Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Redhat/fedora/Suse [Wanna Drive With Debian]
Posts: 208
Rep:
Is antivirus Needed??
I am running a small webserver.This server is also acting as a internet gateway for my lan users through NAT.I have disbled unwanted services.At this point does any one think i need a antivirus or spam filter for the server.The users in my lan are lased with antivirus system.I am worried only for the linux server(Fedora core5).
Thanx
I am running a small webserver.This server is also acting as a internet gateway for my lan users through NAT.I have disbled unwanted services.At this point does any one think i need a antivirus or spam filter for the server.The users in my lan are lased with antivirus system.I am worried only for the linux server(Fedora core5).
Thanx
Yes, I would probably run one antivirus system as complacency is generally inexcusable. ClamAV is pretty simple to get going on.
You will want a firewall running on it, and also a system to prevent brute force ssh attacks, like denyhosts or libpam-abl.
If you are running an MTA (mail server) I would also consider spamassassin as an antispam measure.
I disagree. Since viruses that infect linux systems are so extremely rare, and only "infect" if they are run as root, there is no need to run anti-virus on a linux machine with 2 notable exceptions -
1) You run a mail server
2) You run a file server
The reasoning there is that any machine that hosts data that will be put on windows machines (like mail and files), should scan that data to be sure it is virus free. Protecting the linux box itself from a virus is a waste of processing to me. This however assumes several other things -
1) You have the server behind some (preferably hardware) firewall, although IPtables does a very good job too
2) You use the chkrootkit or other programs to make sure you don't have a known rootkit on your machine
3) You don't keep bad habits from windows, specifically you don't ever browse the internet as root.
If you do all of that, you won't ever see a virus on your linux box.
By the way, this is in no way a networking question. Please see this sticky from the top of the page: http://www.linuxquestions.org/questi...d.php?t=531122
I'm going to suggest it be moved to the security forum, or linux software, as that is a better place for its discussion (and if you search, you'll see it has been discussed thousands of times).
Generally I would agree with you, but there is little harm in scheduling a late night cron job that runs to eliminate the remote possibility. Linux is extremely resilient to viruses, especially when making sure that you do not browse, or run files from unknown sources as root, but it is still not impossible that something will get past defences.
you should update the system with security updates as often as possible to remove any particular bugs (vulnerabilities in net software) that these few viruses may exploit.
there are scripts on the web that may not be able to completely halt a unix or linux pc but they can fill some folders/partitions (eg /tmp, /home) with bogus data thus reducing the disk capacity.
I understand what you're saying dannystaple, I still however respectfully disagree. Unlike the windows anti-virus scanners, clamav (which is on every mail server I run) has to be called to run on a given file. This works beautifully in the case of mail, as the scan is done, a positive results moves the message to the trash, and a negative result passes it to spamassassin. You would have to create a similiar utility to pass everything you download through clamav to check your user files. While that isn't difficult, it would take a bit of scripting, and for what? Unlike your modern win-anti-virus products, it doesn't "actively" protect you, by blocking the use of a virus infected file. When it runs a scan, it will just let you know that you have a virus. So being reactive as opposed to proactive makes it far less desirable to me. Once your nightly scan is run, a virus could have delivered its payload to your machine. Fortunately not being root has limited the damage it can do to /home/you and /tmp.
Sure the amount of work it takes to do the updates and scans is trivial compared to the power of processors now, I just don't see it doing much of anything. There are linux viruses, they do exist, and will probably continue to exist. I am not of the school that linux is immune to viruses. I do know that all of the win-anti-virus guys have been trying to find/develop a linux capable virus for years, largely in hopes that the linux-anti-virus software they write will begin to sell. Nothing works that they have done, except when run (even accidentally) as root. Truth be told, if windows users didn't run as administrator all the time, you would see a drastic drop in the number of infections there as well.
The reasoning there is that any machine that hosts data that will be put on windows machines (like mail and files), should scan that data to be sure it is virus free. Protecting the linux box itself from a virus is a waste of processing to me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.