[Grml] Test of Antivirus engines on GRML

Michael Schierl schierlm at gmx.de
Mon Nov 23 18:52:36 CET 2009

Andreas Gredler wrote:
> I've created one for you that you can edit.
> http://wiki.grml.org/doku.php?id=antivirus

Thank you. I did so :)

>> ClamAV
>> ------
>> Clamav has the advantage it is included in grml. Unfortunately as of
>> writing this, the scan engine is not the latest one available. You can
>> scan anyway, a few of the newest signatures will not work, though.
>> Update command: freshclam
>> scan command: clamscan /mnt/somewhere
> Did you try to upgrade the debian package to the latest version?

No. My experience with updating packages on grml was never very good
(maybe because you have to include a lot of different packages to get a
working system again?) and success of it changes from day to day.
Installing external packages is better for me because of that (I put the
files on an USB key and update them only when there is a new GRML
available). Updating of other antivirus works well from really old
versions. Or is there some grmlrepository somewhere where I can reliably
upgrade *only* clamav without running the risk I need to upgrade to new
versions of libfoo and libbar and therefor gazillions of other packages
(similar to backports repository of Debian)? Whenever I try it (not only
shortly after the release)?

> BTW: Had to clean some machines, too, recently. In my case clamav missed
> a lot of viruses/trojans :-(

Yeah. They usually do not include signatures for files that can only
appear like that on hard disk (if the virus unpacks itself from the
email, for example), as most people use clamav as an email scanner and
not for scanning real Windows boxes. That's why I use multiple
(different) scanners for scanning Windows boxes from grml.

>> Avast and Panda
>> ---------------
>> Avast provide download for trial versions for their Linux products only
>> by e-mail. So, if you really want to try them, fill in their web forms
>> and receive link and license file by e-mail.
> avast4workstation can be downloaded directly:
> http://www.avast.com/eng/download-avast-for-linux-edition.html
> You still need the license key though.

Ok, added that. Yes, I remember now, I could download it before getting
the license, but still had to wait for that e-mail so that I could
install it...

> greets Jimmy

Hmm. That nick looked strange (especially as my email program by default
only shows real name and not email address) and I thought my email
program had problems with quoting ;-). But if you like to have a nick
that tries to imply a different first name, fine for me :)


More information about the Grml mailing list