Current mood: running and hiding from our IT admin.

I know he wants me to install Nod32 on my workstation! A Linux workstation!

I thought an IT admin is like a horror movie villan. There is no escape! He will track you down and he'll do what he ought to do.

My bet is that the your IT admin will be first like "wtf is this system, it's for kids"

and then he'll be like "Oh but i can installt hsi with 'wine' or something'...

You'll soon get a frankenstein of a machine.

@NeatNerdPrime Nopes, he's actually good in all this :)

It's more of a company compliance matter.

@heyheni it's a good thing I can WFH for a while!

What If I installed it in a Docker container..... It would check in and I could limit its resources' utilisation easily! And it would be running in my workstation, i.e. compliant to company's rules!

That's prolly not that bad of an idea!

Sounds fun 👍

@netikras that sounds....horribly overcomplicated.

Is clamav/clamTk not an option? If you have freshclam setup properly it should be sufficient for your cause.

Also i personally recommend using "clamfs" which is a fuse filesystem that you can set up on top of e.g. your downloads directory, so it scans files in that mountpoint directly.

Word of caution though, last i checked clamfs was not actively maintained.

nevermind, it's active: https://github.com/burghardt/clamfs

@NeatNerdPrime company policy says Node :/

@netikras urgh.... oh well it seems a native linux client is available so, better just do that?

My employer really wanted me to install Facebook's OSQuery. I had no idea what it was at first, so I agreed. I disabled it as soon as I realized.

Now, they install it by default on all employees' new lappies, so when I got an upgrade, the first thing I do was kill it.

Surprisingly, the security team hasn't complained.

@Root haven't heard of it. As it's claimed to be oss I assume anyone can set up their own system? So what are the concerns?

@netikras Their rule sets. They monitor quite a bit, and it slows down my system from time to time. But mostly I just find the idea of my activity being monitored disquieting.

haha, their selfjerk marketing is funny. from their website:
"award winning antivirus for linux"
"legendary antivirus for linux"
"Our legendary ESET NOD32® technology shields your Linux system"

"Enjoy a safer, faster Linux experience" bitch, this is fast enough, an antivirus will definitely not make it faster!

Usually when something like this happens, I'll take @Root, kill it, and add some Cron jobs to kill the offending process, and start another with the same name in it's place.

The reason I started doing the last bit was a former employer had set up their vpn and access security to require the presence of a Java applet that scanned process names to ensure the "security policy" was being enforced. Nothing says security like process name verification amirite :B

@SortOfTested wtf :D :D were you assumed to be muggles or what..?

@netikras
Hey, if they're going to underestimate me, they can do so at their own peril 🚬

Nod32 on Linux is okay-ish. It mostly just scans new drives and the files you tell it to, so you can make fun of all the "experts" in your office telling them what kind of malware there was in their stupid password protected archive attachments. I don't have it scan my inbox by default as the mail server already does it but whenever I get a password protected attachment from a Windows user and scan it Nod finds something 80% of the time. Also it doesn't take up resources when it doesn't actively scan something and I never cough it connecting to anything else but our update mirror.