[CentOS] Antivirus for CentOS? (yuck!)

Thu Apr 23 19:06:33 UTC 2009
NM <nico at altiva.fr>

On Thu, 22 Jan 2009 14:01:26 -0500, Adam Tauno Williams wrote:

> You scan the server for malware.

You run a useless process widening your attack surface. 

Hint: "Security is a trade-off" -- Schneier.

Don't trade actual security for cargo cult systems administration.

> There is nothing special about LINUX here.  The whole "don't run
> services as root" business is just so much noise.  It isn't about
> protecting the *server* it is about protecting the *data* which is
> accesses [hopefully] by services which are *not* root.  It is about the
> data and the clients that connect to the server.

There is something special about Linux, it's called RPM. We don't run 
arbitrary binaries. We don't let strange .exe put files wherever they 
please. Bonus: rpmverify, free of charge.

That doesn't mean that there aren't vulnerabilities or malware. It means 
that *viruses* are not a problem.