Submitted by A gaping security flaw in the latest versions of Symantec’s anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25. Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine “without any user action“.
I am running Ubuntu Linux on my laptop because I trusted Symmantec Antivirus which could not catch a virus that screwed my laptop.
I got a new laptop for my wife bu this time I got Mcaffe and I am a happy Ubuntu user.
bye, symmantexc
-2501
Hello McAffee.
Get a real AV program. Try AVG or AVast.
F-prot is OK too….and light-weight…low system resources. UNIX version too….so I run it both Windblows and UNIX…
How about ClamAV?
ClamWin does not do on-access scanning, only scheduled or on-demand scans of the filesystem.
ClamAV primarily scans for e-mail-borne viruses, trojans, and phishing messages. It doesn’t scan for anything else. The virus db is only around 25,000 threats.
ClamAV does not use any kind of heuristics in its scans.
ClamAV does not include any central management features.
There are a few other issues that do not make ClamAV a good desktop scanner. For e-mail servers, it works wonderfully. But it’s not designed, or really suited, to desktop use.
I just recently heard that you can use WinPooch (it’s on Sourceforge) to add on-access capability to ClamWin. I’ve only just installed the combo though, so can’t really comment on its effectiveness.
Are you sure about the heuristics thing? I’m sure I read (circa the WMF 0-day business) that Clam did have heuristic capabilities, which was how it (among others similarly equipped) managed to catch the exploit. Just a vague memory, mind…
Just ‘Get a Mac’ and run Windows on it via “BootCamp”!!
You’ll be safe then!
(that was a joke)
Yeah, Buck…I run ClamAV on my UNIX machines too….clamwin is a good scanner for Windblows….
Virus scanners all suck. They suck memory, CPU and I/O bandwidth. They mess with the internals of the operating system and make it highly unstable.
The more complicated a software system is the more likely it is to have bugs and security holes. I don’t get a good feeling from any of the vendors (especially Symantec) that they are keeping their software small and well tested. It’s all big and loose and fluffy (aka full of holes).
If you know what you are doing, don’t open things you shouldn’t, patch like mad, use only software worth trusting, and put your machine behind a good firewall what is really the risk/benefit of constantly running an on-demand virus scanner.
Granted, for people who aren’t highly technical power users, a virus scanner is a safety net, but couldn’t it be true that sometimes that net just isn’t worth it.
Virus scanners all suck. They suck memory, CPU and I/O bandwidth. They mess with the internals of the operating system and make it highly unstable.
The more complicated a software system is the more likely it is to have bugs and security holes. I don’t get a good feeling from any of the vendors (especially Symantec) that they are keeping their software small and well tested. It’s all big and loose and fluffy (aka full of holes).
If you know what you are doing, don’t open things you shouldn’t, patch like mad, use only software worth trusting, and put your machine behind a good firewall what is really the risk/benefit of constantly running an on-demand virus scanner.
There will always be people that say they don’t need virus scanners because they’re careful with what they run and how they surf, just as there are people that won’t wear seat belts because they consider themselves to be safe drivers.
I agree A/V is overrated, threats now are becoming sophisticated and utilizing application exploits, plus malicious files mutate faster than the signatures can update, but that doesn’t mean that A/V is ineffective. It’s just not *entirely* effective, it simply focuses on one aspect of security and that’s keeping known malicious data off your system.
Firewalls are overrated as well. For much the same reason, vulnerabilities are often exploited on internet connected applications that travel cleanly through the firewall anyways. Most consumer-oriented firewalls block incoming connections only, they do nothing to prevent users from using apps that in turn become vectors for attack on their systems. That doesn’t mean firewalls are ineffective, again they just focus on one aspect of security, blocking unauthorized connections to your system.
It’s always a good idea to be aware of what you’re doing, know what sites you’re visiting, use credible software, keep patched etc. under any circumstance. But in relying on that virtually alone, you’re also placing an inordinate amount of trust in third-parties (your software vendors and their ability to write safe, vulnerability free software, or the websites you visit and their ability to secure their sites and prevent exploitation, etc.) and in your own ability to basically never make an error.
At the end of the day, at least in my opinion, relying strictly on security applications to protect you is just as risky as relying strictly on “smart” computing. Security is about mitigating all possible threats, not just the ones you think you have covered. You need to strike a balance between smart computing and realistic computing.
Granted, for people who aren’t highly technical power users, a virus scanner is a safety net, but couldn’t it be true that sometimes that net just isn’t worth it.
Security in general is a safety net, for users and their applications. Whether it’s worth it or not is, as you pointed out above, a risk/management analysis; for businesses the stakes are higher and more complex, though even consumers need to determine the level of inconvenience they’re willing to suffer versus the importance of being “secure”. But you need to think of it as an insurance policy… Nobody likes paying for it, but you’re damned glad you have it when those circumstances arise and the more you put into it, the more you’ll get out of it at that time.
Having said all that, I still wouldn’t recommend Symantec (or McAffee). To your original statement, they are hogs. There are much more lighter and equally effective programs available, many of them for free.
Yet, this the essense of a not-so-free software market. If people want to use MicrScr@p products and their supporting vendors … let them.
Six years with SAV-CE, only one virus outbreak, quickly contained, and no data loss. Say what you like about it, but it deploys easily and gets the job done. As long as we have Windows, we’ll need realtime detection and Outlook/Exchange integration. Keeping definitions up to date with SAV is effortless, literally. Quarantine is effective, emergency updates work within minutes over the WAN. Nope, I don’t work for Symantec, I just think they do what they do quite well. Am not sure where all the bashers are coming from. SAV’s not cheap, but viruses are much more expensive. If you’ve got the bucks, SAV’s worth a look. Of course, you should run Linux/BSD/OS-X wherever you can. 🙂
And here I thought the constant problems I used to have with Symantec crashing were due to sloppy coding.
Now it appears that it’s advanced heuristics for threat determination and recognition were simply so effective that the brave little app had no choice but to try and delete itself in a selfless attempt to keep my system secure.
I feel much better now.
I personaly use Mac OS X on a “poor” second hand 400MHz Powermac for about 3 years now and never ever needed a AV software, on the other hand I use GNU/Linux for 6 or 7 years and never ever get infected with a virus/trojan/worm/rootkit/you name it…
I threw the Microsoft/Symantec team out a long time ago and never had to regret my choice.
It’s funny how some OSes are more vulnerable than others… Oh yes , you’re right, that’s just because of the market share blah, blah, blah….. 😀