Re: antivirus for linux

From: Mircea MITU (
Date: 06/18/04

  • Next message: Harlan Carvey: "RE: Possilbe New Arp DoS - dosprmwin.exe"
    To: Bruno Franša dos Reis <>
    Date: Fri, 18 Jun 2004 12:52:36 +0300

    On Tue, 2004-06-15 at 20:24 -0300, Bruno Franša dos Reis wrote:
    > Hello guys
    > I'm kinda new to linux, and getting more and more worried about security. I
    > was wondering: is it necessary for me to have an anti-virus application? If
    > so, is it a "live scanner", like the ones I know for windows?

    Usually you need a linux antivirus to filter and protect windows
    workstations from the network. This means a gateway antivirus, like a
    mail-server filter, file server antivirus (for samba) or other proxies.

    A good linux antivirus includes a command-line scanner which can be
    ordered or scheduled to scan the filesystem or remote mount points
    (Samba, NFS, FTP, etc).

    To protect only your Linux systems, you need a regular Linux Antivirus,
    IDS/IPS solutions and a good firewall policy. Additional tools like
    chkrootkit also may help you.

    > Do you recommend using an anti-virus software? If so, which?

    Humm, try freshmeat and google:

    > Moreover, I have a linux firewall. Is there any way for me to detect virus
    > activity trying either to break into a computer (like Sasser or others like
    > it) or to detect incoming mail with virus? Note: my firewall isn't my mail
    > server. I was wondering if it could sniff connections to pop mail servers and
    > detect virus code.

    Yes, you can have some antivirus proxies (SMTP/POP3/etc) which can scan
    the traffic for viruses and malware. Also you can implement IDS/IPS

    > Thanks in advance.
    > Bruno Reis


    Mircea MITU
    BitDefender - Secure your every bit
    Linux Security Solutions -
    PGP Key ID - 79665DEF
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
    any course! All of our class sizes are guaranteed to be 10 students or less 
    to facilitate one-on-one interaction with one of our expert instructors. 
    Attend a course taught by an expert instructor with years of in-the-field 
    pen testing experience in our state of the art hacking lab. Master the skills 
    of an Ethical Hacker to better assess the security of your organization. 
    Visit us at:

  • Next message: Harlan Carvey: "RE: Possilbe New Arp DoS - dosprmwin.exe"