Linux Antivirus
 

Good Day,

I recently purchased a couple linux servers in the cloud. I was wondering if there is an antivirus i can use on them. Is there a linux antivirus i can install in the cloud?

We are some of the ways i can secure my linux cloud server?

Any help would be greatly appreciated

Thanks in advance,
Brian

Don't run code you don't trust as root -> the only antivirus you need on linux

Just because you're virus-free doesn't mean your inherently safe though, you still need to take some precautions to keep intruders out. Keep your core utilities (ssh, etc) up to date, edit your ssh config to prevent ssh login as root, set a strong root password. Other people can provide some more suggestions.

You can a look at clamav which is good if you have any MS$ files stored on them. They even make a version for MS$ :D

Depends on what you want to do with your servers. If you use them for file-storage/sharing (pretty common for cloud servers) of Windows software than antivirus programs can be pretty handy. Also keep in mind that there are viruses for Linux, even when they are only a few. And by the way, don't run any program as any user when you don't trust the source or software, even when run as unprivileged user a software can use zero-day (or still unpatched) exploits for getting root-privileges.

Symantec and McAfee both make linux anti-virus applications. Between the two, as I've tested both, the McAfee is an overall better product. It seems to me that Symantec created a Linux virus scanner and just let it ride, no real updates to the program just definition releases.

McAfee has been working their product up from a command line scanner to an integrated virus scanning tool.

Funny Story they do appear to be good but I've cured infected systems with clamav where nortan and mcafee failed. A c++ programmer told me that people who are really out for info will code a virus just to get around those 2 since they are most popular.

But as Linux as said a few post above don't run no untrusted code as root and harden your server. I use clamav to check user files and stuff for virues though.

I agree jmc, I'd run clamav if given the option. Where I work, I had to choose between the lesser of two evils.


I also agree with the best option, know what you run. Take the time to harden your system and have decent logging in the event something un-wanted does happen.

You should search the Linux - Security forum on this site. It has all the information you could ever want for hardening a server and more.

Basically, when thinking about security, and especially security on a server, you've got to think of more than just an anti-virus, even with Windows. Depending on the use of your server, you might need to run an anti-virus and you might not. On linux, the anti-virus will mainly be to protect users that connect to that server from getting a windows virus stored there.

Some other tips:
- security is layered. Don't rely on just one security method to protect you
- good configuration is generally better than a security program you install. Take the extra time to make sure that shell script you just wrote (for example) doesn't allow a vulnerability
- Only install the services you need; less programs means less to keep updated and less attack-surface for a hacker
- Make sure you are running a properly configured firewall; iptables is what comes on linux already
- Be sure to have some kind of monitoring in place. If you don't, you could have an intrusion or other problem for months without realizing it.

Once again, check out the Linux-Security forum for how to do these things. A lot of your questions have already been answered there and if you can't find it, ask the question yourself. They're helpful to newbies as long as you're willing to learn.

AVG also makes a Linux anti-virus, free for home use and fee for servers. I have used AVG products on Windows for several years and found it satisfactory.

I also run it on my Linux boxes, but that's mostly because I trust no one, as there are currently no native Linux viruses in the wild. It is well-behaved and unobtrusive.

You cut me deep there Frank :p

In all seriousness though I have only ever tried a Linux AV once and it never did anything, why? because for Linux boxes there is (currently) nothing to worry about. Now, don't go not using one because I said that because one day (soon maybe) there could be a problem and those who have one as well as those who practice safe PC usage will be better off than those who don't.

an other anti-virus kaspersky

(Grin). The key word there is "currently."

When there is a Linux virus in the wild, I fully intend to read about it on LQ, not live with it on my computer.

I will not put any computer on the internet without a firewall and antivirus, unless it's to get a firewall and antivirus. Period.