Simpler Navigation for Servers and Operating Systems - Please Update Your Bookmarks
Completed: a much simpler Servers and Operating Systems section of the Community. We combined many of the older boards, so you won't have to click through so many levels to get at the information you need. Check the consolidated boards here as many sub-forums are now single boards.
If you have bookmarked forums or discussion boards in Servers and Operating Systems, we suggest you check and update them as needed.
cancel
Showing results for 
Search instead for 
Did you mean: 

UNIX VIRUS PROTECTION

SOLVED
Go to solution
Nobody's Hero
Valued Contributor

UNIX VIRUS PROTECTION

Can anyone recommed a free and reliable anti-virus protection software product. I am about to try Sophos on a trial version. Any comment on this product.

Thx
UNIX IS GOOD
10 REPLIES
harry d brown jr
Honored Contributor

Re: UNIX VIRUS PROTECTION

Why in the world do you need virus protection for unix?
Live Free or Die
David Lodge
Trusted Contributor

Re: UNIX VIRUS PROTECTION

I find this hard to see a reason for this - there are very few (from a quick virus search I found two: sadmind for Solaris and Timay as a perl script) virus for HP-UX

As long as your security is good you have no need to worry about virii on Unix (due to the user model most virii will be unable to do much...)

dave
Eugen Cocalea
Respected Contributor

Re: UNIX VIRUS PROTECTION

Hi,

Harry, you need an antivirus that runs on Unix if you want to prevent Windows/other SO infections. Usually, Unix antiviruses are just scanners for mail systems and/or proxies.

Sophos is not free but it is good enough.

Try AVP: http://www.kaspersky.com/

AVP works very well with sendmail.

E.
To Live Is To Learn
Nobody's Hero
Valued Contributor

Re: UNIX VIRUS PROTECTION

Thanks,
I guess the following document got me alarmed, however, it can't hurt to be over protected. Please visit this document and respond with reasons why UNIX should not be protected.

Thanks, I'll wait for reply.

www.cyber.com/papers/networks.html
UNIX IS GOOD
David Lodge
Trusted Contributor

Re: UNIX VIRUS PROTECTION

To be truthful, I would take that article with a pince of salt - there are a few errors in some of the paragraphs (eg just because you have write permission on a file doesn't mean you can delete it!)

But it all boils down to your boxes security:
* virii and worms have been found (esp. on Linux) which exploit known issues which there are patches for
* trojan horses are successful because people run programs without checking them out.

If a Unix systems is administered properly then there should be no problems at all with any virii/worms/trojans...

dav
Mark Vollmers
Esteemed Contributor

Re: UNIX VIRUS PROTECTION

Robert-

That seems to be a rather defeatest attitude from the author. Granted, UNIX systems will never be totally safe, but they should be much better than windows (where my cat could probably wipe the computer clean). Maybe there is reason to have the anti-virus software, but with the variablilty in virii that the author implied (with the program having to deal with many different OS versions, etc), how effective would it be? Also, most of what he had seemed to be things like trojan horses and the like, and I wouldn't put those in the same category as a virus. I mean, how does an antivirus software determine that the calculator now has a rm command imbedded in it without doing massive file scans of the entire code? I would say that the best solution is good security. If the calculator can be re-written to hide a rm -r command, then you need to protect from someone outside (or inside, I suppose) from being able to modify and save (or overwrite) the code. I know that there are a good number of security suggestions here; search for them. There are also security software programs around that you might want to look into. Sorry I can't be more specific here, but my server doesn't even look outside the company, so I don't worry much about an external attack. (probably the best defense, but not practical for most people) Good luck.

Mark
"We apologize for the inconvience" -God's last message to all creation, from Douglas Adams "So Long and Thanks for all the Fish"
Nobody's Hero
Valued Contributor

Re: UNIX VIRUS PROTECTION

Thanks for the interesting responses. I value the expertise and ideas from our site experts on HPUX. One more question and I'll click the X. Cops can find some weaknesses in my file structure. I want to use it but some boxec do not have a C compiler. Any idea of a security audit tool to check the security health of my systems without having to compile C code. Again, I appreciate your help.

Bob
UNIX IS GOOD
harry d brown jr
Honored Contributor
Solution

Re: UNIX VIRUS PROTECTION

Robert,

this is a great document for securing your servers from hackers:

http://people.hp.se/stevesk/bastion11.html

Eugen,

You are correct, that if you make your servers disk space available, like through SAMBA, for other OS's (non-unix) - Microsoft, then you should do them a favor and run some kind of antivirus software. Although the virus won't "infect" the unix system, it could wreck havoc on the MS systems. But the best anti-virus and virus detection software runs in MS, so I would personally have a MS server scanning the SAMBA share.


live free or die

harry
Live Free or Die
Wodisch
Honored Contributor

Re: UNIX VIRUS PROTECTION

Hello Robert,

we did some research into that topic back in those days when the first virus/trojan horses/bacteries/rabbits appeared and wrote a simple "shell-virus". Well, it was portable over many flavours of UN*X, it infected all other shell-scripts it could find, it copied itself over the network to other stations - and it was only one page of script.
Conclusion: viruses *DO* work on UN*X, if you are a careless user!

So, I do the a point in using a virus scanner.

But probably scanners under UN*X will only scan files "travelling through", e.g. as e-mail
or using UN*X as a file-server...

Just my $0.02,
Wodisch
PS: we never released that beast into the public! And I will not mail it!
Anonymous_User1
N/A

Re: UNIX VIRUS PROTECTION

Hello Wodisch,

having [1] in mind: are these effective measures to have a "shell-virus"-protection?

Sth else with respect to hpux-security is security_patch_check [2]- at least you get a reasonable notification (perl script, needs ftp-internet access: I cron'ed that to run daily).

However, this does not prevent a webserver from a Denial Of Service (DOS) as "Clifford Stoll"like described in [3].

Curious to read your opinion on [1] in "shell-virus"context,

Best regards,
Thomas

[1] http://people.hp.se/stevesk/bastion11.html
[2] http://www.software.hp.com/cgi-bin/swdepot_parser.cgi/cgi/displayProductInfo.pl?productNumber=B6834AA
[3] http://grc.com/dos/grcdos.htm