Linux AntiVirus

I'm just curious but what antivirus program do you use on your favorie flavor of linux? I'm looking for something to add to my Knoppix CD for diagnosis purposes. My idea is to get a re-writable CD put Knoppix on there with some security/antivirus/system diagnosis tools and keep them update for use on customer's who's systems aren't working correctly. Seems like it could be pretty useful especially with data recovery type endeavors.

I have been using Linux for 6 months and am a subscriber to P-Cillin for Win '98 and have yet to see a virus that will actually affect a linux system. Everyone that I have seen affect M$. I suppose they are around and will become more prominent as the number of users increases. The greatest risk for Linux is intrusion especially if you're on ADSL links and hence the need for an effective firewall.

There do happen to be a few viruses out for linux. But F-Secure has an anti-virus available for linux.

http://www.europe.f-secure.com/anti-virus/webclub/corporate/av4.shtml

There is also OpenAntiVirus but I personally haven't used it.

http://www.openantivirus.org/

*EDIT* I've looked at OpenAV a bit more and they recommend not to use their program if you're really concerned about viruses. I guess that would leave F-Secure as the truly good solution.

-DarkArctic

I don't use any antivirus or firewall software on my Linux boxes. Might be a bit foolish, but they are behind a NAT device, so I figure they are reasonably secure. Nothing of importance (mainly old school reports) on them anyways.

I think the main security concern is keeping your server software up to date, and not running daemons you don't need. Outdated daemons that you don't even know are running are diasters waiting to happen (this is a good reason why Red Hat and the like shouldn't install every server under the sun by default). I don't run any servers, besides the occansional MOH:AA or BF1942, so I don't feel my system is at high risk.

Even if I did, I wouldn't bother with Linux antivirus software; I would just keep my software updated and stay on top of security announcements.

If you're going to be malicious and write a virus, wouldn't you want to write it for an OS that most of the world actually uses? I think I would. I mean, Linux is cool and all but you gotta admit the installed base on the desktop is fairly low compared to Windows.

I'm not actually worried about virii on my Linux systems but I would like to find an antivirus prog that I could on my Knoppix CD. The idea is to have an antivirus scanner that is on a write protected media.

So you want a Linux antivirus program, that detects Windows virii on a mounted volume, and resides on your Knoppix CD? I did some googling, and couldn't find anything like that. Most Linux programs that are aimed to detect Windows virii usually scan mail attachments passing through a mail server.

This is a good idea, BTW, it would be very useful. Please let us know if you find anything

edit:
One thing that might hold you back considerably is Linux's buggy NTFS writting support. Attempting to remove a virus or otherwise altering an NTFS volume in Linux will probably cause more damage than it fixes. Considering that most systems with Win2k or XP format their drives in NTFS, this could be a large problem.

Aside from the problems noted above, Knoppix is pretty filled-up to 700mb. Using a re-writeable media would cost you a lot of space in and of itself and you'd have to trash a lot of the standard knoppix packages.

If you find something suitable, let me know... I'm finishing up the beta version of my Knoppix remaster project tonight.

Well right now it's just a twisted notion in the back of my little head . The way I figure it as far as space is involved is I can sacrifice the games/internet/and other utilities that aren't exactly necessary from the initial Knoppix package. That should free up enough space for the utilities that I'm hoping. As far as NTFS support goes I've got no clue how to get around that.

You´ve got 2 choices with NTFS:
a) Either use the read only Linux module
b) or get NTFS4DOS from winternals. The read only version is available as a trial/demo/free while the read+write version costs money. It uses some DLLs from Windows afaik

Best solution would probably be a mixed one: make the knoppix CD DOS and Linux bootable and have 2 virus scanners as well. Another solution is to scan with knoppix and repair infected files with DOS maybe