Friday, July 29, 2011

Why The Antivirus?

Although viri on Linux are not very common, it is not unusual to find anti virus utilities available. You may ask what the point is if your operating system is not as vulnerable to these types of threats but perhaps you are looking at it the wrong way. What better platform is there to act as an anti-virus scanner then one that isn’t as likely to get owned?
Take this example: a Linux file server Vs. a Windows 2003 file server. Just by plugging the Windows server in it may be at risk, in an hostile environment (eg Internet), while the Linux server may not have as much risk (at least from a Virus attack)
We all know the benefits of running Linux file servers such as cost, stability and coolness so we won’t touch on those but there are downsides to running a Linux file server. One of the major downsides is that Linux servers have a perception of being hard to manage. While they can be significantly different from managing a Windows server this myth is often on the top of the list for decision makers.
Often system administrators (myself included in this one) get lazy in their samba configurations. This is a potential problem because a sneaky virus could attempt to write its self to any writable volume, which could cause a lot of grief for the poor Windows machines. Or perhaps in tandem with the writable volume an exploit for a piece of out dated software allowing the writable file to be executed.
A friend of mine first introduced me to the concept of anti-virus scanners on a machine he had created specifically for the purpose of housing his virus collection. He had made a script that extracted information about the virus and cataloged it for easy reading and searching. All he had to do to add a virus to his collection was copy it to a folder. With this method he was able to quickly search and find any virus he had on file for specific traits or purposes for analysis. While some may call this overkill for him it was a hobby. Would you keep your entire virus collection on a Windows machine?
As with any operating system, it is only as secure as you make it, therefore running an anti virus on your Linux machine may not be as stupid as it first sounds. Especially if they interact with the dirty Windows boxes on a regular basis. Then again, if you’re purely a Linux shop, enjoy the cleanliness while it lasts.