Avast WEBforum
Business Products => Avast Business => Avast Business for Linux => Topic started by: tumic on February 06, 2014, 01:10:39 PM
-
Good news, everyone!
avast! is proud to introduce you the new linux server product line for 2014:
avast
The avast package provides the core scanner component and a command line scan utility. It can be used for on demand scanning or mail server integration using amavis.
New since previous version:
- Avast 8 engine
- Native x86_64 support
- Differential VPS updates
avast-proxy
The avast-proxy package provides a transparent network traffic filtering proxy designed for gateway/router usage. Using avast-proxy, you can scan a whole computer network traffic from a single machine including secured connections!
Core features:
- HTTP, IMAP and POP3 protocol support
- Support for secured connections (uses certificate resigning)
- High performance - designed for typical LAN usage
- Well tested - daily used by almost a milion avast! for Mac users
avast-fss
The avast-fss package provides a fanotify based „on write“ filesystem shield designed for fileserver usage.
The typical target field for avast-fss are SMB/NFS file servers.
Core features:
- High performance design
- Multicore support
Download
DEB repository:
http://deb.avast.com/lin/repo (http://deb.avast.com/lin/repo)
RPM repository (RHEL):
http://rpm.avast.com/lin/repo/dists/rhel/release (http://rpm.avast.com/lin/repo/dists/rhel/release)
RPM repository (SUSE):
http://rpm.avast.com/lin/repo/dists/suse/release (http://rpm.avast.com/lin/repo/dists/suse/release)
PGP public key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQENBFMoeIMBCACnCOmAfky/Mla7p2VpDrPtCWdjsMQm+Frf9fVRcgNvZYzexrGv
Qun7tDgCELyAYmElYg/45YeqRT+l5fxpVwG0Unz7jYnHWxt16ojZL2eKI85QDkox
2UUdEkYq8ruECirpg+IUenrO0UQpZKqgx+IYgYQfWrh0cbrKziO0/GCEGpwnI0Iu
lh283mD/AvxY3DyvBjNFk1en1zFFJV5Df4ppZF1vWkIVbv23VDXyooLYNSXk1yJ/
zXLF50p3ex4tdlkGV6ce64iShlO2yfp/36vCyBVsCL8Y4dEeSQZu+4bPkVmyUV75
Qmtlb0EDOqdC8MEImGd/s2uoJP1HFl1SUKKvABEBAAG0OkF2YXN0IFNvZnR3YXJl
IHMuci5vLiAoUmVsZWFzZSBFbmdpbmVlcmluZykgPHJlQGF2YXN0LmNvbT6JATgE
EwECACIFAlMoeIMCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEJHuE/BX
Ty17OhAIAKA/vGSTWvT1Bm049fwNudWXxBc3l97meqa0DVTv2TzCOiK3W5w/CKUQ
RaTXYHpak6lbRMeRu8kShvlKBJ15CsoKUSz0zTgrwxmDhiYBcsafh0R81+51jElI
YxAZfBkKZtI4RJxXFpbOVVe9AeOnMgTdFreNK/E0tjZQStNUKl1W7kDPV3W3eVbY
JAdUbBHBvqvkBHZ90B0kgeOofHZ2z1GQCCc1ClxSw2n0WDFlQ96cfSL8YeHb1bbF
P+hMW1V1L6lgN7VdpfhsOdGhzPb9VCU4K/pGzSSNeg1ksVCH2bm+7Y8AoX2BSVDT
5UbYbrt9AdDES9nuKSmFrqgbtdxZJO65AQ0EUyh4gwEIANI4a5lOnaA/mRySIIIm
JMovZJzH5muO0ao7D3SiWtyT7DSPo6LzO3eLnC0AjZ+dT14kVKiekRNMD/3cSPNP
2ulbeTe00RbmaCz30w+vWWdt2IWKGB8whvkUh/4dzbY49FHek0+WkaLJRD1UIUE5
13ICmU6m7xeMv64tN3cWwuEYjQoJLRQezR1u0GU+0MSDv3J813WwZbxU5XYX71hO
2G/CD9utu4eUl0MpPBv5x9e1sPjUET6e0xS7RmRzk4mxBAiUtIT2RcOELghPj1q7
oNBuaUkeHhx5aebokJKxzekto8fpjRo7OGlVe/QlZxL1UD+QxyVPfVNpVyOUHvYI
qzsAEQEAAYkBHwQYAQIACQUCUyh4gwIbDAAKCRCR7hPwV08te0RCB/9vF538ooRD
bgRBBN5mviKxuxFnrEQYsPpZvmEsHvS6RSQfPvmVF3z4HUoKHWFsqRbhaJCRVWbm
fl8X8DOezAVR734MYaicj+NzVdKAKWu+a5TJ5XxVG2mSY+a0PK3FkF4cSH2fgmxq
q/NiYFVY2SZpwEOg+zkYF8m1+DoxSpeJ7wapPcFhgIt5YS6Bego6AM1Ork2yTXY7
95ZMFyFjT9XJJUo9BG4NMnzVxsgMhJ6g1zGKtsoVrPgxmyJ5KHA+Hr5BvkESuXQw
mQp5EeiKUqxAWe7wbk59oSKUNYAJen/X3jCCYaXqN1vEX5E6kcZO2O6e2II32ecP
r4XP+TMQpz3L
=nuBs
-----END PGP PUBLIC KEY BLOCK-----
Trial license
You can obtain a one month trial license on the product page at http://www.avast.com/linux-server-antivirus (http://www.avast.com/linux-server-antivirus).
-
rpm for avast-fss?
-
Packages:
avast-fss_1.0.0-1_amd64.debbeta
On Intel fss will be not work?
-
Packages:
avast-fss_1.0.0-1_amd64.debbeta
On Intel fss will be not work?
It should work.
-
What is "fanotify"?
-
What is "fanotify"?
See: http://en.wikipedia.org/wiki/Linux_kernel_API
-
rpm for avast-fss?
The RPM package is build and tested on CentOS (RHEL) 6 which comes with kernel 2.6.32 and has therefore no fanotify support.
-
Packages:
avast-fss_1.0.0-1_amd64.debbeta
On Intel fss will be not work?
x86_64 and amd64 are the same architectures. The difference is only the package naming convention on Debian/RHEL.
In other words, both packages will work on AMD and Intel CPUs.
Note: In the final release, there will be also packages for the i386 architecture.
-
I just wanted to shine some light for you guys on AMD64. AMD64 is software extensions that allow 64 bit code to run on 32 bit processors. So, in x86 architecture, there are no 64 bit AMD CPUs, and there are no 64 bit Intel CPUs. Intel EMT64 is the AMD64 code relicensed to Intel, so they may also run 64 bit code on their 32 bit processor. They are exactly the same. The only 64 bit CPU is the Intel Itanic, but it is not x86 architecture.Sincerely,
J.R. "AutoSandbox Guy" Guthrie
"At this point in time, the Internet should be regarded as an Enemy Weapons System!"
-
The only 64 bit CPU is the Intel Itanic, but it is not x86 architecture.Sincerely,
Do you mean Intel Itanium :)
-
@tumic: It is possible to collaborate with team from here (https://www.rfxn.com/projects/linux-malware-detect/) to share malware definition for linux?
-
Hello,
It's nice to see Avast for Linux finally updated, even in Command Line Interface.
But please could you explain how to use it ? Where to save the license.txt file, how to activate it ?
How to scan the computer / a specific folder ? How to update the virus definitions ?
Even with the "man" help pages, I don't understand.
If I run : scan -v
I get the answer : 40707
With : scan -V
connect(): /var/run/avast/scan.sock: No such file or directory
I've downloaded and installed the deb of avast core scanner only.
Thanks ! :)
-
Hello,
It's nice to see Avast for Linux finally updated, even in Command Line Interface.
But please could you explain how to use it ? Where to save the license.txt file, how to activate it ?
How to scan the computer / a specific folder ? How to update the virus definitions ?
Even with the "man" help pages, I don't understand.
If I run : scan -v
I get the answer : 40707
With : scan -V
connect(): /var/run/avast/scan.sock: No such file or directory
I've downloaded and installed the deb of avast core scanner only.
Thanks ! :)
The license must be located at /etc/avast/license.avastlic, its printed
into the console when you install the deb/rpm package. Additionally you can
find this info in the README file at /usr/share/doc/avast/.
The reason why retrieving the VPS version (scan -V) does not work is most
probably that the avast scan service is not running because it can not find the license
file. See the system log file (avast uses syslog) for details.
-
As I understand after release of commercial avast 2014 for Linux will be killed freeware version of avast for linux? Or no?
-
@tumic: It is possible to collaborate with team from here (https://www.rfxn.com/projects/linux-malware-detect/) to share malware definition for linux?
I have no idea how that project works, but If all you need are MD5 hashes of infected files, than you can scan a file using avast and compute the file's hash using md5sum, if the file is reported as infected.
-
Hello,
It's nice to see Avast for Linux finally updated, even in Command Line Interface.
But please could you explain how to use it ? Where to save the license.txt file, how to activate it ?
How to scan the computer / a specific folder ? How to update the virus definitions ?
Even with the "man" help pages, I don't understand.
If I run : scan -v
I get the answer : 40707
With : scan -V
connect(): /var/run/avast/scan.sock: No such file or directory
I've downloaded and installed the deb of avast core scanner only.
Thanks ! :)
I think you may need to rename license.avastlic.txt to just license.avastlic before copying across to /etc/avast as tumic advised above. That is the name the avast.conf file seems to be looking for.
Also reboot. That got avast running for me, and scanning now seems to work.
-
Also, will that also kill avast! version 4 updates?
Sincerely,
J.R. "AutoSandbox Guy" Guthrie
"At this point in time, the Internet should be regarded as an Enemy Weapons System!"
-
@tumic: It is possible to collaborate with team from here (https://www.rfxn.com/projects/linux-malware-detect/) to share malware definition for linux?
I have no idea how that project works, but If all you need are MD5 hashes of infected files, than you can scan a file using avast and compute the file's hash using md5sum, if the file is reported as infected.
It's one of best malware/rootkit detector for linux. I think avast can benefit from md5 hashes from that project, it will improve detection rate.
-
Also, will that also kill avast! version 4 updates?
avast! version 4 VPS will be available until there are any avast! products using it, including windows products.
At the moment there are still such products, but the maintenance is very limited. So the new linux products are
not the final nail in the VPS 4 coffin, but a very significant one.
-
Really optimistic about this program. Couple of questions and points.
- Does the command line version running in debian detect web based threats? Does it use the same database for scanning say blocked urls?
- How is updating of the signature database accomplished
- Should Avast detect the Eicar signture within the body of an HTML file? Is there a signature I could use to test scanning of HTML files?
-
Hello,
3. http://www.amtso.org/
Milos
-
I doubt I could test a 'beta' release of a Server Edition of Avast.
1.) I don't use a Server running Linux.
2.) I would most certainly break the package structure specific to my Linux DE
Hoping the difference between a 'Server', and DE is clearer. ;)
-
I have some errors using scan on centos linux:
[root@web ~]# scan /var/www/
scan: /var/www/atmail/users/tmp: Permission denied
Same errors on /home:
[root@web ~]# scan /home/
scan: /home/claudiuc: Permission denied
Seems like there are some permission problems, if I add avast user to root group is working ok.
-
I have some errors using scan on centos linux:
[root@web ~]# scan /var/www/
scan: /var/www/atmail/users/tmp: Permission denied
Same errors on /home:
[root@web ~]# scan /home/
scan: /home/claudiuc: Permission denied
Seems like there are some permission problems, if I add avast user to root group is working ok.
By default, the scan service is running under the avast user as running under root
is not required (and not wanted) for the mailserver and network proxy use case. If
you need avast running under root, for example for the fileserver shield usage*, you
can change it by creating the file /etc/default/avast with the following content:
AVAST_USER=root
AVAST_GROUP=root
* This is done automatically, when the avast-fss package is installed.
-
@tumic:
I'm using avast as a daily scanner for malware on a shared web hosting server, based on RedHat, so is not possible to use avast-fss.
Anyway is not a bug, so thanks for hint about /etc/default/avast options.
Another question, can we get some detailed reports from scan process (like number of files scanned, number of infected files, etc)?
And it is possible to add a remove/quarantine option to scan process?
-
@tumic:
do you mean "/etc/sysconfig/avast" ?
-
@tumic:
do you mean "/etc/sysconfig/avast" ?
No, I really mean /etc/default/avast. If the file does not exist, then simply create it.
-
Another question, can we get some detailed reports from scan process (like number of files scanned, number of infected files, etc)?
You can use the "-a" switch, redirect the output to a file and get any statistics you want. e.g.:
scan -a /dir/to/scan > /tmp/scan.log
# number of files scanned
cat /tmp/scan.log | wc -l
# number of infected files
grep -v '[OK]' /tmp/scan.log | wc -l
And it is possible to add a remove/quarantine option to scan process?
The same as above. Just use some trivial shell script to do this. e.g.
scan /dir/to/scan | cut -f 1 | { while read file; do mv $file /chest/dir; done }
-
@tumic:
do you mean "/etc/sysconfig/avast" ?
No, I really mean /etc/default/avast. If the file does not exist, then simply create it.
# /etc/init.d/avast
# Copyright(c) 2013 AVAST Software
EXEC="/bin/avast"
SYSCONFIG="/etc/sysconfig/avast"
RUNDIR="/var/run/avast"
PIDFILE="$RUNDIR/avast.pid"
PROG=`basename $EXEC`
# Include defaults if available
[ -r "$SYSCONFIG" ] && . "$SYSCONFIG"
if [ -z "$AVAST_USER" ]; then
AVAST_USER='avast'
fi
if [ -z "$AVAST_GROUP" ]; then
AVAST_GROUP='avast'
fi
-
Bug on update, crontab is not updated ok (rpm -Uvh avast-1.0.5-1.x86_64.rpm)
### Begin: avast of crontab entry ###
# Do not add anything between '### Begin: avast ...' and '### End: avast ...' lines.
# anything in between these lines will be removed when 'avast' package is removed.
0 */6 * * * /var/lib/avast/Setup/avast.vpsupdate >>/var/log/avast/vpsupdate.log 2>&1
### End: avast of crontab entry ###
### Begin: avast of crontab entry ###
# Do not add anything between '### Begin: avast ...' and '### End: avast ...' lines.
# anything in between these lines will be removed when 'avast' package is removed.
0 * * * * /var/lib/avast/Setup/avast.vpsupdate 2>&1 | logger -t avast.vpsupdate -i -p daemon.warn
### End: avast of crontab entry ###
-
One more error:
/var/lib/avast/Setup/avast.vpsupdate
Connecting to repository http://download.ff.avast.com/lin/x86_64/vps
VPS is up to date.
Can't send all submit files
-
@tumic:
do you mean "/etc/sysconfig/avast" ?
No, I really mean /etc/default/avast. If the file does not exist, then simply create it.
# /etc/init.d/avast
# Copyright(c) 2013 AVAST Software
EXEC="/bin/avast"
SYSCONFIG="/etc/sysconfig/avast"
RUNDIR="/var/run/avast"
PIDFILE="$RUNDIR/avast.pid"
PROG=`basename $EXEC`
# Include defaults if available
[ -r "$SYSCONFIG" ] && . "$SYSCONFIG"
if [ -z "$AVAST_USER" ]; then
AVAST_USER='avast'
fi
if [ -z "$AVAST_GROUP" ]; then
AVAST_GROUP='avast'
fi
Sorry, I thought you were using the deb package. On RHEL (rpm) it is really /etc/sysconfig/avast, not /etc/default/avast.
-
One more error:
/var/lib/avast/Setup/avast.vpsupdate
Connecting to repository http://download.ff.avast.com/lin/x86_64/vps
VPS is up to date.
Can't send all submit files
Already known issue, will be fixed in next update.
-
Bug on update, crontab is not updated ok (rpm -Uvh avast-1.0.5-1.x86_64.rpm)
### Begin: avast of crontab entry ###
# Do not add anything between '### Begin: avast ...' and '### End: avast ...' lines.
# anything in between these lines will be removed when 'avast' package is removed.
0 */6 * * * /var/lib/avast/Setup/avast.vpsupdate >>/var/log/avast/vpsupdate.log 2>&1
### End: avast of crontab entry ###
### Begin: avast of crontab entry ###
# Do not add anything between '### Begin: avast ...' and '### End: avast ...' lines.
# anything in between these lines will be removed when 'avast' package is removed.
0 * * * * /var/lib/avast/Setup/avast.vpsupdate 2>&1 | logger -t avast.vpsupdate -i -p daemon.warn
### End: avast of crontab entry ###
I will have a look at it.
-
One more error:
/var/lib/avast/Setup/avast.vpsupdate
Connecting to repository http://download.ff.avast.com/lin/x86_64/vps
VPS is up to date.
Can't send all submit files
Already known issue, will be fixed in next update.
Any way to submit FP or undetected malware files directly from linux?
-
Any way to submit FP or undetected malware files directly from linux?
Technically, you can use the submit tool (/var/lib/avastSetup/submit) that is internally used
by avast when sending the statistics/heuristics submits manually, but it is not something we
expect the users will be doing...
-
Any way to submit FP or undetected malware files directly from linux?
Technically, you can use the submit tool (/var/lib/avastSetup/submit) that is internally used
by avast when sending the statistics/heuristics submits manually, but it is not something we
expect the users will be doing...
Linux admins that will use avast will prefer to have such a tool :) We can improve a lot detection rate on linux by giving users possibility to manual submit suspected files (or files detected by other antivirus/antimalware programs and not detected by avast under linux)
-
I have RC3 installed and licensed on my home Unbuntu server. I really want to test/try this before the license expires at the end of the month but I can not find any documentation. Can you please point me to a guide of some sort to get started?
Thanks.
BTW - I am a happy uses of Avast products on Windows, Android, and Linux desktop computers. I hope this will be the answer for my net facing media server (yes, I am paranoid ;D ).
-
Can you please point me to a guide of some sort to get started?
Currently the documentation comes with the packages and is accessible in form of text files and manual pages after installation. Just add repositories from the OP and install avast just like other programs - using package manager for your distro (e.g. yum for Red Hat and apt for Debian).
After the installation manual pages are normally installed on your system, just run 'man avast', 'man avast-proxy' or 'man avast-fss' on command line.
-
After a VPS update, the old definitions appear to remain in /var/lib/avast/defs. Is this necessary? I removed the old definitions and scan worked fine. Seems like avast.setup could easily be changed to delete the old definitions.
Other than that, everything is working on Xubuntu 13.10 amd64. Scans seem faster than with avast4workstation_1.3.0-2.
-
After a VPS update, the old definitions appear to remain in /var/lib/avast/defs. Is this necessary? I removed the old definitions and scan worked fine. Seems like avast.setup could easily be changed to delete the old definitions.
If the avast service is running, than the old definitions are deleted on update. However, when the service is
stopped and the VPS updates are still active (i.e. the cron job is still running), then the old definitions remain
in /var/lib/avast/defs (but can be removed manually as you did). It's a bug, that will be fixed in the next version.
-
Possible bug:
When the scan command contains a "-e" exclude option for a file or directory that does not exist, the scan stops. I suggest it should ignore and carry on.
-
License
A license suitable for all three products valid until end of march 2014 is attached to this post. You can use it without any restrictions for testing the products.
Is there a new valid license after 2014/01/01 ? Where can I found prices for different versions ?
-
Is there a new valid license after 2014/01/01 ? Where can I found prices for different versions ?
According to sales/marketing, the products shall be available to buy on monday. Additionally, we
have updated the "trial" license here, so it is valid until end of April.
-
Hi Tumic,
Is a .tgz package planned ?
Regards.
ShelbyGT500
-
Is a .tgz package planned ?
No.
-
Hi,
No.
Thanks for the anwer.
Regards.
-
Hi.
Can I use this antivirus on my home computer with Fedora?
I used to use the avast! Linux Home Edition.
Is it free? :)
-
Can I use this antivirus on my home computer with Fedora?
The RHEL/CentOS "avast" rpm package also works on Fedora.
Is it free? :)
No.
-
Hi,
referring to http://www.avast.com/eula
is this Avast! for Linux a "consumer" or "corporate" product? Or does it have some other EULA? Thanks.
-
The License is part of every package, so the most accurate answer is - download the package
and read the license. It should be the consumer/corporate license (they are IMHO the same,
except the subtitle...)
-
The License is part of every package, so the most accurate answer is - download the package
and read the license. It should be the consumer/corporate license (they are IMHO the same,
except the subtitle...)
You are right, I found the EULA in /usr/share/doc/avast/LICENSE thanks.
And... yes, they all look (mostly) the same. ;D