Resident protection over Linux

[Lisandro]

Why does other antivirus give us on-access protection and avast can't?

AVIRA Desktop for Unix
Description: AVIRA Desktop for Unix is an anti-virus perfect solution developed by AVIRA GmbH for your Unix platforms, which is able to completely identify unwanted software, oferring you the possibility to isolate or repair infected files, thus keeping your computer absolutely safe and clean. It is comprised of a resident (on-access) scanner, the Automatic Internet Updater, and a command line scanner.
Version: 1.0 Filesize: 2.57 MB

[Culpeper]

It's not needed on Linux.  There is only about 3 or 4 Linux viruses and those have been contained and are not in the wild and are virtually harmless due to the security built into the Linux kernel.  The on-access scanner just scans for Windows viruses.  Even an on-demand scanner is basically only looking for Windows virus.  Linux simply doesn't have a problem with virus.  You really don't even need a Linux virus scanner except for email.  That is why I requested the piping script for Linux Kmail so Avast can scan incoming email.  It takes a little getting used to after using Windows for such a long time.  After you use Linux for a while you will begin to really appreciate the security nightmare Windows has provided to the world.

[Lisandro]

It's not needed on Linux.
It takes a little getting used to after using Windows for such a long time.  After you use Linux for a while you will begin to really appreciate the security nightmare Windows has provided to the world.

Maybe just Windows user paranoia? 

That is why I requested the piping script for Linux Kmail so Avast can scan incoming email.

And then, can you help me to set Kmail for it? Thanks.

[pk]

Tech, avast for Linux/Unix uses the kernel module called Dazuko for resident protection - it's a GPL module which is also used by other av products than only in avast. Also, VB 100% for Linux platform doesnt award av products without on-access protection.

[Lisandro]

Tech, avast for Linux/Unix uses the kernel module called Dazuko for resident protection - it's a GPL module which is also used by other av products than only in avast. Also, VB 100% for Linux platform doesnt award av products without on-access protection.

How do I activate the module Dazuko? Linux does not run it in background, as resident... so?
Sorry if the question is stupid... learning Linux is harder than Windows 

[Dublin]

On-access scanner isn't available in avast! Linux Home Edition.
Maybe in a future.

[Lisandro]

On-access scanner isn't available in avast! Linux Home Edition.
Maybe in a future.

Thanks dublin.
I suppose it won't be ready for the 1st March release  :'( (http://forum.avast.com/index.php?topic=18828.msg164946#msg164946)  :'(

[DukeNukem]

Tech, for info on dazuko go to their website.

http://www.dazuko.org/

[Culpeper]

That is why I requested the piping script for Linux Kmail so Avast can scan incoming email.

And then, can you help me to set Kmail for it? Thanks.

1. No problem.  As root, open "kmail_fprot.sh" at /opt/kde3/bin/ and replace the code with Dublin's script below and name the file "kmail_avast.sh".  Save it in the same directory.

Code: [Select]

TEMPFILE=`mktemp`
if [ $? != 0 ] ; then
    TEMPFILE=`mktemp /tmp/kmail.XXXXXX`
fi
export TEMPFILE
cat > $TEMPFILE
avast -h >/dev/null 2>&1
if [ $? -eq  41 ]; then \
    avast -ai -t=A $TEMPFILE > /dev/null; \
else \
    avastcmd -ai -t=A $TEMPFILE > /dev/null; \
fi
RC=$?
if [ $RC -eq 0 ] ; then
    echo "X-Virus-Flag: no"
else
    case $RC in
        1 | 3 ) DESC="yes" ;;
        2 ) DESC="no - Virus was removed" ;;
        24 ) DESC="no - Encrypted" ;;
        * ) DESC="no - Failed" ;;
    esac
    echo "X-Virus-Flag: $DESC"
fi

cat $TEMPFILE
rm $TEMPFILE

2. Refer to the filter rules images I have posted at http://forum.avast.com/index.php?topic=17898.0
as an example for setting Kmail up to pipe incoming email through "kmail_avast.sh".  Just change anything that is "frpot" related to  Avast.

3. Configuring filters in Kmail is located in the Settings menu.

4. Test with eicar file to make sure it is working.