On Tue, Mar 10, 2009 at 3:52 PM, Paul Beltrani <[email protected]> wrote: > I need be able to demonstrate to a "Certification Commission" that > some systems " ... shall be certified free of malevolent software ... > ... self-certify compliance with this standard through procedures that > make use of commercial malware scanning software." > > In other words, I need to find a commercial package that scans Linux > systems for malware. A quick search turned up "McAfee LinuxShield" > which should meet the requirement. > > After the laughter has stopped, would anyone care to recommend a product? > > - Paul Beltrani >
Thanks for all the replies. In short, these are the scanners for linux maleware which were mentioned: Sophos AV, http://www.sophos.com/products/enterprise/endpoint/security-and-control/8.0/ McAffe LinuxShield, http://shop.mcafee.com/products/LinuxShield.aspx?pid=LINUXSH&CID=MFE-3001 Kaspersky Anti-Virus, http://www.kaspersky.com/anti-virus_linux_file_server F-Secure Anti-Virus, http://www.f-secure.com/en_EMEA/products/business/servers/anti-virus-for-servers/ F-Prot Antivirus, http://www.f-prot.com/products/corporate_users/unix/linux/workstations.html Sourcefire ClamAV, http://www.sourcefire.com/products/clamav/ Several people mentioned ClamAV. Unfortunately, I do not believe it meets the requirement of "commercial software". It may have commercial support, but it I don't think that satisfies the the "commercial software" requirement. Someone also mentioned "tripwire". Again, a fine tool but I don't believe it strictly meets the requirement. Indicating a file has changed is not the same as indicating malware is or is not present. - Paul Beltrani _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
