|
and if i need antivirus for linux anyway
Unless you're providing services for the MICROS~1 platform or regularly share files between the platforms in other ways you should change from using the old virus paradigm and look at what Linux has got to offer. We've got worms, trojans and rootkits.
The best way to guard against those isn't using a virus scanner, but running only what you need, updating it when found vulnerable, using access restrictions (Grsecurity kernel patch, filesystem extended attributes, Snort, tcp wrappers, firewall), a file integrity checker (Aide, Samhain, tripwire) and OS/network vulnerability checkers (Tiger, COPS, Chkrootkit, Nessus, Nmap, etc etc). Doesn't mean an AV scanner doesn't have its merits tho.
I did run a comparison on a few scanners (admittedly a long time ago) and my top 3 would be:
1. Kaspersky - for having a resident component for on the fly scanning and excellent heuristics
2. Mcafee's uvscan - excellent heuristics
3. RAV - excellent heuristics, just a bit behind uvscan in recognition
The fact RAV was bought by MICROS~1 didn't do nothing for the quality of their signatures yet.
Clam and F-prot Linux failed my tests (mixed w32/Linux stash of goodies) in the most miserable way. Sophie/Trophie aren't scanners AFAIK but interfaces to scanners.
|
