
Lead Image © Danila Krylov, 123RF.com
Harden your Linux servers to stop malware
Keep It Clean!
Malware programmers can target significantly more potential victims by developing and distributing their products for Windows, so consumer protection organizations often do not mention antivirus products for Linux. This oversight does not mean the free operating system is secure. Although viruses, worms, and Trojans are less common on Linux than on Windows, they still pose a threat.
For this reason, I look at some projects here that provide basic protection against malware for your Linux server with very little overhead. If your server is a file or mail server, the protection is even indirectly extended to connected (Windows) clients. If you already have basic protection on your Linux boxes, you can also check them for vulnerabilities with a security scanner. For environments in which high security is the order of the day, a security information and event management (SIEM) system is a must-have, which I also look at briefly.
ClamAV
The ClamAV [1] antivirus scanner is probably familiar to every Linux administrator. The software has been around since 2001 and protects Linux and Windows computers alike. In 2013, this classic tool was acquired by commercial network equipment supplier Cisco, which has not changed the open source nature of the project.
Installation and operation are easy to explain: Use the package manager to install the software, load the signatures, and scan the hard drive. These steps are accomplished on Rocky Linux in just three lines:
dnf install clamd clamav freshclam clamscan /home
Numerous online tutorials can help you set up ClamAV. As a bonus, ClamTk (Figure 1) and ClamWin even offer graphical front ends. Next, you can turn your attention to two little-used features: unofficial signatures and real-time protection.
...Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
