219 lines
8.4 KiB
HTML
219 lines
8.4 KiB
HTML
<!--startcut ======================================================= -->
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
|
|
<html>
|
|
<head>
|
|
<META NAME="generator" CONTENT="lgazmail v1.3E.n">
|
|
<TITLE>The Answer Gang 63: linux anti virus?</TITLE>
|
|
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"
|
|
LINK="#3366FF" VLINK="#A000A0">
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<P> <hr>
|
|
<CENTER>
|
|
<!-- *** BEGIN navbar *** -->
|
|
<!-- *** END navbar *** -->
|
|
</CENTER>
|
|
</p>
|
|
<P> <hr> <P>
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
<center>
|
|
<H1><A NAME="answer">
|
|
<img src="../../gx/dennis/qbubble.gif" alt="(?)"
|
|
border="0" align="middle">
|
|
<font color="#B03060">The Answer Gang</font>
|
|
<img src="../../gx/dennis/bbubble.gif" alt="(!)"
|
|
border="0" align="middle">
|
|
</A></H1>
|
|
<BR>
|
|
<H4>By Jim Dennis, Ben Okopnik, Dan Wilder, the Editors of <em>Linux Gazette</em>...
|
|
and You!
|
|
<br>Send questions (or interesting answers) to
|
|
<a href="mailto:linux-questions-only@ssc.com">linux-questions-only@ssc.com</a>
|
|
</H4>
|
|
</center>
|
|
|
|
<p><hr><p>
|
|
<!-- endcut ======================================================= -->
|
|
<!-- begin 15 -->
|
|
<H3 align="left"><img src="../../gx/dennis/qbubble.gif"
|
|
height="50" width="60" alt="(?) " border="0"
|
|
>linux anti virus?</H3>
|
|
|
|
<p><strong>From Jugs
|
|
</strong></p>
|
|
<p align="right"><strong>Answered By Mike Orr, Heather Stern
|
|
<br></strong></p>
|
|
|
|
<!-- sig -->
|
|
|
|
<BLOCKQUOTE>
|
|
On Sat, Sep 16, 2000 at 03:59:53PM +0200, jugs wrote:
|
|
</BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
hi
|
|
<br>i wonder if you could help?.
|
|
|
|
<br>i am running a mail/internet server with the red hat linux (6.2) operating
|
|
system. Viruses are getting through the end user via emails and are spread
|
|
over my local area network.
|
|
</STRONG></P>
|
|
<P><STRONG>
|
|
1) is there any anti virus software that i can get for the linux box?
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
> [Mike]
|
|
Yes, but I don't know the names offhand. Check previous issues of The
|
|
Answer Gang, News Bytes, the <em>LG</em> search page, and
|
|
<a href="www.securityportal.com">www.securityportal.comi</a>.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
> [Heather]
|
|
Yes. I'm operating on the assumption that your linux box is the hub through
|
|
which all mail is received, maybe even the only place that mail really comes
|
|
to, because the typical Windows or Mac client uses POP.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
You could use:
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE><DL><DT>
|
|
AMaViS (A Mail Virus Scanner) ...note, they have a bunch of great links too!
|
|
<DD><A HREF="http://www.amavis.org"
|
|
>http://www.amavis.org</A>
|
|
</DL></BLOCKQUOTE>
|
|
<BLOCKQUOTE><DL><DT>
|
|
<A HREF="http://www.freshmeat.net/">Freshmeat</A> has a whole section on antivirus daemons
|
|
<DD><A HREF="http://freshmeat.net/appindex/Daemons/Anti-Virus.html"
|
|
>http://freshmeat.net/appindex/Daemons/Anti-Virus.html</A>
|
|
</DL></BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
Mind you, most of these require that you have the linux version of one of
|
|
the commercial vendors' antivirus apps, or, they're meant to deal with problems
|
|
which usually break the clients (e.g. poor MIME construction, etc). At least
|
|
one of the commercial vendors has a complete solution for us though... and
|
|
a handful of other 'Ix flavors too:
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE><DL><DT>
|
|
Trend Micro's Interscan VirusWall
|
|
<DD><A HREF="http://www.antivirus.com/products/isvw"
|
|
>http://www.antivirus.com/products/isvw</A>
|
|
</DL></BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
...and in case anyone is wondering whether it only works on RH, I have a
|
|
few clients who got it working on <A HREF="http://www.suse.com/">SuSE</A> and seem pretty happy with it.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
For those who prefer to go with all free parts, I have to note, VACina
|
|
(a sourceforge project) isn't very far along, and anti-spam stuff can be
|
|
twisted only so far if you aren't planning to become an antivirus engineer
|
|
on your own.
|
|
</BLOCKQUOTE>
|
|
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
2) the option of buying software for each machine wipes my budget out.
|
|
preferably the solution that i would like would be to stop the virus at
|
|
the server.
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
> [Heather]
|
|
<EM>That</EM> shouldn't be a problem, the stuff I described above works at the
|
|
server level. I have to warn you though, thaat I used to work in the
|
|
antivirus field, and until those macro viruses (yeah, viruses ... the
|
|
biological ones are virii) came around, the vast percentage of infections
|
|
were from accidental boots off a floppy. There's also a type of virus
|
|
that is carried in programs, but as soon as given a chance, hits the boot
|
|
sector too. So going without some sort of resident checker, or if that's
|
|
too much, then a downtime window where your staff goes through and checks
|
|
all the machines, is not really doing a complete job.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
A school I did a bunch of work with solved the problem in their labs in this
|
|
way: every evening when the lab closed, they'd go around with a spot checker
|
|
and take notes what was found. They didn't waste time cleaning any, they
|
|
just reformatted and reinstalled the OS from a network image. (Among other
|
|
things, that way they didn't have to worry if they missed some new breed.)
|
|
But they posted the note on the wall, how many viruses were found the night
|
|
before. They also made it easy for students to spot check their disks. Of
|
|
course, the school had an educational license to the AV software. You can
|
|
think of this as the "free clinic" style of solving it, if you like... though
|
|
real illnesses, sadly, can't be solved by reformatting the human.
|
|
</BLOCKQUOTE>
|
|
<BLOCKQUOTE>
|
|
But, I can't say what your budget really is. In the end, you'll have to
|
|
decide if you want to spend more time or more money.
|
|
</BLOCKQUOTE>
|
|
<P><STRONG><IMG SRC="../../gx/dennis/qbub.gif" ALT="(?)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
>
|
|
if you could suggest a solution i would be grateful
|
|
</STRONG></P>
|
|
<P><STRONG>
|
|
thanking you
|
|
<br>jugs
|
|
</STRONG></P>
|
|
<BLOCKQUOTE><IMG SRC="../../gx/dennis/bbub.gif" ALT="(!)"
|
|
HEIGHT="28" WIDTH="50" BORDER="0"
|
|
> [Heather]
|
|
Everyone else wondering about solutions for their virus ills in a mixed
|
|
environment, surely thanks you for asking, Jugs. Good luck in the battle!
|
|
</BLOCKQUOTE>
|
|
|
|
<!-- sig -->
|
|
|
|
|
|
<!-- end 15 -->
|
|
<!--startcut ======================================================= -->
|
|
<P> <hr> </p>
|
|
<!-- *** BEGIN copyright *** -->
|
|
<H5 align="center">This page edited and maintained by the Editors
|
|
of <I>Linux Gazette</I>
|
|
<a href="http://www.linuxgazette.com/copying.html"
|
|
>Copyright ©</a> 2001
|
|
<BR>Published in issue 63 of <I>Linux Gazette</I> February Extra 2001</H5>
|
|
<H6 ALIGN="center">HTML script maintained by
|
|
<A HREF="mailto:star@starshine.org">Heather Stern</a> of
|
|
Starshine Technical Services,
|
|
<A HREF="http://www.starshine.org/">http://www.starshine.org/</A>
|
|
</H6>
|
|
<!-- *** END copyright *** -->
|
|
<P> <hr>
|
|
<!-- begin tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<p align="center">
|
|
<table width="100%" border="0"><tr>
|
|
<td align="right" valign="center"
|
|
><IMG ALT="" SRC="../../gx/navbar/left.jpg"
|
|
WIDTH="14" HEIGHT="45" BORDER="0" ALIGN="middle" border="0">
|
|
<A HREF="../lg_answer63.html"
|
|
><IMG SRC="../../gx/dennis/answertoc.jpg" align="middle"
|
|
ALT="[ Answer Guy Current Index ]" border="0"></A></td>
|
|
<td align="center" valign="center"><A HREF="../lg_answer63.html#greeting"><img align="middle"
|
|
src="../../gx/dennis/smily.gif" alt="greetings" border="0"></A>
|
|
<A HREF="1.html">1</A>
|
|
<A HREF="2.html">2</A>
|
|
<A HREF="3.html">3</A>
|
|
<A HREF="4.html">4</A>
|
|
<A HREF="5.html">5</A>
|
|
<A HREF="6.html">6</A>
|
|
<A HREF="7.html">7</A></td>
|
|
<td align="left" valign="center"><A HREF="../../tag/kb.html"
|
|
><IMG SRC="../../gx/dennis/answerpast.jpg" align="middle"
|
|
ALT="[ Index of Past Answers ]" border="0"></A>
|
|
<IMG ALT="" SRC="../../gx/navbar/right.jpg" align="middle"
|
|
WIDTH="14" HEIGHT="45" BORDER="0"></td></tr></table>
|
|
</p>
|
|
<!-- end tagnav ::::::::::::::::::::::::::::::::::::::::::::::::::::-->
|
|
<P> <hr>
|
|
<CENTER>
|
|
<!-- *** BEGIN navbar *** -->
|
|
<!-- *** END navbar *** -->
|
|
</CENTER>
|
|
</p>
|
|
<!-- ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: -->
|
|
</BODY></HTML>
|
|
<!--endcut ========================================================= -->
|