RE: antivirus for linux

["Rocky Heckman" <rocky.he () g-wizinnovations com>]

Sophos Anti Virus is also a great one to use on almost any platform
including *nix. It does real time scanning including Gateway and email
scanning. It works with MimeSweeper for Span and profanity checking too. 
The system even comes with a callable API so you can write your own
applications that do various virus scanning operations. 

http://www.sophos.com/products/sav/

It's worth a look. It's not too pricey either (comparatively).

RH

-----Original Message-----
From: greg.jensen [mailto:greg.jensen () comcast net] 
Sent: Sunday, 25 July 2004 1:48 PM
To: Wolf, Tomas; Bruno França dos Reis
Cc: security-basics () securityfocus com
Subject: Re: antivirus for linux

I'd add one more to the list.  CA Antivirus for Linux.  We found it to be
the only one with a realtime scanner (seems everyone does scheduled scanning
only), and as we have a policy against using Windows sytems for our Mgmt, we
were able to use an old RedHat system for managing our AV rollout and our
central policy administration.

Absolutely you need to protect it.  Our users are windows desktops, that
access Linux shares, so though most threats won't affect a linux system,
Linux systems can certainly propegate the viruses.  Recent checks with any
of the major vendors will show there are 20-40 (depending upon the vendor)
threats written especially for Linux.

----- Original Message ----- 
From: "Wolf, Tomas" <tomas () skip cz>
To: "Bruno França dos Reis" <brunoreis () terra com br>
Cc: <security-basics () securityfocus com>
Sent: Friday, July 16, 2004 10:40 PM
Subject: Re: antivirus for linux


> Hello,
>
>   I have a good experience with an anti-virus software for Linux and
> Windows platforms. It is Grisoft's AVG 7.0; which is made for several
> purposes (smb servers, desktops, e-mail gateways, etc.).
>   I have also made small test of Sophos, F-Prot, Norton and AVG; I was
> looking at performance / ease of use / readiness out-of-the-box /
> updates / real-time-scan / virus detection. While some were in my test
> (four PCs) once up and once down (Sophos had best detection / worst
> impact on performance) AVG had always steady, good results. It was best
> in default settings, ease of use and had lowest performance impact.
>   My colleague, on the other hand, uses Kaspersky and says that the
> performance impact is minimal and the detection is great.
>
>   The experiments made me realize something... All of them (as
> everything) have their strengths and weaknesses. One has to evaluate the
> trade off.
>
> Best regards,
>   Tomas Wolf
>
> Bruno França dos Reis wrote:
>
> > Hello guys
> >
> > I'm kinda new to linux, and getting more and more worried about
security. I
> > was wondering: is it necessary for me to have an anti-virus application?
If
> > so, is it a "live scanner", like the ones I know for windows?
> >
> > Do you recommend using an anti-virus software? If so, which?
> >
> > Moreover, I have a linux firewall. Is there any way for me to detect
virus
> > activity trying either to break into a computer (like Sasser or others
like
> > it) or to detect incoming mail with virus? Note: my firewall isn't my
mail
> > server. I was wondering if it could sniff connections to pop mail
servers and
> > detect virus code.
> >
> > Thanks in advance.
> >
> > Bruno Reis
>
> --------------------------------------------------------------------------
-
> > Ethical Hacking at the InfoSec Institute. Mention this ad and get $545
off
> > any course! All of our class sizes are guaranteed to be 10 students or
less
> > to facilitate one-on-one interaction with one of our expert instructors.
> > Attend a course taught by an expert instructor with years of
in-the-field
> > pen testing experience in our state of the art hacking lab. Master the
skills
> > of an Ethical Hacker to better assess the security of your organization.
> > Visit us at:
> > http://www.infosecinstitute.com/courses/ethical_hacking_training.html
>
> --------------------------------------------------------------------------
--
> >
>
>
> --------------------------------------------------------------------------
-
> Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
> any course! All of our class sizes are guaranteed to be 10 students or
less
> to facilitate one-on-one interaction with one of our expert instructors.
> Attend a course taught by an expert instructor with years of in-the-field
> pen testing experience in our state of the art hacking lab. Master the
skills
> of an Ethical Hacker to better assess the security of your organization.
> Visit us at:
> http://www.infosecinstitute.com/courses/ethical_hacking_training.html
> --------------------------------------------------------------------------
--
>


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------




---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------