On 3/10/19 1:33 PM, Mart van de Wege wrote:
deb <d...@rangingthoughts.org> writes:
Starting assumption: I do want to run A/V.
* I get that it may actually INCREASE attack surface.
* But I have Windows & Mac stuff going back and forth to Debian 9.8
and just want to check.
When you say going back and forth, do you mean over the network?
On Linux the best solution right now is clamav, which is not 100%. Is it
an option for you to run a network based solution, like an IDS?
Mart
Yes Mart.
Over the network.
4 files were found being passed by just one Windows machine, which was
running a paid A/'V (actually 3 different A/Vs!). 2 were in emails.
I will push along the ClamAV path.
It has worked.
I have to figure out if it really does real-time detection [it says it
does].
That would allow it to beat out Malwarebytes.
* I will be using ClamAV.
It *seems* little shaky, but it worked.
* I will ask elsewhere if there are better options.
* Companies I push #debian into will be doing at least ClamAV [ [IF]
they have or will have networked Windows/Mac machines, or receive
email.
(and probably anyway).
* I'm not interested in cloud-based solutions,
where "suspect" files are sent to the "cloud".
That, to me, seems the worst answer.
I'm not interested in listening to noise from Brian (defines curmudgeon),
trying to guess what evil agenda I am backing; and all of that other
posturing
about just compile your own code; review every line first, and all all
is well.
People pass crap around on mixed networks.
They do.
I *ALREADY* caught it.
re: apt solving all? I understand it recently had a long-time
vulnerability itself...
Linux will get hit more as it gets more popular.
I want to be ahead of that however possible.
So thank you for a real answer Mart.
What a pile of chest-thumping on this.
Sheesh.
