[CentOS] Antivirus for CentOS? (yuck!)
NM
nico at altiva.fr
Thu Apr 23 19:12:51 UTC 2009
On Thu, 22 Jan 2009 15:55:11 -0500, Adam Tauno Williams wrote:
> Yes, you gain the ability to detect a compromised server.
Absolutely not, you don't gain that ability at all. Again we're talking
*viruses* not all malware. An antivirus will never detect a good rootkit;
modern rootkit employ sophisticated stealth techniques and hide
themselves and their files from all other processes. They typically
insert an invisible kernel module. An antivirus can't do squat about
that ... because that's not a virus anyway.
On the other hand an antivirus is yet another piece of useless garbage
running on your server, and one more opportunity for an attacker to pwn
you.
More information about the CentOS
mailing list