We just took “delivery” of another dedicated server for a project we were doing and this time used a differnet hosts to the ones we usually use, mainly because for this project we needed cheap. (I’ll post who they were once I have some confidence they are any good!) The install ClamWin free-of-charge, which I had never heard off.
ClamWin bills itself as “open source anti-virus”. For me, anti-virus seems like the sort of thing that *needs* to be commercial because surely you need to pay a team of developers to research and build fixes for new malware. I wasn’t, and am not, immediately sure how you do that on a free model. Googling around for them I came across their Wikipedia article.
At the bottom they provide a link to Virus.gr (http://www.virus.gr/portal/en/), which runs a comparative test of the different products. ClamWin comes in 37th with a 55% detection, which I guess is better than 0%, but still… not good.
What surprised me more was the rest of the list. The Top 10 were:
1. G DATA 2008 version 18.2.7310.844 – 99.05%
2. F-Secure 2008 version 8.00.103 – 98.75%
3. TrustPort version 2.8.0.1835 – 98.06%
4. Kaspersky version 8.0.0.357 – 97.95%
5. eScan version 9.0.742.1 – 97.44%
6. The Shield 2008 – 97.43%
7. AntiVir version 8.1.00.331 Premium – 97.13%
8. Ashampoo version 1.61 – 97.09%
9. Ikarus version 1.0.82 – 96.05%
10. AntiVir version 8.1.00.295 Classic – 95.54%
But, wow, basically what’s the target here? I would say that a 2% miss rate was too high for this problem. Now, most of those I had not heard of, but what really surprised were:
20. McAfee Enterpise version 8.5.0i – 86.57%
23. Norton 2008 – 83.34%
…and Trend, which we use in the office:
33. Trend Micro Antivirus+Antispyware 2008 version 16.10.1079 – 67.28%
…and seeing as Trend have just started nagging me about our yearly subscription being elapsed, goodbye to them. Oddly on our production servers we use Kaspersky, mainly because I found Trend a nightmare to manage and irritating and Kaspersky not so.
The latest Virus.gr tests are here:
http://www.virus.gr/portal/en/content/2008-06%2C-1-21-june. Others can be found from the top navigation. Digging around, Kaspersky has been around the top in previous years.
Makes you think thought, because you assume AV from the big name providers would perform the best…