On Wed, 21 Jan 2009 21:06:38 -0500, Adam Tauno Williams wrote:
There is no good argument against running malware detection on any
sever.
Except when the malware it can detect is extremely unlikely to be an
issue, because you are now running yet another process for no good reason
that might
On Thu, 22 Jan 2009 15:00:43 -0600, Les Mikesell wrote:
An occasional clamav scan can't hurt.
You are absolutely, completely wrong.
Clamav has had vulnerabilities that could be used to cause it to execute
arbitrary code in the scanned files. I don't doubt for one second that
proprietary AVs
On Fri, 23 Jan 2009 11:30:12 -0800, Scott Silva wrote:
Cron a clamscan -ir /
It will check the entire filesystem and report infected files. You
probably don't want to automatically delete what you find, though.
You can also scan for things like ssn's in datafiles laying around.
On Thu, 22 Jan 2009 14:01:26 -0500, Adam Tauno Williams wrote:
You scan the server for malware.
You run a useless process widening your attack surface.
Hint: Security is a trade-off -- Schneier.
Don't trade actual security for cargo cult systems administration.
There is nothing special
On Thu, 22 Jan 2009 15:55:11 -0500, Adam Tauno Williams wrote:
Yes, you gain the ability to detect a compromised server.
Absolutely not, you don't gain that ability at all. Again we're talking
*viruses* not all malware. An antivirus will never detect a good rootkit;
modern rootkit employ
On Thu, 22 Jan 2009 09:32:16 -0600, Matt wrote:
FYI, clamav also detects linux based viruses. There are linux based
viruses. Rkhunter is also good to run on a linux server as well.
http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses
Of course if you keep your passwords secure
6 matches
Mail list logo