Топ-5 Open Source антивирусов

Во время работы на компьютере пользователь может обнаружить множество ошибок и всплывающих окон, которые мешают работать и отвлекают от важных дел. Вредоносные уведомления отправляются с помощью мошеннических каналов, нежелательные всплывающие окна перенаправляют человека на поддельные адреса сайтов, после чего система автоматически перестает работать.

Это может произойти с каждым пользователем ПК, у которого нет установленного средства антивирусной защиты на компьютере. Антивирус помогает обезопасить компьютер и не дает вредоносным программам и атакам воздействовать на систему. Он также обеспечивает эффективную работу устройства и защищает личную информацию пользователя. Кроме того, средство защиты от вредоносного ПО скрывает онлайн-данные от возможных киберугроз и контролирует межсетевой экран компьютера.

На рынке представлены различные антивирусы, доступные как бесплатно, так и по платной подписке. Но не все могут позволить себе премиальные инструменты, которые иногда стоят немало. Всегда будет кстати иметь про запас бесплатный Open Source антивирус, потому что это единственный способ безопасно подключиться к интернету и защитить свои данные от кибератак.

1. OpenAntiVirus Project

OpenAntiVirus Project – это один из самых популярных Open Source антивирусов, который включает в себя VirusHammer для целевого сканирования, которое может быть запущено пользователем. Кроме того, он позволяет молодым разработчикам участвовать в нескольких доступных проектах и вносить свой вклад в развитие программы, а также предлагать изменения для улучшения программного обеспечения.

Это средство антивирусной защиты обеспечивает разработчикам большую надежность, масштабируемость и эффективность. Такие функции, как Scanner Daemon, Squid vscan, Рattern finder, защищают компьютер и персональные данные пользователя. Многие разработчики работают над одним и тем же проектом, связанным с компьютерной безопасностью.

2. Armadito Antivirus

Armadito – это еще один Open Source антивирус для ПК и серверов. Он доступен как для Windows, так и для Linux, и состоит из веб-консоли центрального администрирования. Кроме того, антивирус имеет эвристическую архитектуру, которая позволяет ему легко интегрироваться с новыми алгоритмами и сосредоточиться на методах защиты от вредоносных программ.

Кроме того, он обеспечивает всестороннюю безопасность и конфиденциальность за счет механизма ClamAV. Armadito имеет удобный интерфейс, который работает быстро и эффективно, а также прост в использовании. С Armadito интеграция стала достаточно простой, поскольку он работает на основе решения GLPI (Open Source IT and Asset Management System).

Кроме того, любой желающий может внести свой вклад в развитие Armadito и совершенствования IТ-компетенций.

3. ClamAV Open Source

Другой известный Open Source антивирус – ClamAV. Он помогает обнаружить вредоносные программ, вирусы и любые другие атаки. Кроме того, средство антивирусной защиты также рассматривается как инструмент для программного обеспечения для сканирования почтового шлюза.

ClamAV обеспечивает более высокую производительность с помощью многопоточного сканера и утилит командной строки для сканирования файлов по требованию и включенного автоматического обновления. Будучи программой Open Source, ClamAV достаточно универсальна и поддерживает несколько форматов файлов и различных языков программирования.

4. ClamWin Open Source

ClamWin – это бесплатная Open Source антивирусная программа для Windows, применяемая во всем мире. Она помогает обнаружить самые распространённые вирусы, шпионские и вредоносные программы. Кроме того, ClamWin идет вместе с планировщиком сканирования и автоматическим обновлением для поддержания актуальности программного обеспечения. Дело в том, что ClamWin основан на движке ClamAV и использует GNU (General Public License).

Программа также обеспечивает интеграцию меню правой кнопки мыши в проводник Microsoft Windows и предлагает надстройку Microsoft Outlook для автоматического удаления зараженных вирусом файлов.

5. Moon Secure Antivirus

Moon Secure Antivirus – это бесплатное, простое и масштабируемое средство антивирусной защиты компьютера от вредоносных программ и других угроз. Кроме того, это единственное Open Source программное обеспечение корпоративного класса. Как и Armadito Antivirus, оно также использует движок ClamAV для обнаружения вирусов, троянов, шпионских программ.

Moon Secure Antivirus включает в себя такие функции, как защита в реальном времени, автоматическое обновление, низкое использование ресурсов, а также способно защитить любое стороннее приложение. Есть различные корпоративные продукты, среди которых MoonVAS (Moon Secure Vulnerability Scanner appliance) и Moon Secure Mobilizer.

Автор переведенной статьи : Chirag Manghnan

Spyware open source windows

Writing Spyware Made Easy

Recently, I saw a forum post about how the startup KITE added spyware “telemetry tracking” to an open source project. I thought it was interesting to see how shocked people were that a software package was spying on them. It made me realize I, and others, trust software extensions far too much. Over trusting extensions is dangerous, it’s simple to write spyware into them. To show how simple, we are going to walk through all the steps of adding very simplistic, but powerful, spyware into a Google Chrome extension. We will write both the spyware client and the server to receive data.

The first step in making spyware is creating a client. We are going to create a simple Chrome Extension that is a button to open up Netflix in a new tab. Then add spyware that records every keystroke in the browser and then sends it to a server.

The first thing we need to create for our new Chrome app is a manifest.json file. The manifest file is the configuration file for Chrome Extensions. We are going to start by setting the manifest_version to 2 (It always has to be 2 ), then adding the extensions name , description , version , homepage_url , icons which are self-describing fields, so we won’t go into those. However, the browser_action , background , permissions , and content_scripts fields require some explanation.

• browser_action lists the properties of the button located in extension bar in Chrome.
• background defines a script that is triggered when a user clicks our button in the extension bar. This script runs in an isolated sandbox and cannot directly look at information from a websites users visit. We use the background script to open up a new tab with Netflix. persistent: false let the script be unloaded by Chrome when it is not in use, which frees up memory and other system resources.
• permissions give the ability to create and manage tabs and use Chrome’s extension storage . We use tabs to create the new Netflix tab and storage to create a buffer for users keystrokes.
• content_scripts defines a JavaScript file that is injected into every single HTML page that a user visits. We set the script to the keystroke spyware, spy.js .

As was mentioned above, background.js is where the legitimate part of our extension lives. We want our extension to open up Netflix when a user clicks the icon, so we need an event listener that creates a new tab. The code is straightforward and only ends up being 2 lines.

We now have a fully functioning extension (without spyware) ready to put on the internet.

We are going to start by creating an event listener for when a user types. Javascript has three event listeners for when a user interacts with their keyboard; onkeydown , onkeyup , and onkeypress . There is a more formal definition of the difference on Stack Overflow, but I’ll try to summarize a more practical version.

• onkeydown gets almost every keystroke, every non-input keys such as shift , alt , control . However, onkeydown can not tell the case of the keystroke. It is triggered when the key is first pressed down. It also catches multiple keystrokes if a user holds down the key.
• onkeyup also gets almost every keystroke including non-input keys and also cannot detect the case of the keystrokes. The only practical difference from onkeydown is that it triggered once the key is released, so it does not catch keystrokes caused by holding down a key.
• onkeypress triggers when the key is pressed down, just like onkeydown . Like onkeyup , it does not detect when a user holds down a key. It is the only event that can detect the case of keystroke, but it is the only event that cannot detect button presses that are non-input.

We are creating our extension to be simple but effective as possible. Because character case is more valuable for our spyware than non-input keystrokes, we start our keylogger by using onkeypress . We are going to set the event to trigger an anonymous function, then log the key.

Now that the extension is “logging” all of a users keystroke on every page, it needs to send the keys to a remote server. We can do this by making a simple post request with a few lines of JavaScript to a server.

We could stop there, the extension would send every keystroke any user of our extension made, but we can make a few changes that make it much more effective and efficient. We want to be able to tell the difference between each user that uses the extension, so we generate an (almost always) unique id for each one. We can use window.crypto to generate a random string and put it into an int8 array that has 32 elements. Then convert the random array to a hexadecimal string.

We want to be able to generate this token once and then store it so we can keep track of a user over time. To do this, the chrome.storage API is needed. We can use the API to save an ID for every computer which our extension is on. We are first going to check if we have an ID already stored, creating one if we do not.

Now that we have a way to generate new Ids for all browsers using the extension, we need to start sending those Ids to the server. This will only require a few small changes.

We are going to make one final addition to our spyware, a buffer. A request every keystroke is a little unnecessary considering most people type at least 40 WPM. We already have set up a way to store things in Chrome, which will make a great place for us to store keystroke to be sent in groups. So we are going to add a simple buffer that only sends a request to our server every 20 keystrokes and store keystrokes in Chrome until 20 are queued.

Now we have a fulling functioning chrome extension that sends users to Netflix when they click a button and sends a server all the user’s keystrokes inside of Netflix, along with other websites they visit.

I used Photoshop to generate the icons used in the extension. View the icons, along with the rest of the code, in the current repo.

Now that we have a fully functioning client sending data to a random server, we need to create a server. We are going to be creating a straightforward server in Go that parses our request and inserts the id and character list into a database. First, install Go, go-pg/pg, and PostgreSQL. Next, we write a single HTTP Handler that parses the input that we defined in the Client. Since the Client does not care about a response, we won’t bother returning one.

Now that we have our data, we want to start sending it to the PostgreSQL database. We are going to be using the go-pg/pg ORM package to connect to our database. To configure our database variables, we are going to use an environment variable.

go-pg/pg doesn’t have a built in function to handle database strings, so we need to write our own. The function gets environment variable, parse the database string, connect to the database, and return the connection.

Since go-pg/pg is an ORM, we want to create an object to represent each set of data we get from a client.

The final thing we need to do is add the data to our database. Since we are using an ORM, it is only a few lines of code. One of the last important things is to make the database connection global so that there is only one connection. Then we put all out parts together to get our full server.

Now we have a fully functioning server to receive and store all the keystrokes that clients send. We need to create a SQL database that matches, which should be very easy since we only have one table events .

After we get the database set up, we are done! We can now run our server locally or upload it to Heroku without any trouble.

There we have it, a client and server for our custom spyware. Even though we have a new extension ready for upload the Chrome Extension Store, uploading it would violate the terms of service. While I chose to focus on writing spyware for a Google Chrome Extension, the ease of which we wrote it is not exclusive to Chrome Extensions. It would be equally as easy to write spyware into extensions of almost every modern day program.

If you see any errors, please make a pull request or let me know on twitter, I would love to fix them!

About

Writing Spyware Made Easy — POC spyware Chrome Extension/Server

11 Best Free Spyware Removal Tools

Here are the best anti-spyware software programs out there today

Spyware is a form of malware that tries to steal information from you without you knowing or approving. It could be disguised as legitimate software or work behind the scenes to do things like track web browsing data or monitor keystrokes to collect passwords.

You might have a spyware infection if your computer’s performance has recently started to suffer, and especially if strange pop-ups are showing up, websites are redirecting to places you don’t want to go, email contacts are getting odd spam messages that appear to be from you, or you’re a victim of identity theft.

Below are several free anti-spyware tools that can scan your hard drive, flash drive, external hard drive, etc. to remove spyware. Some of them only work when you manually start the scan but others will monitor your computer all the time to make sure spyware can’t modify your computer or monitor your information.

All the programs mentioned below are known to scan for spyware but they might not scan for other things like viruses. Other scanners remove some kinds of malware but not spyware, so we’ve omitted those from this list.

Spyware is often bundled with a normal program’s installer. See How to Safely Download & Install Software for some tips on avoiding spyware in the first place.

SUPERAntiSpyware

Lots of scan options

Scans can run quickly by using more processor power

You can scan anywhere you want, including the system memory

Works from Explorer to scan any folder/file at any time

Doesn’t update automatically

Can’t schedule scans to run automatically

SUPERAntiSpyware should be your very first pick if you want to get rid spyware that’s already on your computer. It updates often, installs and scans quickly, and gives you complete control over what gets scanned.

It’s able to check inside ZIP files, skip unknown file types (for a quicker scan), ignore files bigger than 4 MB, and skip over non-executable files (so that only EXEs and similar file types are scanned).

What really makes SUPERAntiSpyware stand out among the others in this list is that it can also be set up to only scan files that have been changed within the last so-many days (1 day, 5 days, etc.), ignore System Restore and Volume Information data, use more of the CPU for a faster scan (called Scan Boost), and even scan the files that shortcuts point to.

SUPERAntiSpyware can scan the whole computer or just parts of it where spyware normally exists. You can also run a Critical Point Scan to delete spyware that’s currently running in memory or use the Custom Scan option to pick what gets scanned and where to check (flash drives, internal/external hard drives, select folders, etc.).

This anti-spyware tool can also delete temporary Windows files before the scan is started, exclude folders from scans, scan from the right-click context menu, and close down any open web browsers before scanning.

The freeware version is 100 percent free but you do have to manually run scans and definition updates (they don’t happen automatically). However, these limitations are lifted with the professional version.

SUPERAntiSpyware works with Windows XP and newer versions of Windows.

If you want to try the professional edition, you can enable the trial during installation of the free version.