To answer OP's question, my Linux mail server uses spamassassin and ESET for filtering. My Linux file server also periodically performs full scans with ESET. I do not yet run any virus scanning on my desktop though.
On Mon, 2011-04-04 at 11:30 +1000, Nick Andrew wrote: > On Mon, Apr 04, 2011 at 06:46:36AM +1000, Erik de Castro Lopo wrote: > > Morgan Storey wrote: > > > I think it is going to come back and bite the Linux community if we go > > > via the line that we are immune to viruses, > > > > Unfortunately, the alternative, virus scanners that look for > > particular virus signatures is nothing more than security > > theatre. > > I agree. What would a virus scanner look for anyway, if there > are no extant viruses on linux systems? The biggest market for antivirus scanners on Linux is when the system in question is acting as a server for other systems. This is evidenced by the fact that there are quite a few commercial A/V systems available for Linux, almost none of which are suitable for desktop use. And, for better or for worse, you need to demonstrate that you're performing regular virus scans on *all* of your systems on a regular basis for quite a few security-related standards. Regardless of whether you think you need it or not. Yes, I'm looking at you, Payment Card Industry. > That leads to rule #2 - defense-in-depth. The only hope we have to > survive this untrusted and potentially malicious code being executed by > our browsers is to implement sandboxes, language-level restrictions and > strict limits on authorization. I think that eliminating a reasonably large swathe of of your attack vector through a regularly-maintained virus scanner is a good contribution to solid defence-in-depth... -- Pete -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
