Antivirus for Server

**leila5552** · 03-10-2010

hi
I have a Linux Server for contact server which connects just to my LAN in the company. my LAN is connected to Internet. and I have some other linux workstation in LAN.I use NOD32 AV for my clients .we dont have transforming data between server & clients.
should I have AV on my server? if yes Which AV do I use?

**mzv** · 03-10-2010

There' no need to use AV if you don't have any Windows workstations. If you're looking for free antivirus try ClamAV

oz · 03-10-2010

ClamAV as already suggested is one of the most popular choices for Linux. Other options for your consideration can be found here.

**Rubberman** · 03-11-2010

I use ClamAV (free) and F-Prot (commercial). F-Prot seems to find more stuff - I use it to scan client's Windows discs when they get infected.

**RobinVossen** · 03-11-2010

I'd go for Unix Guardian.
Its more then just a VirusScanner. As it checks for Arp-Poisoning on the Network or when root is logged in.

However, on the downside. Its still in Development. (I am the Lead Coder

)
Ill let you know when its done =)

**kurtdriver** · 03-11-2010

Originally Posted by leila5552

hi
I have a Linux Server for contact server which connects just to my LAN in the company. my LAN is connected to Internet. and I have some other linux workstation in LAN.I use NOD32 AV for my clients .we dont have transforming data between server & clients.
should I have AV on my server? if yes Which AV do I use?

I'm not sure I follow. Are your LAN's clients able to access the internet? Webmail, for instance? Can they bring files from home, via the old fashioned "sneaker net"? If the answer is yes, then you must realize that these documents might be infected with MS-specific viruses. You don't want your machine to be serving up conficker to other people. So, I would say get vaccinated. I'm not sure that I understood your post, however. Kurt

**DT0X** · 03-15-2010

We've had some cr@ppy McAfee AV product forced on us because "Our NFS servers might harbour windows viruses" ...

If it was my choice there would be no AV on our Linux - all you need is good file integrity checks, plenty of targetted logging and a bit of SELinux knowledge (on RHEL etc). IDS (snort for example) is also a good option to inform you of suspicious virus like activity on your LAN

**thehemi** · 03-17-2010

Originally Posted by DT0X

If it was my choice there would be no AV on our Linux - all you need is good file integrity checks, plenty of targetted logging and a bit of SELinux knowledge (on RHEL etc). IDS (snort for example) is also a good option to inform you of suspicious virus like activity on your LAN

And good backups.

**DT0X** · 03-18-2010

And good backups.

Agreed. We use TSM so we're pretty safe on that front too - so basically all our AV does is slow legitimate services down and annoy us via email when its definitions are out of date. Great!

Thread Tools

Display

Antivirus for Server

Posting Permissions