appears that the server release is intended for protecting Windows machines through a Linux OS, they are protecting the Linux machine, as well...

So, possibly, by end of year, we may have another alternative to an anti-virus program for Linux. Which, if I know them right, if you run the Windows product, it may look and feel the same, even though it is running on a Linux machine.