Actually, useless.

The proper way to fix a system is to fix the vulnerability. After that, the anti-virus is useless.

Using an anti-virus product is admitting you can't fix the vulnerability, AND admitting that your OS vendor can't fix the vulnerability either.

And that starts making one wonder if the vulnerabilities are deliberately put in JUST so more money can be sucked out of your pocket.

Windows has been the ONLY operating system that seems to MANDATE the use of an anti-virus product...

If that were true, and it might as well be, that doesn't make antiviruses useless. On the contrary.
We still don't know the context where the OP's server is deployed. But if you're using file sharing or an e-mail server, not using an antivirus is ridiculous. It's just arrogant to state otherwise, given that most end users will use Windows, whether you like it or not.

For properly supported operating systems, antivirus is useless.

All it does is raise the cost using vulnerable operating system, and if you have to depend on OTHER operating system to protect that one, you are still expecting things that are useless.

If you are file sharing to Windows, Windows has to check the files before it loads it. How can Windows trust ANYTHING coming into it? Thus again, anti-virus on systems that don't need it is still just wasted effort.

The malware that is unknown to the anti-virus will STILL get through, no matter where the anti-virus product is run.

1 members found this post helpful.

Well said!

IMO, anti-virus and many associated terms are a conditioned psychological addicition, not a useful technology.

You're using a lot of fallacious arguments, which is rather common, I'd say. The point is that one should use an antivirus both on the server side, and on the client side. It's not about depending on other operating systems, as you put it, it is about securing the server in order to limit exposing the workstations. If some malware does eventually reach the workstations, then, as a last resort, their own antiviruses will protect them. But normally that shouldn't be the case - if you're maintaining your server properly. And yes, you're not protecting so much the server itself, if it's linux-based, but the workstations (which are most probably windows based). It's not as if I enjoy having to use antiviruses and so on (I don't use one myself, but I guess that's also because I'm using a mac), I'm just being realistic.

A linux server might easily host viruses that don't affect the server itself, but will affect the computers which make use of that server. It's really rather basic.

And you don't need to repeat for a third time your argument that antiviruses can't protect you against new viruses. I think I've already understood that. It's good taking it into consideration, but it doesn't follow that there's an implicit protection against known viruses that can be offered by other mechanisms than antiviruses. If an antivirus can protect me against ALL KNOWN viruses, then god damn it, that's a useful antivirus.

I think it is possible for anti-virus to be compromised on client-side since it runs on elevated permissions. But I came up with an interesting idea (I think). It's to use a VM with Clamav as a reverse proxy (to act as a filter), and then another VM of OpenBSD between the host and the proxy, that will contain Damn Vulnerable Linux aswell as Malwarebytes in a sandboxed environment, where possible malware will pass through for a second integrity check. The whole point of DVL is to test possible reaction of malware by analyzing heuristics.. I chose DVL because I'll be behind a Linux box, I guess you can use XP if your behind a Windows..

It is still just wasting time.
But still useless as the "computer which make use of that server" must still recheck everything.
Oh good. Since you now acknowledge it is useless.
It just means your operating system is so poor that it really shouldn't be used. Wasting time looking for viruses (is it up to a million by now?) is a never ending task. It just takes longer and longer...

The only protection against ALL KNOWN viruses is to FIX THE VULNERABILITY. Nothing else.

One last thing: Once the vulnerability is fixed, there is no need to look for viruses using it... Which is why anti-virus products are worthless. All they do is promote NOT FIXING the vulnerability in the first place.

BTW: IBM went through the problem in the 60s. Adding patches to fix the unlerlying OS worked... until the effort of adding a patch to fix one problem uncovered a different one or indroduced a new vulnerability.

When IBM realized this, they then turned their effort of OS370. And relegated OS360 to only running in a VM. Most patching stopped on OS360.

Microsoft COULD have done the same when XP was brought out. Unfortunately, they instead merged all the bugs and insecurity from Window 98 into XP. And STILL had the most insecure system ever.

And did it again with 2000... never fixing the problems. Just adding the past problems to the next release.

Is it any wonder that Windows costs the industry several billion every year?