Q1: Does anyone know of some real-time, on-access protection antivirus software for linux, that is capable of fully utilizing multi-core processors of today?
I am having issues using KAV for Samba, as while it does its on-access scanning, files are being accessed by many clients and that creates a bottleneck on server, as it scans (almost) every file on open.
Another problem that I have with KAV is that it won't work with kernels newer than 2.6.26, which is a problem, since it won't work with new hardware (which requires new kernel versions).
Q2: Does anyone knows of on-access antivirus software for linux that works with newest kernels? A big plus is if one has used software with success.
If anyohe has an idea about solving one (or both) of these problems, please!
I have tried to configure samba-vscan wth ClamAV, but no luck there (some weird error during compiling of samba-vscan module).
By the way, server is being used as samba server, in a network of clients, running Debian-based distro (if it matters anyway).
Thanks!
I did a little Google checking and ClamAV claims to support both multi-threaded and on-demand scanning. See here for the 0.96.1 release early-to-mid 2010. They offer help in a few ways that should hit your questions directly. This includes forums, a wiki, and even paid support. If this is an employer-directed action, ask them to buy some support so that you can make some progress.
I saw a hint that the Dag Wieers repository may have one prebuilt, but I'm having trouble browsing the repository either on his website or rpmforge.net.
By the way, kernel-based on-access scanning is still not merged the last time I checked. That said, we were able to get the newest Symantec Endpoint to run on some RedHat 5 boxes. I wasn't privy to the details as far as problems and such. I also don't know if there is a Debian distribution or if it is on-access scanning.