Re: NOD32 on Linux

To: debian-user@lists.debian.org
Subject: Re: NOD32 on Linux
From: Gilbert Sullivan <whirlygig@comcast.net>
Date: Sun, 23 Jan 2011 10:55:22 -0500
Message-id: <[🔎] 4D3C4F6A.5010204@comcast.net>
In-reply-to: <[🔎] 12db2852884.958758265238214276.-5424437635324940553@zoho.com>
References: <[🔎] 12db2852884.958758265238214276.-5424437635324940553@zoho.com>

On 01/23/2011 05:57 AM, kellyremo wrote:

Anyone using it?

http://beta.eset.com/linux

What are the experiences? Does it slows down the pc? Do we need it?

Disclaimer: My experience with NOD32 is all on the Windows side, and itended around two years ago. The sad story below is only my own story,but I can honestly testify that it wasn't an unusual one among corporateNOD32 users at one point in time. I very much hope that ESET has putthat part of its history well behind it by now.

I can tell you that version 2.7 (2.732, if memory serves) was a light,effective anti-malware solution for Windows. It was the only suchsoftware that I ever found that I could run on the heavily laden Windowsapplication and file servers at work without causing severe performanceissues. (Symantec AV and others I tested even caused spontaneousrebooting of some types of servers which were, admittedly, runninghorrendously bad software.)

Then ESET "improved" NOD32 -- first with version 3, and then withversion 4. Both versions (I imagine much earlier builds than the one youare considering) were a gigantic step backward, as far as my servers andI were concerned. These versions were beset with ridiculous bugs andcaused huge performance penalties (not as bad as SAV or McAfee, butstill...). I felt that ESET were essentially marketing software in itsalpha (no, not even beta) stage of development.

I stuck with version 2.7xx for a couple of years, but come budget timeone day we decided to ditch it, since ESET would NOT guarantee continuedsupport for the old version for any specified length of time.

Versions 3 and 4 of NOD32 were total rewrites of the software from 2.732and constituted a complete change in the way the software examinedprocesses in memory. And by the time I finished configuring all of the"special" file system locations their support people told me to exemptfrom scanning, I might as well not have been running the software atall. Even after extreme special configuration effort versions 3 and 4were still causing performance bottlenecks due to myriad file handlesissues on the servers. Workstations running version 4 were okay, but notas "happy" as they had been with the 2.7xx version.

Furthermore, the way the user interface was implemented on these laterversions showed either ignorance of, or a disregard for, the waysecurity works (such as it is) for Windows user accounts (XP, Vista).

NOD32 used to be light and iron-stove reliable. The last I saw of it --which I admit was quite a while ago -- the new versions were anything but.

And their user support model was ludicrous -- a user forum, withmoderators from their support group -- was about all that was availablefrom the central part of the company. Unfortunately, the VAR I usedwasn't any better, and was harder to reach.

What started out for me as a few years (3, I think) of extraordinarilygood experiences with ESET, turned into one of the biggerdisappointments I've had with a software company in almost 40 years ofcomputing experience.

I hope, for their and their customers' sakes, I was just seeing them inthe throes of corporate expansion difficulties. But it really wasn'tlooking good. They were one of the more important of several majorreasons (besides Windows itself) why I finally threw up my hands inhorror and walked away from Windows.

Whether or not you need something like NOD32 -- or any anti-virus /anti-malware at all -- under GNU/Linux would depend largely upon the useof the system, particularly with respect to whether or not it has tohandle a lot of mail / files / network traffic for Windows systems. Icouldn't be much help in assessing that since I'm not troubling myselfwith Windows very much these days. I limit myself to not allowing my fewWindows users to transfer executables or image files onto Windowssystems from anywhere other than a vetted source, and totallyprohibiting Internet contact of any kind for Windows production systems,with the exception of plain text e-mail. That's not a practical approachfor many companies, but it happens to work beautifully for this place.

Anti-virus probably isn't usually very high as a priority for mostGNU/Linux systems, except in certain cases, though there are certainlyother precautions that a prudent user of such a system should use.


Good luck!

Regards,
Gilbert

Reply to:

References:
- NOD32 on Linux
  - From: kellyremo <kellyremo@zoho.com>

Prev by Date: Problem with Realtek's driver r8168
Next by Date: Re: a problem on crontab time format
Previous by thread: NOD32 on Linux
Next by thread: [OT] AV engines (was: NOD32 on Linux)
Index(es):
- Date
- Thread