Seems to me like Clam AV has a lot of mail filtering capabilities, which is goodness. I am, however wanting it for real time file system protection. I presume it can do this, but I am unsure how to make it do so.
To give you an idea of the environment: SLES8 SP3 (2.4 kernel) is the flavour of Linux I am running. The first caveat to that is that I am running it on the IBM z/Series mainframe platform, and the second caveat is that I am in a virtualized environment under IBM's Virtual Machine, z/VM version 4. So what I am wanting to do is two fold: Firstly, real time file system protection. Secondly full file system scanning. The first part I am not sure how to do. The second is easy enough, however, when I used clamdscan the file system scan consumes inordinate amount of CPU resources. I've tried starting clamd with a nice value of 17 and running clamdscan with a nice value of 18, in hopes of slowing it down so that the consumed CPU cycles are spread over more 'real time'. Why is this important? In a virtualized environment such as the one I am running in, memory and CPU resources are currently being shared by about a dozen virtual servers. If one single server consumes 40-80% of cpu resources (2 processor configuration), the act of running the scan on all systems is going to completely bury the box. So I am hoping someone can tell me what to do to enable real time file system protection, and secondly, if there is some way to reduce the amount of CPU the file system scan takes. I am perfectly willing to let the file system scan take 4-6 hours, if doing that reduced the cpu use to an average of 20%. Any insight will be greatly appreciated. Thanks! -James Melin Hennepin County Technical Services. _______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
