jschiwal |
09-23-2012 04:46 AM |
If you use samba and share files with Windows computers, then running something like a clamav plugin is a good idea. Your distro may have security check cronies jobs to look for insecure changes like world writable directories or SUID files. Servers are set up differently with more separate partitions, allowing each one to be mounted with different options. For example, a directory with a world writable permissions like /temporary should be on a partition mounted with the noexec,nolib,nosuid mount options. The /boot, /etc and /lib directories should be on a partition mounted read only.
Use selinux, grsecurity or apparmor to protect services.
Use rkhunter to scan for root kits and suspicious processes.
The term virus is almost obsolete. You need to worry more about malware on sites you visit and "crims" trying to break a service and installing a rootkit.
|