Virus Scan



  • Server
    • FOG Version: 1.3.0 RC-35
    • OS: UBUNTU 16.04
    Client
    • Service Version: 0.11.7
    • OS: Windows 10
    Description

    Virus scanning task not working get the following message:

    mounting clamav - failed
    Unable to mount location (/bin/fog.av)
    Reason: mount: mounting xxx.xxx.xxx.xxx: /opt/fog/clamav on /opt/fog/clamav failed permission denied.

    I did install clamav on ubuntu and working when scanning my server, but would like to find out
    how to fix this to be able to scan clients?

    Thank You
    Albertus Geyser


  • Senior Developer


  • Senior Developer

    https://wiki.fogproject.org/wiki/index.php?title=Clamav

    It’s not fully documented quite yet, but there are ways to get it to work.


  • Senior Developer

    @Albertus I have no problem trying to help you get this to an operational state. I’m just not adding it to the “core” installation.

    If you need AV from FOG it’s still totally possible.



  • @Tom-Elliott

    Thank you for your reply and your support to make FOG the no1 open source cloning project.

    I know its a passion that drives you, because only a passion can help “launch” a project like this.
    I know the project was primarily for cloning large amount of pc’s with the same image, but i use it for more than cloning:
    I use it for full system backups as well where we have laptops going in and out the company day by day and i make backups (images)
    to restore on new laptops if it stolen or for some other unforeseen reasons.
    This project has given me abilities that was not possible before, maybe i do use it mostly what wasn’t main reason for it, but it works.

    Thank You once again

    Albertus Geyser


  • Senior Developer

    I’ve been working to remove AV scanning from the init’s entirely.

    There’s a few reasons for this.

    First, if your client machines are infected with a virus, it’s typically best not to trust that anything within that client is safe (data, pics, music, etc…). Essentially, it’s safer to reimage the device than to perform a quarentine scan with any virus software.

    Second, it’s very time consuming to try to keep up with clamav within the init’s so the init’s are always in an updated state. Seeing as most people stick to the version running (when on stable release of course) for an extended period of time, the only way to have some semblance of safety is to update the signature files regularly (of which are not persisted in the fog client). This basically means every client has to stop, download the latest signature files, apply them, then run through the scan. Of this and it would probably have been faster to have just reimaged the machine.

    Third, keeping the running binaries updated is nearly impossible. It seems once a week or so is a new version of clam which causes the init’s running instance to be “outdated” and throws warnings.

    Fourth, most organizations have their own AV software already with in their images. Relying on this I think is a bit overkill and prevents reporting to your own tool systems.

    If you really MUST use FOG to do AV, you will need to create the folder:

    mkdir /opt/fog/clamav and add the clamav entry to your nfs exports file. Within there you would need to place your signature file(s).


Log in to reply
 

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.