Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
BSD Operating Systems

FreeBSD Anti-Virus Protection 15

nivals writes: "BSDatwork has a review of the Kaspersky Anti-Virus package for FreeBSD. It seems to be written by an Administrator who was trying to solve the shortcomings of software like Amavis with UVSCAN. It seems to praise the speed of the software but not some of the installation information. A worthwhile read for a commercial alternative to Amavis."
This discussion has been archived. No new comments can be posted.

FreeBSD Anti-Virus Protection

Comments Filter:
  • by Anonymous Coward

    OK, many of you have probably noticed a lot of ascii art flooding this board lately. You're no doubt wondering why CmdrTaco's much encountered "lameness filters" are ineffective against it. To answer that question, I'm going to take you on a Perl journey, deep into slashcode. Think of it as being a bit like "Heart of Darkness", or if you're a typical slashdot pleb, "Apocalypse Now!"

    The first files we'll be looking at are the infamous "bitchslap" and "modslap". I think these are a pretty decent introduction to how Rob's mind works when he's coding angry: Here's bitchslap [slashcode.com] [slashcode.com]. Scroll down to the section labelled "main program logic". BTW. "main program logic" is a ridiculously grandiloquent phrase for what we are seeing here.

    Note how draconian this is. I like to think of this code as a memorial to slashdot-terminal, it's first victim. You can see how Malda deliberately broke his "self-regulating" moderation system, to give the admins of slashdot dictatorial powers. This code allows any admin using it to drop a user's default threshold to -1 instantly, and drop his karma down to a level from which it is unlikely to recover. I've heard that this script has been used on slashdot in a modified form, with the -defaultpoints set to less than -1, completely eliminating a user's post from normal viewing, unless people edit their query string manually.

    On to modslap [slashcode.com] [slashcode.com]. Scroll down to "main program logic" again.

    OK, what you're seeing here is Taco's method of restricting the flow of crack to moderators, to keep them nice and jumpy. If you don't mod the way he likes, you're moderating days are over, and your karma plummets to bitchslap levels. An ugly tool.

    To recap, the man we are dealing with here is obviously an anti-democratic tyrant. Censorship is his weapon, and he is vigilantly watching his censors, to ensure that no freedom is allowed to enter his domain. I believe he also lives in a hut with a man driven crazy by his proximity. The hut is surrounded by skulls on poles, but the skulls face inward. Remember that.

    We're nearing the locus of my investigation now. You've heard the legends, now gaze into the face of comments.pl's so-called "troll detection code!"

    comments.pl [slashcode.com] [slashcode.com]: Scroll down to the section under "here begins the troll detection code".

    You may be wondering why it's such an ungodly piece of crap. I feel that we are seeing evidence of an ingrained unwillingness to think before coding.

    The first few tests are fairly simple, based on regexps and length. They're pretty laughable, from an information theory perspective. If you don't believe me, the parent of this post should supply adequate evidence of what I'm talking about. Language is a complex thing, and a few simple tests are insufficient to distinguish English from ascii art, especially when the ascii artists are willing to take extreme measures to see their work posted. Regular posters do not have the patience for such chicanery.

    The final test is my favourite, though. It begins under the comment ending with this charming sentence: "These ratios are _very_ conservative a comment has to be absolute shit to trip this off". An interesting claim. Considering the number of posts I've tripped this filter on, without doing anything out of the ordinary, I'd say "conservative" means the same thing to Taco as it means to George W. Bush, nb. "nazi". What we are talking about here, is the postercomment compression test. (The horror! The horror!) "postercomment" is just the name of the field your comments are sent in, by the way. It isn't cool top secret slashspeak. It's just a variable name.

    What this does is, it actually compresses you're comment using zlib, then checks the change in size to decide if you are a troll or not! Furthermore, the code comments indicate that if you trip this test, slashcode thinks you are a "luser". Code like this makes it pretty clear that it takes one to know one, Rob!

    As someone who as actually seen Rob Malda use the phrase "it won't scale" to dismiss questions about why parts of the moderation system weren't done in a more equitable fshion, I'd like to take this opportunity to laugh until I give myself a hernia.

    Anyone who has studied information theory knows that the redundancy of english is estimated at about 50%. This value is fairly key in what we are seeing here, it determines a fair estimate of how effective compression of english text can be before we start to lose information. Taco's estimates were based, in his words, on "...testing out several paragraphs of text...". Doesn't sound like a particularly large sample group. What's more, it's indicative of poor software engineering practice. As is the recent bout of outages.

    A few final criticisms. Firstly, there are far better, less memory intensive, and above all, less stupid methods of performing textual analysis than checking it's compression ratio. If Taco had any idea about computer science, he might have investigated a few before making a fool of himself in public like this. It's pretty clear that he's getting more and more frustrated with the situation on slashdot, and doesn't realise that if he ruled with an even hand, rather than a bitchslapping script and an army of trained thought police, the problems would not be so grave.

    Secondly, I thought of a much more effective method of eliminating asci art posts, and it will never cause problems for genuine posters. What's more, it's extremely compact and doesn't even require regexps. I won't reveal it here, as I am not willing to assist in a reign of terror that I find to be reprehensible.

    As further evidence of the lengths Malda and Co. may be willing to go to, you can find a commented out section that enables the deletion of posts and their descendant threads. We have no reason to believe that this will not be employed on slashdot.

    Editorial notes: I don't use Perl and this is really the first time I've examined it closely. It's pretty much convinced me that I'm not missing much. I use real languages such as C and C++ and occasionaly asm to do most of my work, and I, along with 95% of the enterprise world, find Java to be the best solution for web programming. For most scripting tasks, shell script suffices. For more complicated scripting tasks, Python provides a more sensibly designed scripting environment. Additionally, as if to provide further evidence of Malda's incompetence as a programmer, I've hit the junk character post every single time I've previewed this comment, and am now forced to resort to edit it. Regretfully, I have been forced to replace the Perl fragments I was using with hyperlinks. Very unsatisfactory.

  • I have not used Kapersky, but I would swear by Sophos antivirus. It is quite easy to grab up to the minute virus IDE's from their website with fetch running in a cron job.

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...