Re: Antivirus OR ids system
Well Viruses and intrusions are different things.
Originally Posted by Mgiacchetti
The mindset about not needing AV is open to conjecture.
The fact is there are no viruses in the wild which effect Linux, though there could be, the thing is if there was then AV would not detect them anyways so a vicious circle.
AV on linux is for scanning for infections that could spread to windows through shared files.
there is no AV solutions which scans for intrusions.
Viruses are rarely if ever associated with system compromise as most of the payloads are nuisance based.
Malware in general however such as trojans are a different matter.
For intrusions i personally like snort but the process in general is better in a layered approach with firewall policies and rules, log monitoring etc.
There is no one solution which does not require effort and work on your part to achieve the goals you seek.
Security is a process not a product.
Read the basic security wiki for a good start and then read the links from there
Last edited by haqking; June 4th, 2012 at 01:24 PM.
Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2
Backtrack - Giving machine guns to monkeys since 2006
Kali-Linux - Adding a grenade launcher to the machine guns since 2013