You are here

ClamWin: Does open source anti-virus work?

14 posts / 0 new
Last post
dkulchenko
Offline
Last seen: 13 years 5 months ago
Joined: 2007-02-14 17:12
ClamWin: Does open source anti-virus work?

I've read a few articles that open source antivirus software is pointless, and just does not work. Their argument is that companies like Symantec, Norton, and others have dedicated security teams, while open source software like ClamAV only gets updated when people feel like updating it. Personally, I can't say I agree. What do you think? Here are the articles:

http://www.eweek.com/c/a/Security/Open-Source-Not-Ready-for-AntiVirus/
http://reviews.cnet.co.uk/roryreid/0,139101702,49294707,00.htm

John T. Haller
John T. Haller's picture
Offline
Last seen: 1 hour 30 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Severely Outdated

You do realize those articles were written in 2004 and 2007 respectively. Which makes them pretty meaningless.

Sometimes, the impossible can become possible, if you're awesome!

reepicheep
Offline
Last seen: 12 years 6 months ago
Joined: 2008-04-29 11:32
Except ...

The press might be right but look at who subsidises and advertises in their publications. In the specific case of Clam AntiVirus however these comments are unfounded; the software is owned by Sourcefire --- a major computer security and intrusion prevention company. Plus Clam AV is used by a significant number of significant users, e.g. SourceForge.

NathanJ79
NathanJ79's picture
Offline
Last seen: 4 years 11 months ago
Joined: 2007-07-31 15:07
Sure, why wouldn't it?

Asking if open source AV works or not is a stupid question IMHO, because open source is just another kind of license. Sure, you can assume that proprietary and commercial AV software works, because money is being made. But what about freeware AV? Such as AVG for example. AVG works partially because they make money on the security suite and nag free users to pay for the better version. Same thing as ZoneAlarm and other freeware security applications.

The only problem I have with open source AV isn't even a problem, but I suspect more of a misunderstanding. I've always thought that if you make a security program and publish its source, people wanting to defeat that level of security can potentially do so by looking at the source and looking for holes.

ClamWin Portable has a few glaring flaws inherent to a portable AV app (e.g. no realtime virus scanner, no automatic or even manual updates) but as far as scanning for viruses, no, I don't see a problem.

Also TC AFAIK Symantec == Norton. Symantec and McAfee is perhaps the better way to say that. But for the record, dedicated team or not, both of those suites are overbloated resource hogs. AVG Free works great for me, despite not having built-in anti-spyware (someone made a big deal out of this in another topic).

Tim Clark
Tim Clark's picture
Offline
Last seen: 13 years 9 months ago
Joined: 2006-06-18 13:55
Manual Updates ?

"no... even manual updates"

Not sure what you mean here?
I update CWP manually every day thru the GUI

and the full databases are available for download directly [manually] here:
http://www.clamav.com/ [main.cvd and daily.cvd]

Perhaps I am not understanding you correctly ?

Tim

Things have got to get better, they can't get worse, or can they?

wk
wk's picture
Offline
Last seen: 1 year 6 months ago
Joined: 2007-09-05 12:31
so, just as additional info...

you can automatically update with http://www.clamup.co.nr/ (There are some ways listed on the "use" tab) or by using automemscan+clamup as posted in the forum
https://portableapps.com/node/11553

"Lorem ipsum dolor sit amet, consectetur adipisici elit, sed eiusmod tempor incidunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis .." Friday Next -
"May The Schwartz be with You!" Yogurt the Yoda

Mir
Mir's picture
Offline
Last seen: 12 years 5 months ago
Joined: 2007-12-03 16:07
no auto updates? that is

no auto updates? that is only on the portable ClamWin. i have ClamWin and KlamAV on my two computers that update automatically once every hour.

YES THEY UPDATE THEIR AV DB AT LEAST EVERY 2 HOURS!

ClamAV was built for Linux/Unix servers so that people who access data from a linux machine wont get shafted by the appearance of a virus that only effects windows and does noting to unix.

On the topic of update i had to get rid of the Comodo AV i purchased because it refused to ever update itself and the AV db. i chose ClamWin because i would have the same protection i have on my linux box and on my thumb drive.

Automatic Scanning is another feature that is disabled on the portable ClamWin for good reason. you'd need Administrative rights to access particular directories for scanning.

Psst... McAfee has a Free Virus Scanner that runs portably called Stinger. Guess what... it doesn't automatically update or auto scan either. ClamWin is a much better choice over Stinger but Stinger is small enough to be placed on a boot floppy.

Tim Clark
Tim Clark's picture
Offline
Last seen: 13 years 9 months ago
Joined: 2006-06-18 13:55
Yes, it works :-)

Yes, it works Smile

The question is not if it is open source or not. It is how often and well it updates, And how it is intended to function.

I can only speak from my experience of CW but for me it does what it needs to.
I have a name brand commercial real time AV checker, McAfee VirusScan, and am quite happy with it. I use CW and AvastPortable [U3 version] as secondary checkers, a second opinion if you will. They have different databases and methods of checking and that is what I want.

CW often updates several times a day and so in some ways can be cutting edge, you do have to be careful of False Positives, but that is the case of any AV product. If a fresh update of CW detects something that it did not before and my other checkers don't see it at all, I proceed with caution, that is just common sense.

The main rule for me when using a product like CW is "First, do no harm"
In it's default configuration CW just gives you information, and lets you choose what to do, and that is what OSS is all about really, Giving you choices Smile

Just my 2 cents,
Oh, and what John said, the first article was very old.
and the other article was not only old but the guy seemed to have an ax to grind [his second paragraph was just, well ... stupid Sad ]

Tim

Things have got to get better, they can't get worse, or can they?

silentcon
silentcon's picture
Offline
Last seen: 12 years 8 months ago
Joined: 2008-05-31 05:37
Yes it works but dont think

Yes it works but dont think that it can detect better than paid AV. Paid AV do reasearch and stuff. I dont know with Clamwin or ClamAV. They are Open-source and free so they don't get much credit except maybe from small donations.

RMB Fixed
Offline
Last seen: 15 years 6 hours ago
Joined: 2006-10-24 10:30
Do closed-source OS's work ?

As the headline says .. the press has it all backwards .
The reason no-one cares about so-called real-time AV-scanning
in the open-source community is that it's only "needed" for certain
insecurely designed closed-source operating-systems .
I still laugh every time I think about how comodo decided winlogon.exe was a dangerous virus and deleted it ..

cingirock
Offline
Last seen: 15 years 5 months ago
Joined: 2009-07-28 06:10
[spam]

nod32 virus actually sohbet occurred in the program is very good, but sometimes to a computer glitch and is very damaging

[link to spam/malware site broken by mod Tim]

Mir
Mir's picture
Offline
Last seen: 12 years 5 months ago
Joined: 2007-12-03 16:07
Thanks Tim for removing that

Thanks Tim for removing that link!

Darkbee
Darkbee's picture
Offline
Last seen: 4 years 8 months ago
Joined: 2008-04-14 09:41
Is Commercial necessarily better?

I've worked for a few different companies that use F-Secure and I have nothing but bad things to say about it. It crashes a lot, it crashes other programs a lot, in short an utter piece of junk IMHO. I don't rely on it at all to keep my safe and routinely run my own applications to check my PC for viruses and other harmful software.

I do use the free version of the otherwise commercial AVG at home, and with the exception of the disaster that was version 8, I've never had any problems with it. I've generally recommended it to all my friends and family.

I do keep a copy of ClamWin portable on my drive, just in case. As somebody else said, it doesn't hurt to get a second opinion once in a while. I haven't really used ClamWin enough to know of it's effectiveness but it certainly has never missed anything that other anti-virus programs have found. I've never had any reason to doubt its capability or reliability.

I was always curious that since it's open source, wouldn't it be easier for virus writers to write viruses that bypass or eluded ClamWin, since they could check under the hood as it were and find its Achilles Heel? Of course, why bother in the first place since it's probably a very small total population of all anti-virus program users, but still.

Mir
Mir's picture
Offline
Last seen: 12 years 5 months ago
Joined: 2007-12-03 16:07
because it is opensource it

because it is opensource it has the ability to change quickly to patch up issue. for example there was a virus a few years ago that infected the major AV programs like Norton and McAfee. It took McAfee weeks to patch the problem and if you got infected your best bet was uninstall and to install a different AV. as for Clam's effectiveness as a consumer AV its hard to say. its not the best its not the worst. I will say its the best avalible for a Unix/linux based system.

Log in or register to post comments