Differences

This shows you the differences between two versions of the page.

Link to this comparison view

antivirus [2011/10/13 23:55] (current)
Line 1: Line 1:
 +====== Using grml 2009.10 to scan for viruses ======
  
 +This is a list of antivirus software that has been tested to work or not work on GRML 2009.10 (Hello-Wien). Fortunately, all software I tested worked on GRML 2009.10 (which was quite different when I did this test a year ago). But of course that was not GRML's fault.
 +
 +===== ClamAV =====
 +
 +Clamav has the advantage it is included in grml. Unfortunately, as of writing this, the scan engine is not the latest one available. You can scan anyway, a few of the newest signatures will not work, though.
 +
 +  * Update command: ''freshclam''
 +  * scan command: ''clamscan /mnt/somewhere''
 +
 +===== Avira =====
 +
 +Avira is free for non-commercial use and a free 30-day trial is available for commercial use.
 +
 +  * Personal: http://www.free-av.de/en/download/download_servers.php
 +    * Direct download: http://dlpe.antivir.com/package/wks_avira/unix/en/pers/antivir_workstation-pers.tar.gz
 +  * Professional: http://www.avira.com/de/downloads/avira_antivir_professional.html
 +
 +To install:
 +
 +  tar xfvz antivir_*.tar.gz
 +  cd antivir-*
 +  ./install
 +
 +When prompted (except for the license) just accept the default. Dazuko will not work because grml's kernel does not support it, but you can continue anyway. You **have** to say ''Y'' (which is default) for installing dazukofs, though (even if you don't have the kernel module), since otherwise even the on-demand scanner will not start.
 +
 +  * Before updating/scanning, start the avguard daemon: ''avguard start''
 +  * Update command: ''avupdate --product=Guard''
 +  * Scan command: ''avscan /mnt/somewhere''
 +
 +===== F-Prot =====
 +
 +F-Prot Antivirus for Workstations is available free for non-commercial use as well and as trial for commercial use.
 +
 +Website: http://www.f-prot.com/download/home_user/download_fplinux.html
 +Direct link: http://files.f-prot.com/files/unix-trial/fp-Linux-i686-ws.tar.gz
 +
 +To install:
 +  tar xfvz fp-Linux-i686-ws.tar.gz
 +  cd f-prot
 +  ./install-f-prot.pl
 +
 +(just accept the defaults, it will update signatures automatically when installation is finished)
 +
 +  * Scan command: ''fpscan /mnt/somewhere''
 +
 +
 +
 +===== Bitdefender =====
 +Bitdefender provides a Debian package (that works on GRML):
 +
 +http://content-down.bitdefender.com/repos/deb/pool/non-free/b/bitdefender-scanner/bitdefender-scanner_7.6-3_i386.deb
 +
 +
 +===== AVG =====
 +
 +AVG provides a Debian package (that works on GRML) as well:
 +http://download.avgfree.com/filedir/inst/avg85flx-r290-a2950.i386.deb
 +
 +
 +
 +
 +===== Avast! =====
 +
 +(tested successfully on grml-small 2011.05)
 +
 +Avast4workstation can be downloaded from this page:
 +http://www.avast.com/linux-home-edition
 +
 +You need to do a free registration with Avast! and receive a license key
 +by email, as instructed in their download page. Do not forget to save that
 +key to a place accessible from GRML.
 +
 +To install and perform initial set-up of avast4workstation on GRML, run:
 +
 +  cd /usr
 +  tar -xzf avast4workstation-1.3.0.tar.gz --strip=1
 +  avast -V
 +
 +Avast! will then ask for the license key, and save that information.
 +
 +You **must** then update the virus definition file, because the one
 +shipped in the installer is inevitably outdated. Just run:
 +
 +  avast-update
 +
 +This command is actually a pretty straightforward shell script. If
 +the machine you want to scan does not have network access, you can
 +also download the virus signatures manually from another machine:
 +
 +  wget http://files.avast.com/files/latest/400.vps
 +  wget http://files.avast.com/files/latest/400vps.md5
 +  fromdos 400vps.md5
 +  md5sum --check 400vps.md5
 +  mv 400.vps ~/.avast
 +
 +Recent virus signature files have become too big for the "maximum
 +size of a shared memory segment" in Linux, which is 32 MiB by default.
 +So before you run avast! with its latest 400.vps file, you **must**
 +run the following command, which increases the maximum to 64 MiB:
 +
 +  echo 67108864 > /proc/sys/kernel/shmmax
 +
 +After that, you are finally ready to run Avast! as much as you want. :-)
 +
 +Basic usage (scan current directory):
 +
 +  avast
 +
 +Parano├»d usage (if you are using GRML to check a suspicious computer,
 +you might as well use that):
 +
 +  avast -a -c -r ~/report-foobar.txt -t A /mnt/foobar
 +
 +Of course, replace ''foobar'' with appropriate values. And don't forget to
 +save the report file to persistent storage before turning off the computer.
 +
 +===== Panda =====
 +
 +Panda provide download for trial versions for their Linux products only
 +by e-mail. So, if you really want to try it, fill in their web form
 +and receive link and license file by e-mail.
 +
 +Panda for some reason did not send me a download link at all. Perhaps you
 +have more luck? ;-)
 
antivirus.txt · Last modified: 2011/10/13 23:55 (external edit)
 
Recent changes RSS feed Creative Commons License Valid XHTML 1.0 Valid CSS Grml homepage Driven by DokuWiki