Jump to content

Virii and linux


Ixthusdan
 Share

Recommended Posts

I'm not sure ClamAV or similar would actually help if there was a sudden outbreak of a Linux virus anyway - surely you'd need some kind of definition file first.

True, but ClamAV downloads a new definition file each day.

Right now it's an overkill, I agree :D

Link to comment
Share on other sites

  • Replies 45
  • Created
  • Last Reply

Top Posters In This Topic

I built an email server, which used amavisd with clamav, and it works a treat. Keeps the viruses out at least, and blocks the attachments like vbs scripts, etc, that could have viruses contained in them.

Link to comment
Share on other sites

Grisoft now has a Free Edition of its AVG antivirus to download for Linux. Many of you may be familiar with it as a very popular free antivirus app for Windows. It updates daily. I use it in Windows XP. It's a lot better than its Windows competition...Norton and McAfee, among others.

 

Richard L.

Link to comment
Share on other sites

Grisoft now has a Free Edition of its AVG antivirus to download for Linux. Many of you may be familiar with it as a very popular free antivirus app for Windows. It updates daily. I use it in Windows XP. It's a lot better than its Windows competition...Norton and McAfee, among others.

 

Richard L.

Yes, but it is an e-mail server edition only,

no home client. http://www.grisoft.com/doc/26/lng/us/tpl/tpl01

 

Alas I think there is no need yet for a home desktop Linux antivirii software

Link to comment
Share on other sites

Alas I think there is no need yet for a home desktop Linux antivirii software

 

Why alas? At least the Linux world doesn't have the travesty that exists in Mac OS X - several well known AV manufacturers sell products to protect the Mac which also has no virus problem, and many people buy them.

Link to comment
Share on other sites

I don't see viri as a major threat to Linux platforms.

So long as you don't forward suspicious e-mails your

not spreading nor vulnerable to the WinBlows stuff.

 

What I do see, and see it every day, is a blitzkrieg

attack on my server ( 66.159.200.93 ) constantly.

Once someone, or something, senses it as a webserver

they will go after it with a vengeance.

 

Attacks range from the stupid, they think it's a WinBlows

box to the insane blitz ID/PW trys. I review the content

of the log files

 

access_log

error_log

 

every day to make sure someones not been successful.

Since Mandy 10.1 it's been pretty clean. When 9.2 came

out the install defaulted to an open proxy on Apache.

That open proxy took about a week to be found and I

tell ya for awhile I think the world was using

my Mandy server. Anyway I shut off the proxy service

and that was the end of that.

 

Mandy 2006 has been up on my server since the first week

of Jan 06 and has not been compromised yet. I update

it 1x every week and carefully look at what it's been

doing. You'd be amazed at what you see in them log files.

Link to comment
Share on other sites

AVG Free Edition for Linux is also available for the desktop and the home user. Here is the link, if anyone is interested.

 

http://free.grisoft.com/doc/20/lng/us/tpl/v5

 

If you scroll down to the bottom, you will see installation rpm's for Mandriva, Red Hat, and SuSE.

 

Richard L.

Edited by lawsonrc
Link to comment
Share on other sites

I've got amavisd, clamav, f-prot, and spamassassin runing on my mail server .. stops heaps.

 

I've also had a cron job that checked samba shares, incase some plonker decides its a good idea to save a virus on the share.

 

I started playing with filesystem watching, and directory watching so I could enable realtime protection on the samba shares, but it just got too hard.

In the end I run a cron every 10 minutes.

 

I can't remeber exactly of the top of my head, but I'm guessing I did some thing like this:

f-prot ` find /home/share`

Link to comment
Share on other sites

What I found interesting at cnet is that the conversation started as if it was linux desktop machines that "spread" virii. Turns out, it was a mail server, to which I said that of course a mail server needs to filter data. I thought the switch was a neat trick, a little micrsoftish. What I should have asked was "did the mail server go down with the virus?" to which the answer would have been, "no."

Link to comment
Share on other sites

With a linux email server, its a little different stakes. Having people get email from your server means that you have people that are either you customers (i.e. a business) or people that are your friends (i.e. a small fun based server). At work we use winblows machines with a linux machine to take care of email and the website. In that instance we use a few AV (not sure which ever since the "main" IT guy got paranoid and kicked me out of the server room blaming me for messing with his servers) because it's much less hassle then going around and fixing virii on every machine.

 

I still stand by my reasoning that a general linux user shouldn't have to be the one to fix everyone else's problems. Sure if you get a file which tries to do funky stuff, don't pass it on, but why should us Linux users have to make sure winblows users aren't caught with their pants down?

Link to comment
Share on other sites

I've always used and recommended McAfee for Windows, because I've never had any problems with it, and been using since around 1993 onwards. I did used to use Norton, but since it screwed a machine up, I'd never trust it again.

 

Now, I don't use Windows, only my wife does, and she's protected by McAfee :P (in fact, so are my Dad's six office machines).

 

It's funny how Microsoft say in that article that mysti posted the link too, that Vista doesn't come with anti-virus and you have to subscribe to the Windows OneCare service. I'm sure all the other anti-virus vendors would have to say something about that, since I'm sure they can provide products that will keep the machines clean. Yet another product Microsoft are looking to monopolise it seems! First starting with browsers, and now trying with this. Hmmm.

Link to comment
Share on other sites

Yes, I expected Microsoft to try that already. And Norton AV is almost as bad as the virus in a network setting. Actually, what I find peope are doing is running the xp firewall and the forewall with their av product. That causes all sorts of issues. MS tries to turn their firewall on all the time with updates. It nay be part of their long range plan to make it look like only their products designed by them work correctly. (They don't really design anything!)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share


×
×
  • Create New...