Re: antivirus for linux

From: Mircea MITU (mmitu_at_bitdefender.com)
Date: 06/18/04

  • Next message: Harlan Carvey: "RE: Possilbe New Arp DoS - dosprmwin.exe" 
    To: Bruno França dos Reis <brunoreis@terra.com.br>
Date: Fri, 18 Jun 2004 12:52:36 +0300

    On Tue, 2004-06-15 at 20:24 -0300, Bruno França dos Reis wrote:
    > Hello guys
    >
    > I'm kinda new to linux, and getting more and more worried about security. I
    > was wondering: is it necessary for me to have an anti-virus application? If
    > so, is it a "live scanner", like the ones I know for windows?
    >

    Usually you need a linux antivirus to filter and protect windows
    workstations from the network. This means a gateway antivirus, like a
    mail-server filter, file server antivirus (for samba) or other proxies.

    A good linux antivirus includes a command-line scanner which can be
    ordered or scheduled to scan the filesystem or remote mount points
    (Samba, NFS, FTP, etc).

    To protect only your Linux systems, you need a regular Linux Antivirus,
    IDS/IPS solutions and a good firewall policy. Additional tools like
    chkrootkit also may help you.

    > Do you recommend using an anti-virus software? If so, which?
    >

    Humm, try freshmeat and google:
    http://freshmeat.net/search/?q=linux+antivirus
    http://www.google.com/search?q=samba+antivirus

    > Moreover, I have a linux firewall. Is there any way for me to detect virus
    > activity trying either to break into a computer (like Sasser or others like
    > it) or to detect incoming mail with virus? Note: my firewall isn't my mail
    > server. I was wondering if it could sniff connections to pop mail servers and
    > detect virus code.
    >

    Yes, you can have some antivirus proxies (SMTP/POP3/etc) which can scan
    the traffic for viruses and malware. Also you can implement IDS/IPS
    solutions.

    > Thanks in advance.
    >
    > Bruno Reis

    Regards, 

    -- 
Mircea MITU
BitDefender - Secure your every bit
Linux Security Solutions - http://linux.bitdefender.com
PGP Key ID - 79665DEF
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
  • Next message: Harlan Carvey: "RE: Possilbe New Arp DoS - dosprmwin.exe"