on-access malware scanner

Status
Not open for further replies.

Matrix

Cadet
Joined
May 29, 2011
Messages
2
Hi,
I'm using FreeNAS now since a few weeks and I am really happy with it's stability and performance.
But I like to keep my harddisks clean from malware, so I suggest to integrate an on-access antivirus scanner like ClamAV into FreeNAS. Is that possible?

Thanks to the developers. You do a great job!
 

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,681
ClamAV is not an on-access scanner. It's not exactly clear how one would integrate such a thing for access technologies such as NFS, though I seem to recall that people have tried to do on-access scanning for Samba in the past by integrating it into the Samba userland. I agree it'd be a very nice feature, but the support would probably have to come as something already available for Samba, I'm guessing?
 
Joined
May 27, 2011
Messages
566
zfs does support this, google 'zfs vscan' however i have no experience with it, everything i found was for solaris, not FreeBSD.
 

Matrix

Cadet
Joined
May 29, 2011
Messages
2
zfs does support this, google 'zfs vscan' however i have no experience with it, everything i found was for solaris, not FreeBSD.

I found something about zfs vscan at http://hub.opensolaris.org/bin/view/Project+vscan/

The goal of this project is to provide an integrated real-time virus
scanning service to support OpenSolaris as a storage operating
system.
Virus scanning will be initiated from the underlying file system
when files are accessed or modified, thus ensuring that each file has
been scanned with the latest virus definitions before a client uses it.
Enhancements to the file system will support the storage of per-file
virus scanning attributes to indicate, for example, if a file is infected
and has been quarantined. The VSCAN service will utilize third party
virus scanning applications and appliances from key anti virus vendors.

And in the feature list of ClamAV at http://www.clamav.net/lang/en/about/ I found this line:

  • fast, multi-threaded daemon with support for on-access scanning
 
Joined
May 27, 2011
Messages
566
now you just have to make it work with FreeBSD. I'm sure it's possible but how much work is the question.
 

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,681
zfs does support this, google 'zfs vscan' however i have no experience with it, everything i found was for solaris, not FreeBSD.

The basic problem is that fs_vscan is defined as:

#define fs_vscan(vp, cr, async) (0)

ZFS "supports" virus scanning in much the same way as ZFS "supports" things like sharing files via NFS, SMB, and iSCSI ... most of the bonus fluff that comes along built into ZFS on Solaris has not been ported to FreeBSD for various reasons (usually because FreeBSD supports those features in a different way). In the specific case of on-access virus scanning, it'd be useful in some environments to have this, and it might be worth some time and effort to look into it... wonder how much of a CPU kill it'd be. :smile:
 
Status
Not open for further replies.
Top