Presentation is loading. Please wait.

Presentation is loading. Please wait.

Antivirus Fight Club! August LinuxWorld. Before we begin… Please submit any viruses for the test at

Published byRandy Scoggin Modified over 9 years ago

Similar presentations

Presentation on theme: "Antivirus Fight Club! August LinuxWorld. Before we begin… Please submit any viruses for the test at"— Presentation transcript:

1 Antivirus Fight Club! August 8th @ LinuxWorld

2 Before we begin… Please submit any viruses for the test at http://virus.untangle.com/

3 Background - who we are Untangle provides an open source network gateway platform. We are not an antivirus company We are not a testing company

4 Background - why we are doing this 2005: Untangle researches antivirus to add to the network gateway platform after testing we choose clam (open source) and one other vendor 2006: Untangle seeks Testing Labs for certification (stickers!) 2006: Testing Lab refused to test AV product, because use of open source won’t tell us why won’t provide test results won’t provide test set Something fishy is going on here…

5 What is the AV FightClub? A simple test of real-world anti-virus detection by different AV engines What AV FightClub is not: Zero-day test Functionality comparison Not coverage testing Open - for samples & participation & discussion Transparent - simple, verify & run at home Two important things!

6 The Test Small Set of test viruses (eicar) Set of ‘in-the-wild’ viruses Set of user-submitted viruses (minus non-viruses, not ‘in-the-wild’ viruses, and phish) Each vendor is subjected to: Scored by % of viruses identified and performance if applicable All vendors should catch all these viruses

7 The Vendors Engines with linux support (clam, kasperskey, fprot, sophos, globalhauri) Gateway Appliances (sonicwall, fortinet, watchguard) Windows solutions (norton/symance, mcafee) Vendors

8 Questions? predictions?

9 Lets get started zip up the test set for windows tests deposit on web server for gateway appliance tests

10 F-Prot Vendor Version4.6.8 Updated2007-08-08 MethodLinux Client

11 Sophos Vendor Version4.20.0 Updated2007-08-08 MethodLinux Client

12 GlobalHauri Vendor VersionSDK 4.0. engine 2007-08-07 Updated2007-08-08 MethodLinux Client

13 Kasperksy Vendor VersionKav4fs 5.5.27 Updated2007-08-08 MethodLinux Client

14 Norton/Symantec Vendor VersionNorton Antivirus 2007 Updated2007-08-08 MethodWindows Client

15 McAfee Vendor Version7.2.147 Updated2007-08-08 MethodWindows Client

16 Sonicwall Vendor VersionSonicwall 1260 (3.2.0.5-54e) Updated2007-08-08 MethodGateway Appliance

17 Fortinet Vendor VersionFortinet 50A (2.8.0-520) Updated2007-08-08 MethodGateway Appliance

18 Watchguard Vendor VersionWatchguard x20e (8.5.1-8138) Updated2007-08-08 MethodGateway Appliance

19 Clam Vendor Version0.91-1-1ubuntu3 Updated2007-08-08 MethodLinux Client

20 Results

21 Results 2

22 Conclusions Open Source solution (Clam) doesn’t suck. In fact, its excellent! Many vendors are poor. Some are selling dead donkeys! outstanding questions conclusions Why hasn’t this been pointed out? Is there something wrong with the way we test antivirus today?

23 Thanks for coming! Dirk Morris dmorris@untangle.com Remember Contact Don’t believe me? Try this at home. The test set will be available on http://virus.untangle.comhttp://virus.untangle.com (password on zip file is “a”)

Download ppt "Antivirus Fight Club! August LinuxWorld. Before we begin… Please submit any viruses for the test at"

Similar presentations

Setting up a Gmail Account & Safety

Setting up a Gmail Account & Safety
Solutions for businesses. Keep It Secure Contents Protection objectives Network secured Supplementary products Unique.

Solutions for businesses. Keep It Secure Contents Protection objectives Network secured Supplementary products Unique.
This is you and you have something important to say! Hello!

This is you and you have something important to say! Hello!
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey

©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
Introduction to Physics IT Support. To learn about IT Support available with the Department of Physics, and across the University. To find out a little.

Introduction to Physics IT Support. To learn about IT Support available with the Department of Physics, and across the University. To find out a little.
SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast Allows both users to get jobs done, and also allows system administrators to sleep.

SSH SSH is “Secure SHell” Secure, compressed, widely supported, fast Allows both users to get jobs done, and also allows system administrators to sleep.
Glenvar Community Action Team. Who Are We and What Do We Do?  Community members (primarily students)  Help teens make good choices  Work to education.

Glenvar Community Action Team. Who Are We and What Do We Do?  Community members (primarily students)  Help teens make good choices  Work to education.
Grass Valley Learning Center www.GVLearningCenter.com Surf the Net Safely Roger Thornburn.

Grass Valley Learning Center Surf the Net Safely Roger Thornburn.
Division to decimal points. We will use the example below. It works out neatly to one decimal place 37 ÷ 8.

Division to decimal points. We will use the example below. It works out neatly to one decimal place 37 ÷ 8.
Print and Copy Management

Print and Copy Management
One day at a shop €300€250€150€5 €300€250€150€5.

One day at a shop €300€250€150€5 €300€250€150€5.
‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, 2012 1 Industry and the fight against cybercrime.

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.
CONDITIONAL SENTENCES: FIRST CONDITIONAL. Conditional Sentences.

CONDITIONAL SENTENCES: FIRST CONDITIONAL. Conditional Sentences.
Computer Security: Myths and Mistakes

Computer Security: Myths and Mistakes
Www.planet.com.tw Technical Guide For Mesh AP – MAP-3120 What’s the difference between Mesh Bridge and AP WDS Bridge?

Technical Guide For Mesh AP – MAP-3120 What’s the difference between Mesh Bridge and AP WDS Bridge?
Chapter 7 Operating Systems and Utility Programs.

Chapter 7 Operating Systems and Utility Programs.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
Starting up a Security Class for Students Created by: Beth Byrnes Larry James Zac Reimer For Information Services University of Nebraska-Lincoln.

Starting up a Security Class for Students Created by: Beth Byrnes Larry James Zac Reimer For Information Services University of Nebraska-Lincoln.
©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.

©2005 Check Point Software Technologies Ltd. Proprietary & Confidential Check Point Software SSL VPN Solutions Technical Overview Thorsten Schuberth Technical.
3 3 3 CHAPTER System Software. 3 © The McGraw-Hill Companies, Inc. 2002 Objectives System software Programs, Functions, Categories Utilities Device drivers.

3 3 3 CHAPTER System Software. 3 © The McGraw-Hill Companies, Inc Objectives System software Programs, Functions, Categories Utilities Device drivers.

Similar presentations

Ads by Google