LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] "Virus" scanning on Linux

[ILUG] "Virus" scanning on Linux

Michael Watterson watty at eircom.net
Wed Jun 11 17:52:24 IST 2008 

Cian Davis wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hi All,
> I was asked by our IT department yesterday whether I could recommend
> some virus scanning software on Linux. I responded saying that you
> don't get viruses, per se, on Linux and that we use a combination of
> rootkit scanners, firewall rules and other monitoring to ensure no
> daemons etc. are running.
>
> He was most concerned about rootkits. It got me thinking that rootkits
> and wide-spread attacks that install various daemons when then
> penetrate a system are, effectively, viruses. Does a one-stop-shop
> exist to detect all/a lot/some of these? An equivalent to a virus
> scanner on Windows? Or is intrusion detection on linux a matter of a
> few automated tools and a lot of sifting through logs and monitoring
> software outputs?
>
> Regards,
> Cian
>
>   
Anti-Virus SW is worthless on any platform IMO. It will fail eventually, 
if that's what  you  rely on.  Education  works better.  But some  
users  need a  VM in a  Sandbox that  is wiped  & reinstalled every 
time  they log on.

 
There must be a Linux equivalent to this
http://www.silentrunners.org   ?

Finds stuff AV programs don't know. Finds stuff not invented till 
tomorrow. It examines ALL possible launch points. I'm guessing that is 
easier on Linux (the rcnn run level startup scripts come to mind) in 
that on a particular distro the launch points are better documented.

Most issues are not nowadays Viruses as such, but Trojans installed by 
social engineering.



-- 
Mike

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell