ClamWin Free Antivirus Forum Index
ClamWin Free Antivirus
Support and Discussion Forums
Reply to topic
Technical overview documentation required
mabra


Joined: 25 Apr 2014
Posts: 19
Reply with quote
Hello !

I am looking for techincal details about how the whole suite operates
and which processes are involved - not to say, without diving into
code ....

I just asked a question, about why my regular database updates are
failing. I could possibly answer this by myself, but I am unable to
see technical docs Sad

I am seeing a lot of handiycps to use winclam:
- the logging is completely ill:
- no user
- no time
- only full path
The whole thing should be organized in named logical sans, which
have to have its own logfile and the mentioned information above.
On a larger computer, you'll have usually several task running
in parallel [TB of data!] and after this, you'll not be able to indentfy
a problem Sad

Additionally: Security relavant work should never work in a (some)
users temp directory - that because all usual (existing) scanners
have these on their focus - and this bombs. This has to use one
separate directory, which itself, can be ecluded for other scanners.
And regard: The temp directory is not a fixed location ... only its root.

There would be really be more to say, for example, about servers.
I am using a development server - and so in each concurrent logins,
I have the configuration .... and they would write concurrently to
the same quarantine folder .... and not to say, that it is not very
complicated to write a windows service. This woule enable to use
of some common parts for the configuration.

My statements are not intended to kill someone or to be interpreted
as a flame.

Everybody has to migrate to a open source scanner in The Day After.
My McAfee - no one can look into its code - could just simply be the
most important NSA backdoor - so, I (everybody!) must get rid of
all tools, which are not open.

Anyway so far and my thanks for the work!

Best regards,

++mabra
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4388
Location: USA
Reply with quote
I tried to help answer your question in the forum in which you originally posted to it. Please confine your posts to the place where you originally post them.

If you are capable of helping the ClamWin developers, please contact them via the contact information on the main ClamWin web page. Competent technical help is very welcome, as development time is very limited for the 2 ClamWin developers who work part-time for free.
ClamWin was written basically for use on individual PCs--not much thought has been given to use in other environments.

Regards,
View user's profileSend private message
ROCKNROLLKID


Joined: 23 Sep 2013
Posts: 562
Location: **UNKNOWN**
Reply with quote
If you are so paranoid over closed-source software, then you shouldn't be running a windows. Linux is free, you can download and install at anytime. NSA backdoors were already found in Windows main core drivers, but no one seems to really care. I don't see a real reason to care, unless you had some personal information on your system. Though, to target someone directly, they need the proper equipment and information on that specific target, such as IP address, PC spec information, location of where that is, and run a tracer through your internet connection. All of that takes time anyways. Now just because you have an open-source application doesn't mean NSA can't get into your systems. I am sure by now NSA has found other ways to compromise systems. In the end, weather it is open or closed source, it is way easier for the government to just look through your window or just come to your house and access right there, which is what they probably would do, anyways.
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4388
Location: USA
Reply with quote
No antivirus that I am aware of will intentionally allow a back door for anyone, and many of the commercial AVs have publically stated that they will not intentionally allow any malware to bypass their scanner--no matter what it is. What do I know? I developed the first signature for Stuxnet for Clam AV, which provides the scanning engine used by ClamWin.

Regards,
View user's profileSend private message
ROCKNROLLKID


Joined: 23 Sep 2013
Posts: 562
Location: **UNKNOWN**
Reply with quote
He was talking about NSA backdoors, which malware shouldn't be able to detect. none the less, though, I don't see why NSA would have a backdoor in any anti-virus software. I think a more concern would be the company secretly data mining your system, like Google or Yahoo or something.
View user's profileSend private message
mabra


Joined: 25 Apr 2014
Posts: 19
Reply with quote
Hi All !

The big thing first: If linux would be a simple good choice, the world
would use linux.

Don't tell me, this is not that short, I know. I would need to write a book
about this, but is is currently the resume, from top view. I'll not dive into
deep explanation, why I cannot - currently - remove windows.

I have more linux boxes, then windows. I am helping users to come
to linux, but the many won't. I am spending a lot of time with this.

I do not have the precise insight in american rights, but so far I am understanding
the NSA debate right, they can force companies to put any bit of spying code
in their products and they are even not alllowed to talk about that.

So, the time, where there was something like trusting someone, has been gone.
The only think which helps is evidence. Evidence is only possible - at least - if
someone can inspect the code. Each connection - espescially all automatic
update procedures - is a chance to get "infected/spyed" some way.

The statements about malware in windows drivers, I don't know, but I am seeing
the network additions to Nvidia drivers ........ and their feature to auto update ....
Because the code is closed, I cannot trust them. All my windows boxes are
living in an environment with application level firewall.

Thanks for all the opinions here !

Best regards,

++mabra

@GuitarBob: Sorry to say, I have probably not the linux experience [and the time]
to help in development. I was developing in C# for the past ten years and I am
using mono on linux for this. But is there are some specific questions, may be,
I can answer.
View user's profileSend private message
GuitarBob


Joined: 09 Jul 2006
Posts: 4388
Location: USA
Reply with quote
I am also looking into C#, but I'm concentrating upon Delphi (Lazarus version cause it's free) because that's what Clam Sentinel is written in, and I think it currently has the best possibility for user protection. It will be about a year before I'm up to anything, however. Help with ClamWin is always welcome. I think the developers are leaning toward C# for future development, and anyway, some useable routines could be written in C# for ClamWin.

Re: Linux. I fool around with Puppy Linux, but I think that Linux is still too "techie" for the average user.

You are not paranoid--just concerned! It seems every organization/government wants to get information about others, so you have a right to be concerned. If you are worried about AVs, then only use a foreign one--stay away from the USA ones. As for commercial AVs, I know that F-Secure is committed to security/privacy of its users. ClamWin is Australian/Italian, and Clam Sentinel is Italian. I lean toward an AV that uses its own scan engine. Many AVs license an engine from another, better AV. Bitdefender is used a lot, as is Avast, Kaspersky, Avira AntiVir, and Sophos. There's nothing wrong with that, but a widely- used AV could make a big target for someone.

Regards,
View user's profileSend private message
ROCKNROLLKID


Joined: 23 Sep 2013
Posts: 562
Location: **UNKNOWN**
Reply with quote
Malware and NSA are 2 different, you do realise that. Malware are infections created by hackers to steal data and infected systems. NSA is a governmental program for collecting data from systems using backdoors in programs and operating systems. Are you talking about your distrust for windows because of NSA or paranoid over malware? This topic seems to have multiple subjects with it. If you're going with linux, I heard ubuntu is the simpliest one to go with. If you're going to stick with windows, what I use is PeerBlock and windows firewall for a firewall, peerblock is open-source, BleachBit with winapp2, BleachBit and winapp2 are open-source, ClamWin and ClamSentinel for anti-virus, ovbiously them both are open-source, and truecrypt to encrypt whole driver, also open-source. Hope I helped you out.
View user's profileSend private message
Technical overview documentation required
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT  
Page 1 of 1  

  
  
 Reply to topic