LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-09-2007, 07:34 AM   #1
saavik
Member
 
Registered: Nov 2001
Location: NRW, Germany
Distribution: SLES / FC/ OES / CentOS
Posts: 614

Rep: Reputation: 32
clamav vs. antivir


Hy!

I used antivir for more than one year now but for some reason I would like to switch to clamav.

Now I installed everything fine.

Everything is working but:

Clamav take more than a tripple of the time antivir needs for the same amount of files.

I usered a small directory to test

antivir --allfiles * (scan time: 00:00:03)

vs.

clamdscan * (Infected files: 0 Time: 120.746 sec (2 m 0 s))


So this is really very slow. For this small dir its not to bad but I have to scan 530GB!!

Every day, which can`t be done if the scan take more than 24 hours!!

I looked around at http://www.clamav.net/ and the mail archive but i didn`t find anything interesting.

Does anybody here have an idea how to speed up the scan or does anybody use clamav to scan a gread amount of data ?

Version : ClamAV 0.88.7/2395/Sat Dec 30 00:16:50 2006

Thanks!
 
Old 01-09-2007, 06:05 PM   #2
dracolich
Senior Member
 
Registered: Jul 2005
Distribution: Slackware
Posts: 1,274

Rep: Reputation: 63
I, too, used antivir for over a year. After they merged with, I forget who now, I became quickly unimpressed and switched to AVG. I never used ClamAV, but I think I can point to a possibility: your syntax for the antivir command is very short. I remember using more switches to include all files, subdirectories, archives, etc... Maybe ClamAV includes all that by default. It won't speed up anything but it might help explain the difference.
 
Old 01-09-2007, 08:21 PM   #3
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
I think it depends on a lot of things. First of all you're not about clear what amount, size and type of files you're scanning and what HW resources can be used. Next to that the Holy Grail of each AV is its detection engine and they will defend it like, uh, something that defends well ;-p Some engines are faster compared to others, but like Dracolich kind of implies by the switch stuff, speed is a trade-off for accuracy. I did a small test not so long ago (see here) with BitDefender, ClamAV, F-prot and NOD32 which could give you an idea of what accuracy looks like for real. Goes to show enigines are more mature than others combining speed with accuracy. Unfortunately for most of those you'll have to shell out cash (thus keeping the AV monopolies alive). Best thing to do is *test* and compare.

Other than that my taxonomy tells me this is not a Linux Security issue, more about tweaking or testing AV, so I'll be moving this thread to the Linux Software forum RSN.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
antivir and suse10 beejayess Linux - Security 1 07-12-2006 07:57 PM
Antivir atlaika Linux - Security 3 11-29-2005 12:01 PM
Antivir jam2000 Linux - Security 4 11-17-2005 03:18 PM
ClamAV & AntiVir in Kmail AvatarofVirgo Linux - Security 5 02-07-2005 12:52 AM
antivir help needed wisdom Linux - Software 1 12-29-2004 12:03 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 08:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration