cav-linux/database/ linux & windows viruses

On linux, is the cav database identical to the windows platform (hence being only against windows viruses…) or is it enriched with fresh and common linux viruses currently in the wild??? :P0l

I don’t know the definitive answer, but I suspect they are both the same database.

That doesn’t mean there is no protection against Linux specific malware though. If you search Virustotal for Linux malware in general, or specific instances such as Hanthie or Snakso you will see that Comodo, and most other AVs, do detect them.

Also, there is cross platform (eg browser, flash) malware to consider.

Having said that, I stopped using CAVL when it became clear it wasn’t being updated to cope with kernel changes - which in turn is apparently because it depends on an unmaintained open source package. So how do we know that there are not unfixed vulnerabilities in the unmaintained redirect driver package?

Given that CAVL runs as Root, any unpatched vulnerabilities within it could have significant consequences if exploited.

When the kernel is updated, the CAVL driver is not loaded (X in red flag). It tells me a manual procedure to load it automatically again (Green flag). That’s everytime the linux generics are updated!.. :wink: