Security Basics mailing list archives

Re: antivirus for linux

From: Mircea MITU <mmitu () bitdefender com>
Date: Fri, 18 Jun 2004 12:52:36 +0300

On Tue, 2004-06-15 at 20:24 -0300, Bruno França dos Reis wrote:

Hello guys

I'm kinda new to linux, and getting more and more worried about security. I 
was wondering: is it necessary for me to have an anti-virus application? If 
so, is it a "live scanner", like the ones I know for windows?



Usually you need a linux antivirus to filter and protect windows
workstations from the network. This means a gateway antivirus, like a
mail-server filter, file server antivirus (for samba) or other proxies.

A good linux antivirus includes a command-line scanner which can be
ordered or scheduled to scan the filesystem or remote mount points
(Samba, NFS, FTP, etc).

To protect only your Linux systems, you need a regular Linux Antivirus,
IDS/IPS solutions and a good firewall policy. Additional tools like
chkrootkit also may help you.

Do you recommend using an anti-virus software? If so, which?



Humm, try freshmeat and google:
http://freshmeat.net/search/?q=linux+antivirus
http://www.google.com/search?q=samba+antivirus

Moreover, I have a linux firewall. Is there any way for me to detect virus 
activity trying either to break into a computer (like Sasser or others like 
it) or to detect incoming mail with virus? Note: my firewall isn't my mail 
server. I was wondering if it could sniff connections to pop mail servers and 
detect virus code.



Yes, you can have some antivirus proxies (SMTP/POP3/etc) which can scan
the traffic for viruses and malware. Also you can implement IDS/IPS
solutions.

Thanks in advance.

Bruno Reis


Regards,

-- 
Mircea MITU
BitDefender - Secure your every bit
Linux Security Solutions - http://linux.bitdefender.com
PGP Key ID - 79665DEF



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

antivirus for linux Bruno França dos Reis (Jun 16)
- Re: antivirus for linux Glenn_Valenta (Jun 18)
- Re: antivirus for linux Mircea MITU (Jun 18)
- RE: antivirus for linux Jason Jaszewski (Jun 18)
- Re: antivirus for linux backup (Jun 21)
- Re: antivirus for linux Ansgar -59cobalt- Wiechers (Jun 21)
- <Possible follow-ups>
- Re: antivirus for linux Iain Thomson (Jun 17)
  - Re: antivirus for linux Derek Schaible (Jun 18)
  - Re: antivirus for linux Ranjeet Shetye (Jun 19)
- Re: Antivirus for Linux Robert McIntyre (Jun 18)
  - Re: Antivirus for Linux Ho Chaw Ming (Jun 21)
- RE: antivirus for linux Harshal Dedhia (Jun 18)
  - Re: antivirus for linux Larry Mitchell (Jun 21)

(Thread continues...)