Hi Berni
On Mon, 30 Nov 2009, Berni Elbourn wrote:
>
> Or look at it the other way round....
>
> Linux is not vulnerable to windows virus. Note the careful wording
> ;-) So don't waste valuable server cpu cycles on-access scanning on
> a Linux server.
The problem is that I can't rely on all client PCs having up-to-date
virus scanner software, so this measure would be some kind of safety
net.
>Instead protect your Linux with things like
> rkhunter.
Thanks for that hint. I will take it into account.
>
> Also all your windows PCs already have to run on-access scanners
> anyway - right.
Yes, but one can never rely that all local virus scanner databases are
up-to-date. Some people might disable automatic updates...
(You can always have some kind of policy, but that's just a piece of
paper).
> So a virus should never get near the server anyway at least in theory...
Right, but theory is more often than not contradicted by practice... ;-)
> In practice virus do often get through simply because the virus
> profiles available for both server and clients PCs are always one
> step behind the crooks.
Yes, exactly, that's what I'm worried about and that's the reason why
I want to add some kind of "safety net" to the central file server
since I don't want it to turn into some kind of central "virus
distributor".
> Best you can do is have have regular full
> virus scans on the Windows PCs hard disks to fix once the anti-virus
> companies catch up.
Yes, I'm aware of that.
>
> You could be very sociable and scan the files at quiet times on the
> server and quarantine...clamav does a nice job at no cost. You can
> also use it as a quality check on your commercial scanner.
Yes, I know about clamav. Nevertheless, I'm still interested in
getting NOD32 to run on that server and that requires Dazuko. Since
there are quite a few Dazuko versions floating around on the net,
which one is recommended for Debian Lenny amd64?
Thanks & kind regards,
Holger
Attachment:
signature.asc
Description: Digital signature