Tomato and Viruses...

Discussion in 'Tomato Firmware' started by digitalgeek, Nov 1, 2007.

  1. digitalgeek

    digitalgeek Network Guru Member

    Has anybody tried to include an anti-virus in the Linksys firmware? that dat file could be located on CIFS...

    any of you guru's out there wanna try it?
  2. acidmelt

    acidmelt LI Guru Member

    Why would anyone want to do that? its not like you could identify potential viruses by inspecting incoming packets.. also, i doubt any available antivirus could be compiled to the mips architecture.
  3. pharma

    pharma Network Guru Member

    Not to mention updates ... where are you going to get virus signature updates from? Attempt to use another $ virus software's signatures -- might get involved in copyright infrigments ....

  4. jon124

    jon124 LI Guru Member

    not to mention how much it would slow things down
  5. Macskeeball

    Macskeeball LI Guru Member

    ClamAV, but I agree that this would slow things down. These routers have very limited hardware. Not a good idea.
  6. houman

    houman LI Guru Member

    For lightweight AV (On PC's), I'd recommend Nod32 or Kaspersky, can't go wrong with any of them ... personally I use the latter.
  7. digitalgeek

    digitalgeek Network Guru Member

  8. mraneri

    mraneri Network Guru Member

    What exactly are you worried about? Are you worried about tomato letting a virus through to your Windows PC? or are you worried about tomato itself picking up a virus?

    If it's the former, No way, any kind of packet sniffing virus scanner on the router could be effective. Just think, if you have an encrypted connection to your mail server, tomato has no way to even see what's in the e-mail. How could tomato block it?

    If you're worried about tomato picking up a virus, Tomato doesn't really do anything that is a virus risk. Tomato is not surfing the web. Tomato isn't running Java or Javascript, Tomato isn't receiving e-mail.

    It just doesn't make sense for a router to have traditional antivirus software. It certainly could never replace a full-featured Virus scanner on each of your PC's...
  9. Maggard

    Maggard LI Guru Member

    I'll add to the issue that routers don't 'understand' the higher level structures they're, er, routing. For instance identifying the 7 bit uuencoded MIME attachments in an email file, or the set of bits that represent an executable file in a CIFS connection.

    Could a tool be developed to do this? Sure. Dedicated hardware/software toolsets are commercially available. But they're a very different beast then our hopped-up SOHO network routers.

    Instead look into something like Smoothwall or Monowall or whatever (I'm not up to date on that area.) A junker PC with a CPU much more powerful then our little MIPS chips, and order of magnitude more RAM, not to mention drives, and use that as a a full-featured IDS/Cache/Proxy/Scanner/Peeler/Shredder/Julienne device.
  10. digitalgeek

    digitalgeek Network Guru Member

    Check out and there are completely free and completely functional versions of both of these products...

    you are right that encrypted packets cannot be scanned, but they can't be infected either.

    but to reduce spam, spyware and most viruses/trojans before they even hit your PC is an awesome idea... but you guys are correct that these device probably can't handle the overhead.
  11. mraneri

    mraneri Network Guru Member

    Not true. I don't get ANY e-mail through an unencrypted connection. Many e-mail servers support secure connections. Of course, someone can send you a virus to your e-mail address, and it can be transferred from the e-mail server through your router to your PC. Your router will probably not even know it's e-mail traffic, much less a virus.

    It may (or may not) be true that secure packets can't be tampered with along the way, but it doesn't mean that the source of the packet isn't sending you viral material.

    You can torrent through encrypted connections. surely, if you're torrenting anything, you should be running virus software...
  12. FRiC

    FRiC LI Guru Member has clamav and dansguardian built in, but only runs on the SL and ASUS with increased flash and USB.
  13. Macskeeball

    Macskeeball LI Guru Member

    Torrenting does not necessarily equal pirating. I use it for downloading Linux distros and the occasional video podcast. This way, I save the content provider bandwidth costs and often get additional speed (give and take vs. just take). Granted, I am probably an exception, but I don't like your use of the word "anything" in the above quote.
  14. mraneri

    mraneri Network Guru Member

    Of course you're right. My point was that you can download virtually anything you like, via a number of means, using encrypted connections, and those downloads have the propensity to contain harmful material which can be detected by PC based virus software, but not via any software on any router.

  15. digitalgeek

    digitalgeek Network Guru Member

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice