[prev in list] [next in list] [prev in thread] [next in thread]
List: focus-linux
Subject: Re: Begs a question: AV in Linux // Re: MDKSA-2006:016
From: Joachim Schipper <j.schipper () math ! uu ! nl>
Date: 2006-01-18 9:55:31
Message-ID: 20060118095530.GA4681 () melpomene ! jschipper ! dynalias ! net
[Download RAW message or body]
On Tue, Jan 17, 2006 at 01:45:34PM -0600, Benson, Sean M wrote:
> Anti-Virus in Linux.
> Should I/you or shouldn't I/you and why?
>
> With this (ClamAV) being an anti-virus program, running on Linux,
> creating a possible exploit:
>
> Should you run an anti-virus on linux for non-work issues?
> (Just home Workstations, Laptops, etc.. not mail servers.)
>
> IMHO:
> I've heard the "Keep from passing windows virus' from NTuserA --- you
> --- NTuserB."
> But I don't think that's a good enough reason to eat up my cycles, plus
> I'm a huge fan of least apps/services running.
>
> I Don't buy the "Market Share targeting" jazz either. It's more a design
> issue based on least/most priviledge in my thinking.
No, ClamAV catches almost nothing that is relevant to a *nix machine.
Far better to run something like chkrootkit, or, if you want a solution
that works against someone who is able to do more than compile a
standard exploit, something like AIDE/tripwire/samhain.
Joachim
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic