Antivirus for Server

**leila5552** · 03-10-2010

hi
I have a Linux Server for contact server which connects just to my LAN in the company. my LAN is connected to Internet. and I have some other linux workstation in LAN.I use NOD32 AV for my clients .we dont have transforming data between server & clients.
should I have AV on my server? if yes Which AV do I use?

**mzv** · 03-10-2010

There' no need to use AV if you don't have any Windows workstations. If you're looking for free antivirus try ClamAV

oz · 03-10-2010

ClamAV as already suggested is one of the most popular choices for Linux. Other options for your consideration can be found here.

**Rubberman** · 03-11-2010

I use ClamAV (free) and F-Prot (commercial). F-Prot seems to find more stuff - I use it to scan client's Windows discs when they get infected.

**RobinVossen** · 03-11-2010

I'd go for Unix Guardian.
Its more then just a VirusScanner. As it checks for Arp-Poisoning on the Network or when root is logged in.

However, on the downside. Its still in Development. (I am the Lead Coder

)
Ill let you know when its done =)

**kurtdriver** · 03-11-2010

Originally Posted by leila5552

hi
I have a Linux Server for contact server which connects just to my LAN in the company. my LAN is connected to Internet. and I have some other linux workstation in LAN.I use NOD32 AV for my clients .we dont have transforming data between server & clients.
should I have AV on my server? if yes Which AV do I use?

I'm not sure I follow. Are your LAN's clients able to access the internet? Webmail, for instance? Can they bring files from home, via the old fashioned "sneaker net"? If the answer is yes, then you must realize that these documents might be infected with MS-specific viruses. You don't want your machine to be serving up conficker to other people. So, I would say get vaccinated. I'm not sure that I understood your post, however. Kurt

**Lex87** · 03-11-2010

You could also look at SonicWall's gateway AV solutions. Why let infected data into the network when you can stop it at the firewall?

The only issue I've got with SonicWall's approach is that you have to pay a bit more for the subscription and the hardware isn't cheap.

**DT0X** · 03-15-2010

We've had some cr@ppy McAfee AV product forced on us because "Our NFS servers might harbour windows viruses" ...

If it was my choice there would be no AV on our Linux - all you need is good file integrity checks, plenty of targetted logging and a bit of SELinux knowledge (on RHEL etc). IDS (snort for example) is also a good option to inform you of suspicious virus like activity on your LAN

**thehemi** · 03-17-2010

Originally Posted by DT0X

If it was my choice there would be no AV on our Linux - all you need is good file integrity checks, plenty of targetted logging and a bit of SELinux knowledge (on RHEL etc). IDS (snort for example) is also a good option to inform you of suspicious virus like activity on your LAN

And good backups.

**Lex87** · 03-17-2010

... I swear that some evil computer god saw me saying positive things about SonicWall..

I just had 2 of these units die due to licensing issues, and the support staff are just sending me in circles trying to figure out what's going on.

Good backups is a great point. If you had a virus scan in your backup process it would be very efficient! Plus you'd know there's nothing bad in the backups?

Is this one of those great idea "but" situations?

Thread Tools

Display

Antivirus for Server

Posting Permissions