Adam Tauno Williams wrote:
What do you do with clamav on a linux server?
You scan the server for malware.
When? Every day via crontab? That can be much too late. Every hour? That can be much too late. Every 10 minutes? That can be much too late - and your server is busy scanning the file system.
The mantra "LINUX doesn't suffer from malware" is just bollocks. Lots of malware is served from LINUX servers. Scanning a server for signatures is just another way to proof (not prove) that a server has not been compromised and that data accessed by the server is secure. Which is what things like PCI/DSS is about - protecting the *data*.
I never said "LINUX doesn't suffer from malware". But clamav itself is not able to scan in real time. Looks like dazuko has gotten a bit better, I don't know about clamuko. But by "just installing clamav, you gain nothing protection wise.
What do you think it protects you against on a linux server?
"against a linux server?" ?
When?
Ralph