I am running a small webserver.This server is also acting as a internet gateway for my lan users through NAT.I have disbled unwanted services.At this point does any one think i need a antivirus or spam filter for the server.The users in my lan are lased with antivirus system.I am worried only for the linux server(Fedora core5).
Thanx

Yes, I would probably run one antivirus system as complacency is generally inexcusable. ClamAV is pretty simple to get going on.
You will want a firewall running on it, and also a system to prevent brute force ssh attacks, like denyhosts or libpam-abl.
If you are running an MTA (mail server) I would also consider spamassassin as an antispam measure.

I disagree. Since viruses that infect linux systems are so extremely rare, and only "infect" if they are run as root, there is no need to run anti-virus on a linux machine with 2 notable exceptions -

1) You run a mail server
2) You run a file server

The reasoning there is that any machine that hosts data that will be put on windows machines (like mail and files), should scan that data to be sure it is virus free. Protecting the linux box itself from a virus is a waste of processing to me. This however assumes several other things -

1) You have the server behind some (preferably hardware) firewall, although IPtables does a very good job too
2) You use the chkrootkit or other programs to make sure you don't have a known rootkit on your machine
3) You don't keep bad habits from windows, specifically you don't ever browse the internet as root.

If you do all of that, you won't ever see a virus on your linux box.

By the way, this is in no way a networking question. Please see this sticky from the top of the page: http://www.linuxquestions.org/questi...d.php?t=531122
I'm going to suggest it be moved to the security forum, or linux software, as that is a better place for its discussion (and if you search, you'll see it has been discussed thousands of times).

Peace,
JimBass

Jim,

Generally I would agree with you, but there is little harm in scheduling a late night cron job that runs to eliminate the remote possibility. Linux is extremely resilient to viruses, especially when making sure that you do not browse, or run files from unknown sources as root, but it is still not impossible that something will get past defences.

I certainly agree that it was in the wrong area.

Danny

you should update the system with security updates as often as possible to remove any particular bugs (vulnerabilities in net software) that these few viruses may exploit.
there are scripts on the web that may not be able to completely halt a unix or linux pc but they can fill some folders/partitions (eg /tmp, /home) with bogus data thus reducing the disk capacity.

I understand what you're saying dannystaple, I still however respectfully disagree. Unlike the windows anti-virus scanners, clamav (which is on every mail server I run) has to be called to run on a given file. This works beautifully in the case of mail, as the scan is done, a positive results moves the message to the trash, and a negative result passes it to spamassassin. You would have to create a similiar utility to pass everything you download through clamav to check your user files. While that isn't difficult, it would take a bit of scripting, and for what? Unlike your modern win-anti-virus products, it doesn't "actively" protect you, by blocking the use of a virus infected file. When it runs a scan, it will just let you know that you have a virus. So being reactive as opposed to proactive makes it far less desirable to me. Once your nightly scan is run, a virus could have delivered its payload to your machine. Fortunately not being root has limited the damage it can do to /home/you and /tmp.

Sure the amount of work it takes to do the updates and scans is trivial compared to the power of processors now, I just don't see it doing much of anything. There are linux viruses, they do exist, and will probably continue to exist. I am not of the school that linux is immune to viruses. I do know that all of the win-anti-virus guys have been trying to find/develop a linux capable virus for years, largely in hopes that the linux-anti-virus software they write will begin to sell. Nothing works that they have done, except when run (even accidentally) as root. Truth be told, if windows users didn't run as administrator all the time, you would see a drastic drop in the number of infections there as well.

Peace,
JimBass

I completely agree with Jim. (^_^)

Thanx for your input guys.I am feeling good now..:-)