Wednesday, February 27, 2008

So why care about Windows viruses on Linux?


An interesting piece on why Linux servers should be running anti-virus programs:


So why care about Windows viruses on Linux?

If you're running Linux, you are, in a practicality, immune from a Windows virus. So why would you want to bother scanning your files - files that won't work on your computer, anyway (except, for example, through Wine) - for viruses that have no effect on you? Well, the simple answer is, you wouldn't. But it is more complex than that. I'll explain.

Mail servers
The vast majority of Linux anti-virus programs run on mail servers. These are the computers that your mail client connects to when you want to send or receive an email. Since email is one of the main way viruses and trojan horses spread, these servers are the "front-line" in the battle to stop computer viruses. And, since so many of these servers run Linux, it's clear to see the need for a Linux program to detect Windows viruses. If you're running a mail server, whether it be for your home or office, you should definitely be using an anti-virus program to intercept any naughty files that might be trying to move in or out of your network via email.

File servers
Another place where you'd want to run an anti-virus program is on a file server shared my multiple users, even if you trust all of these users. File servers are basically repositories for data; some of that data might come to exist on your server through legitimate sources, but there's no way for you to know where each and every file originated. Running an anti-virus ensures that if someone uploads an infected file, say, downloaded from a Peer-to-Peer network, your file server will detect the threat and stop any other users from becoming infected.

It seems like ClamAV is the de facto standard when it come to open source anti-virus programs. I will have to take a look at it as a possible solution since windows boxes will have a need to connect to the file server.

No comments: