Anti-virus Programs
stephan schutter
rhl at farorbit.com
Thu Jan 29 05:35:58 UTC 2004
Try F-prot! It is free for peronal use on linux.
Steve Bergman wrote:
> Carter J. Castor wrote:
>
>> I know that the number and popularity of viruses for Linux is extremely
>> lower than Windoze; however, I am on a university network that has
>> viruses floating around like an AIDS convention so I would like to have
>> some sort of anti-virus program running in the background. The ones I
>> find are either a) commercial apps b) exclusively for e-mail c) open
>> source ones that don't look very complete. What do you guys use for
>> non-email based virus scanners?
>>
>>
>>
>>
> You pretty much answered your own question. There are about as many
> linux viruses on your network as there are HIV virus particles floating
> around at an AIDS convention. In other words, none. HIV does not
> "float around". However, worms and trojans do exist, as well as regular
> old exploits, etc. A scanner would be of no help for regular exploits,
> although it *might* be of some benefit with trojans. But only after the
> fact. Once the trojan has been run even once, your whole box is a
> potential security risk whether the trojan executable has been removed
> or not.
>
> Scanning for virii after the fact is pretty poor as a security policy.
> Has that policy stemmed the flow of virii in the Windows world?
>
> Ask yourself how you think your machine might become infected. Are you
> keeping your box updated with security patches from your vendor? This
> is your best defense against remote network exploits. Are you running
> network services that are visible to the network? This is a vector for
> "worms", not virii. Are you running executables from an untrusted
> source? That's how you get trojans. Are you running as root
> unnecessarily? To be honest, I have always found the arguments for not
> running as root to be rather flimsy, but it is still a good idea. If
> you do happen to run a trojan, you at least can contain and isolate the
> contamination more easily, though you could still lose all your data,
> which is usually more valuable than the 30 minute OS installation. Are
> you doing backups?
>
> Personally, I hate these "there's no magic bullet" answers when they are
> used to argue against things like transpernt buffer overflow prevention
> in compilers, which have a real, though not "magic bullet" benefit. But
> I just don't see Linux virus scanning being of much value.
>
> Steve
>
>
>
More information about the fedora-list
mailing list