Open Source Antivirus

1. Developing Open Source AntiVirus Engines
   According to its Web site, the OpenAntivirus Project is ?a platform for people seriously interested in antivirus research, network security and computer security to communicate with each other, to develop solutions for various security problems, and to develop new security technologies.? Among these technologies are Scanner Daemon, Virus Hammer and Pattern Finder, which are ?a first implementation of a GPLed virus scanner written in Java.? This article will take a look at the OpenAntivirus AV engine, assess its progress so far, and offer some suggestions of how the developers can continue to develop it. While some of the commentary in the following sections may be fairly critical, the purpose of this paper is not to flame the OpenAV project or its developers but, on the contrary, to salute their efforts. Hopefully, this article and the comments herein will make a significant contribution to the development of a viable, working open source antivirus product. 
     
2. Open Source Anti-Virus for the Whole Network
   Until recently, there was not a strong open source presence in the anti-virus realm. Now, however, there is more than one project in this arena, and the ClamAV project in particular is proving its ability to provide software scanning in a way that's adaptable and effective. In the spirit of the Unix philosophy, Doug McIlroy said, "Write programs that do one thing and do it well. Write programs to work together." ClamAV demonstrates just how effective this model continues to be. The ClamAV engine simply filters any input given and outputs a basic summary stating whether a virus was detected. This simplicity makes it appropriate for scanning content on a local file system, network file system, Web proxy, mail gateway, or whatever.
      
3. ClamAV antivirus Open source
   ClamAV For Windows is a completely free and open source anti-virus software package. ClamAV is an open source antivirus solution for UNIX/Linux operating systems. It features a command line interface for scanning files, updating the virus definitions, and a daemon for faster scanning needed on high performance systems. ClamAV is a security software that protect your PC against virues. Unlike most antivirus products, ClamAV requires no yearly subscription fee, and is completely free with source code to anyone who wishes to use it. Because ClamAV is released under the GPL v2 license, you must follow all license requirements if you modify the ClamAV source code, or use it in your own projects. The SOSDG has taken the latest ClamAV from the CVS tree, compiled it against the current stable Cygwin DLLs, which provide a full UNIX/Linux compatibility layer for Windows operating systems.
       
4. Open Source Not Ready for Anti-Virus
   Anti-virus software is definitely a challenge for the open-source model, and while there is at least one active program, there's no good evidence of how well it works. The anti-virus business is an interesting one. On the one hand, it's amazingly competitive on a worldwide basis, even if Symantec dominates the U.S. consumer market; there are a lot of companies in this business. But it's also a disappointing business technologically. The companies are not out to solve a problem as much as to acquire an annuity stream in the form of subscriptions for signature updates. So where does the free software movement fit in all this? For their own purposes, viruses and the other things a signature-based scanner would find are a comparatively minor problem. If you're a Linux or BSD user, there aren't many viruses that can attack you. But there are plenty of file and mail servers running on Linux that service Windows users.
   
   
5. Clam AntiVirus: Open source vs. the bad guys
   Protecting against viruses has become an inherent part of using a computer, thanks to the pervasiveness of email, a favorite delivery platform for malicious code. Open source software, in the form of Clam AntiVirus, can help you detect these rogue programs before they hit your inbox, whether you run Linux or Windows. In fact, you can install ClamAV on a wide range of operating systems, either through pre-compiled binaries or by a source code build. This flexibility gives ClamAV a distinct advantage over competing products in the virus detection arena, which often ignore users with older or non-mainstream operating environments. If you detect a malicious executable within your network, you may submit your suspicious file to the ClamAV database for the benefit of the whole community, a process which accelerates the response and detection time for newly spreading viruses. Because the users pitch in, ClamAV doesn't have to charge for subscription updates, as most commercial vendors do.
     
6. Open-source antivirus tech may get commercial
   To plug a hole in its intrusion-prevention product, eEye Digital Security may adopt the Clam AntiVirus project and improve the open-source software. eEye's Blink intrusion-prevention product includes system- and application-level firewalls and protects computers against phishing, spyware and exploitation of known vulnerabilities. "Antivirus is the only missing piece," Ross Brown, eEye's chief operating officer, said in an interview with CNET News.com. Blink is used by about 250 organizations worldwide, including the U.S. Army and the Department of Homeland Security, according to Brown. Some want the product to include antivirus support, so eEye is considering its options, including adopting the Clam AntiVirus project.      
     
7. Forum Systems to Support Open Source Clam Antivirus
   Forum Systems announced its support for Clam Antivirus, a leading Open Source antivirus toolkit. Forum XWall Web Services Firewall now integrates and extends the Clam Antivirus scanning engine to prevent the propagation of virus, worms, Trojans and other malicious software that finds its way into XML and SOAP documents, the emerging standards for business communications. Clam AntiVirus is an open source content scanning engine that is widely adopted for its high performance virus database and comprehensive malware signature database. The new Open Source-based module is available at no extra fee to Forum XWall customers. Recent industry examples with financial companies such as CardSystems Solutions, ChoicePoint, Bank of America and Wachovia point to lost, misplaced or stolen data that could potentially affect millions of customers. A virus embedded in XML messages and documents is another avenue by which malicious users are able to corrupt workflows, steal data and stall enterprise productivity. 
    
8. Anti-Virus Vendors Disagree on Open Source
   Days after anti-virus software provider McAfee issued a special report on the dangers of the open source method when it comes to combating malware, competitor Trend Micro is stumping for the other side of the argument, pointing out that it's the "openness" of open source that makes malware easier to find - and find quickly. Trend Micro's CTO is cited here for the proposition that security loopholes are fixed faster and malware is combated more efficiently because open source developers address security issues as they happen rather than waiting for the next patch cycle to come around, as is common in proprietary software companies. An SMB usually has fewer dollars to spend and less pull with vendors than a large enterprise, which could result in less than optimal anti-malware. Clam AntiVirus, profiled here, is an open source alternative developed for UNIX systems that is gaining respect in the enterprise arena.
     
9. Forum Systems to Support Open Source Clam Antivirus
   Forum Systems, the leader in Web services security for threat protection and trust management, announced today its support for Clam Antivirus (http://www.clamav.net/), the leading Open Source antivirus toolkit. Forum XWall Web Services Firewall now integrates and extends the Clam Antivirus scanning engine to prevent the propagation of virus, worms, Trojans and other malicious software that finds its way into XML and SOAP documents, the emerging standards for business communications. Clam AntiVirus is an open source content scanning engine that is widely adopted for its high performance virus database and comprehensive malware signature database. The new Open Source-based module is available at no extra fee to Forum XWall customers. Recent industry examples with financial companies such as CardSystems Solutions, ChoicePoint, Bank of America and Wachovia point to lost, misplaced or stolen data that could potentially affect millions of customers. A virus embedded in XML messages and documents is another avenue by which malicious users are able to corrupt workflows, steal data and stall enterprise productivity.