Viruses are a problem of the Windows world. There aren't many viruses for Linux systems. I've never seen one or heard of anybody being infected by one. As Linux grows more popular, this may change unfortunately. But for now, I wouldn't even bother with any AV software on Linux.
Ouch!
I "in part" agree with fluid11, and that is that in general viri are aimed at the Win32 world but that is no reason to become complacent.
I have been running file system AV in my servers now for 4+ years and never trapped anything BUT in the case of my mail servers I can quarantine anything up to 5-6 infected mails per week and I'm only a very very small VISP.
Plus in conjunction with mail AV you can activate something like Sophos to protect your clients from SPAM .... Opps can't say that word that upsets "Fray Bentos" .. unsolicited mail.
Never assume anything, and protect against everything!
IMO, the only time you need AV software on Linux is if your scanning for Windows virii for Windows clients. For example, if your running a Samba server that Windows clients use as a file server, then it would be a good idea to have AV running on the Linux server scanning for Windows virii. The same goes if your running a mail server. As far as virus scanning for Linux machines, I wouldn't even bother because they're almost non-existent.
To add to the open source antivirus list, I've been running messagewall on my servers. It listens on the SMTP port and rejects infected mail before it hits my MDA... helpful given that most of my lusers are running windows.
It can be a bit tricky to install, but the end results are worth it:
What happens if you're running a Pop3 or Imap server that Microsoft mail clients access?
I think it's a gross oversight to make that statement about not needing to scan Linux hosts.
I haven't seen a true virus to date "infect" a Linux machine. I have, however, seen many a virus come through a Linux machine without affecting it, but infect every Windows machine accessing that Linux box...and not just with Samba shares.
This issue has been covered recently in this forum and I will reiterate basically what bwilliam13 is saying:
If you are providing a service (gateway) through a Linux server then you "should" be offering some form of protection to your users/client machines.
I'm still not convinced. In Windows, when a new virus is introduced, you *need* a virus scanner with updated virus definitions in order to protect yourself from the virus. In Linux, in the rare occasion that a virus is introduced, you have to upgrade a piece of software in order to protect yourself. This is something that you should be doing anyway, as security updates are always being released.
Newposter, your list of 27 viruses dates back to 1998 (or earlier). 27 viruses in 5 years, with a good amount of those viruses being completely harmless, I'm not worried. If your machine actually got infected by any of those viruses, excluding maybe 5 of them, you deserve it and shouldn't be a Linux admin.
bwilliam, why don't you read my post again. I specifically said that you *should* run a Windows virus scanner on a mail or file server if you have Windows clients.
The Slapper worm, which infected an older version of OpenSSL, is the only Linux virus that infected machines on a widescale basis. A virus scanner wouldn't have done anything to stop it when it first came out. The scanner would stop it now, but if your running an old version of OpenSSL, then you probably deserve to be infected.
I've spoken with many Linux admins who manage large Linux networks and not one person has ever been infected with a virus or uses any kind of Linux virus scanners.
On top of all that, in order for a Linux virus do to any damage, the virus would have to attain root privs. A lot of these viruses attack services, kind of how a hacker would. If that service doesn't run as root, then there's a good chance the virus won't do much damage.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.