Full Disclosure mailing list archives
Re: Hi! Antiviruses Comparison - A Little Research Results
From: Feher Tamas <etomcat () freemail hu>
Date: Fri, 16 Apr 2004 19:11:20 +0200 (CEST)
Hello,
Only finnish F-Secure and american CA has Windows/Linux AV products with multiple independent virus scanning engines.Not exactly. At least Chinese iduba.net from Kingsoft uses 2 kernels. As far as I know Russian Dr.Web works on engine to work with multiple antiviral kernels of different vendors.
There is a big difference between using multiple "scan engines" and being able to integrate several AV software under one hood or GUI by passing them relatively high level calls. The latter gives poor performance, kinda Amavis-like or a similar to a snail in reverse gear. Only the engine-level (.DLL based) approach can be used for on-access protection, which is mainly a Windows requirement. Even this has performance penalty, but it is usable (especially on the corporate desktops, where users simply cannot disable that annoying realtime protection). Writing multiple engine AV software can be a tricky task, I guess. For example there is no standard virus naming across different AV developers, yet the user interface must display relatively coherent info for the poor PC owner when a virus is found. MS says Windows 2003.NET Server OS now supports running any two different AV software on the same machine, without interference of real- time protection modules or other function. This could allegedly alleviate the need to develop multiple-engined AV software. The feature reportedly works in 95% of all cases, but that unlucky 5% could still be a lot of people. I think Linux people should agree on single a disk access monitoring module standard (dazuko or other) so that Linux AV can easily watch absolutely any disk access in the system, not just Samba or Squid. Soon, LinuxAV will be just as indispensible, as Windows AV already is. Sincerely: Tamas Feher. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Hi! Antiviruses Comparison - A Little Research Results, (continued)
- Hi! Antiviruses Comparison - A Little Research Results Feher Tamas (Apr 16)
- RE: [inbox] Hi! Antiviruses Comparison - A Little Research Results Curt Purdy (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results 3APA3A (Apr 16)
- RE: Hi! Antiviruses Comparison - A Little Research Results Sean Crawford (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results Exibar (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little ResearchResults Gregh (Apr 18)
- Re: Hi! Antiviruses Comparison - A Little Research Results 3APA3A (Apr 16)
- RE: [inbox] Re: Hi! Antiviruses Comparison - A Little Research Results Curt Purdy (Apr 16)
- Hi! Antiviruses Comparison - A Little Research Results Feher Tamas (Apr 16)
- Re: Hi! Antiviruses Comparison - A Little Research Results Feher Tamas (Apr 16)