Filesystem+ClamAV

  • ClamFS is a FUSE-based user-space file system for Linux with on-access anti-virus file scanning through clamd daemon. The LRU cache is used to provide fast access to files already scanned when multiple open requests are preformed. ClamFS support three logging methods (stdout, file, and syslog) and sends e-mail notification when virus is found.
  • Avfs
    • Supports: ClamAV
  • Avfs, a true on-access anti-virus file system that incrementally scans files and prevents infected data from being committed to disk. Avfs is a stackable file system and therefore can add virus detection to any other file system: Ext3, NFS, etc. Avfs supports forensic modes that can prevent a virus from reaching the disk or automatically create versions of potentially infected files to allow safe recovery. Avfs can also quarantine infected files on disk and isolate them from user processes.
  • This project provides a kernel module, which provides 3d-party applications an interface for file access control. It was originally developed by H+BEDV Datentechnik GmbH to be used for on-access virus scanning. Other uses include a file-access monitor/logger or external security implementations. It operates by intercepting file-access calls and passing the file information to a 3rd-party application. The 3rd-party application then has the opportunity to tell the kernel module to allow or deny the file-access. The 3rd-party application also receives information about the file, type of access, process id, and user id.
  • samba-vscan provides on-access scanning of Samba shares with ClamAV, FRISK F-Prot Daemon, Kaspersky AntiVirus, OpenAntiVirus.org ScannerDaemon, mks AntiVirus, Sophos Sweep (via Sophie), Symantec AntiVirus Engine (via ICAP), and Trend Micro (via Trophie). It supports Samba 2.2.x/3.0 with working virtual file system (VFS) support.