LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva
User Name
Password
Mandriva This Forum is for the discussion of Mandriva (Mandrake) Linux.

Notices


Reply
  Search this Thread
Old 06-07-2005, 01:13 AM   #1
varun_saa
Member
 
Registered: Dec 2004
Posts: 188

Rep: Reputation: 30
best anti virus


Hello,
I want to install anti virus on Mandriva 2005.
Which is the best ?

Thanks

Varun
 
Old 06-07-2005, 01:25 AM   #2
Arnaud_B
Member
 
Registered: Jun 2004
Location: New York
Distribution: Debian
Posts: 219

Rep: Reputation: 30
an antivirus??? why? you don't need that...
 
Old 06-07-2005, 01:28 AM   #3
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
The short answer is there is none and you don't need it.

There is an open-source virus scanner called clamav but its for scanning for Windows viruses in emails (for people who run mail servers that have Windows clients).

There are some companies that claim to have a 'Linux virus scanner' but mostly they are just mail gateway scanners with a nice GUI.

Remember Linux is not Windows and will have different solutions to problems which affect it in different ways.
 
Old 06-07-2005, 01:32 AM   #4
varun_saa
Member
 
Registered: Dec 2004
Posts: 188

Original Poster
Rep: Reputation: 30
Basically I am running a proxy server on this
system. So I have windows client.
If I install ClamAV on the server will it help ?

Thanks

Varun
 
Old 06-07-2005, 01:41 AM   #5
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
Yes. I think you can setup squid and clamav to work together and intercept any viruses the user tries to download through WWW. This probably isn't completely foolproof (ie. unless they get mail off your mail server only and you've got clamav setup on that) but it should stop most virii.

No idea how to do it though Have a google for 'squid and clamav'
 
Old 06-07-2005, 04:27 PM   #6
courtrrb
Member
 
Registered: Sep 2003
Location: Iowa, US
Distribution: MDK Since V6.5
Posts: 573

Rep: Reputation: 30
I ran into a problem with virus on my Mandriva system. My wife received a email from one of her friends (A windows user) that contained a virus. Even though it didn't have any effect on the system unknowingly she forward it to one of here other friend. My service provider sent a email to us about the virus she was sending out. SO my question is should I/We install a virus scanner to protect others from their dumb mistake. Another friend of mine (linux User) had the service turned off for forwarding emails with virus. She had to clean out her Mailbox to get rid of it before her service provider would turn it back on.
 
Old 06-07-2005, 05:46 PM   #7
reddazz
LQ Guru
 
Registered: Nov 2003
Location: N. E. England
Distribution: Fedora, CentOS, Debian
Posts: 16,298

Rep: Reputation: 77
It would do you no harm to get an antivirus program if you deal with a lot of Windows users. I recieve a lot of mail from windows users, but I scrutinize every email I recieve with an attachmnent so I have never had the problem of forwarding emails containing viruses.
 
Old 06-07-2005, 05:56 PM   #8
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
You could setup the mail system on your Linux box (postfix) with Clamav. You would then need to setup fetchmail to download your wife's email from her ISP and then deliver it to herusername@localhost. This will have the affect of passing it through your local postfix server and thereby filtering it for viruses.

Sample /etc/fetchmailrc:
Code:
set syslog
set postmaster "postmaster"
set bouncemail
set no spambounce
set properties ""
set daemon 3600
poll mail.myisp.com with proto IMAP port 993
       user 'ispusername' there with password 'password' is 'localusername' here ssl keep
sample of lines to add to /etc/postfix/main.cf after the existing stuff:

Code:
#......... existing stuff above
mydomain = localdomain
myorigin = $myhostname

#mydestination is the list of domains that will be considered to mean the local server. In this case it
#includes the server's internal and external domain names and
#the localhost (so that email can be sent to tim@localhost for example)
mydestination = $myhostname, localhost.$mydomain

mynetworks = 192.168.1.0/24, 127.0.0.0/8

#deliver all mail through procmail (if there's no procmail rules file it should just go into the default /var/spool/mail/whatever file
mailbox_command = /usr/bin/procmail
#By default postfix has a stupid ~50MB limit on the size of the mailbox it will deliver to (even if going through postfix or whatever). Zero means infinite size.
mailbox_size_limit = 0
Then all you need to do is get clamav and postfix working together.

Quote:
She had to clean out her Mailbox to get rid of it before her service provider would turn it back on
If the ISP is so whingey about viruses (most people get several every day in their inbox) then they should probably be the one's providing server-side virus filtering. Quite a lot of ISPs use clamav or an equivalent to do this.
 
Old 06-07-2005, 09:43 PM   #9
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
You could also maybe try:

http://www.f-prot.com/products/home_use/linux/
http://www.pandasoftware.com/download/linux/linux.asp
http://www.nod32.com/home/home.htm

If you're really worried about passing on viruses to Windows users. Although maybe you could just tell them to get a real OS
 
Old 06-07-2005, 09:51 PM   #10
Crito
Senior Member
 
Registered: Nov 2003
Location: Knoxville, TN
Distribution: Kubuntu 9.04
Posts: 1,168

Rep: Reputation: 53
best anti-virus (for *nix)
http://www.drweb.com/

I still use Peter Norton's under Windows.
 
Old 06-15-2005, 05:58 PM   #11
Mique44
LQ Newbie
 
Registered: Mar 2004
Location: Indianapolis, IN
Posts: 2

Rep: Reputation: 0
To be honest with you, varun_saa, the actual existence of a *nix virus is so rare that the need for an anti-viral on your system is almost pointless. By comparison, Win based operating systems have such a large number of viruses. When you evaluate the amount of *nix-based viruses, the percentage by comparison doesn't even make a pin-poke on my pinky finger. However, I would recommend using an anti-virus on a system housing a large database, or something very important (for safety). You can never be too careful.

I am sure that there is someone out there that would disagree with me or see this issue from a slightly different angle. Please feel free to respond.

Good luck on your decision. http://www.linuxquestions.org/questi...eadid=331105&#
http://www.linuxquestions.org/questi...eadid=331105&#
 
Old 06-16-2005, 07:33 PM   #12
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
Quote:
However, I would recommend using an anti-virus on a system housing a large database, or something very important (for safety)
IMHO this is unnecesary, I've never heard of any company that actually runs anti-virus software on their Linux servers. I'd be very interested to hear if there is any actual real-world examples of people using Linux anti-virus software and wether it actually stops Linux viruses or is just designed to catch Windows viruses on shared folders and through email servers.

The way that security-concious Linux admins protect their servers is using things such as firewalls, regular updates, Intrusion Detection Systems, Rootkit hunters and more. Those last 2 (IDS and Rootkit hunters) are sort of the equivalent of having good virus protection in Windows. Host-based IDS systems scan the local system for evidence of intrusions such as trojaning of files, hidden processes and so on. Rootkit hunters are more specific - they perform a scan for known rootkits (software that a cracker installs on your box to give them control over it and hide their traces from you), in a similar way to how anti-virus software performs a scan for known viruses on Windows.

The difference is that IDS and rootkits are more geared towards detecting manual hacking - ie. someone who exploits a flaw in your system to gain shell access to it and then starts trying to rootkit it. In Windows the threat is from automated hacking - ie. viruses, which are by definition 'self-replicating' and therefore automated. The automated threat on Linux is nothing like that on Windows and can be protected from simply by setting up the firewall properly and keeping your applications updated and patched.
 
Old 06-17-2005, 12:18 AM   #13
Mique44
LQ Newbie
 
Registered: Mar 2004
Location: Indianapolis, IN
Posts: 2

Rep: Reputation: 0
Very interesting point TK. I have to respect that. And the statement:


I'd be very interested to hear if there is any actual real-world examples of people using Linux anti-virus software and wether it actually stops Linux viruses or is just designed to catch Windows viruses on shared folders and through email servers.


I have to re-evaluate my statement. However, I have seen companies using AVs on Unix systems. This was back in the '80s. They had scripted their own from what they had said.

I cannot prove as such, however. But I'm positive there is some out there.

Very interesting and resourceful reply, TK.
 
Old 06-18-2005, 12:52 AM   #14
aviceda
Member
 
Registered: Jul 2003
Location: Brisbane, Queensland, Australia
Posts: 50

Rep: Reputation: 15
Possible Virus?

I've recently spent more time on Fedora Core 3 due to Windoze problems but have noticed that my modem-lights flash merrily away, despite no browser or email app being open.

I've tried Chkrootkit looking for an intrusion but it doesn't seem to find anything, similarly I've got F-Prot & Bitdefender installed but nothing found,

Any ideas? All answers gratefully accepted

Tom
 
Old 06-19-2005, 04:18 AM   #15
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 52
aviceda my cable modem at home does the same thing. You can check what's happening by running the ethereal program on the machine connected directly to the internet. However I know in my case the lights were flashing mostly because of ARP/RARP packets. This is a perfectly normal thing as its part of the lower-level functioning of your ISPs network. The amount of data that they use is so insignificant that it won't eat into any data quotas you have at all. See http://en.wikipedia.org/wiki/Address...tion_Protocol.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Anti Virus/ Anti Spam for Linux? Sp@rticus Linux - Software 3 11-18-2005 02:17 AM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 02:35 PM
Best Anti-spam and Anti-virus application? vittibaby Linux - Newbie 6 10-21-2003 07:21 AM
Creating an ultimate anti-virus and anti-spam email gateway markcc Linux - Networking 2 10-08-2003 03:10 AM
Anti trojan and anti virus--Iparmor ppsl Linux - Security 1 12-03-2002 04:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Mandriva

All times are GMT -5. The time now is 05:24 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration