[BBLISA] Summary: Commercial anitvirus scanner for Linux?
Paul Beltrani
spamgrinder at gmail.com
Thu Mar 12 17:21:02 EDT 2009
On Tue, Mar 10, 2009 at 3:52 PM, Paul Beltrani <spamgrinder at gmail.com> wrote:
> I need be able to demonstrate to a "Certification Commission" that
> some systems " ... shall be certified free of malevolent software ...
> ... self-certify compliance with this standard through procedures that
> make use of commercial malware scanning software."
>
> In other words, I need to find a commercial package that scans Linux
> systems for malware. A quick search turned up "McAfee LinuxShield"
> which should meet the requirement.
>
> After the laughter has stopped, would anyone care to recommend a product?
>
> - Paul Beltrani
>
Thanks for all the replies. In short, these are the scanners for
linux maleware which were mentioned:
Sophos AV, http://www.sophos.com/products/enterprise/endpoint/security-and-control/8.0/
McAffe LinuxShield,
http://shop.mcafee.com/products/LinuxShield.aspx?pid=LINUXSH&CID=MFE-3001
Kaspersky Anti-Virus, http://www.kaspersky.com/anti-virus_linux_file_server
F-Secure Anti-Virus,
http://www.f-secure.com/en_EMEA/products/business/servers/anti-virus-for-servers/
F-Prot Antivirus,
http://www.f-prot.com/products/corporate_users/unix/linux/workstations.html
Sourcefire ClamAV, http://www.sourcefire.com/products/clamav/
Several people mentioned ClamAV. Unfortunately, I do not believe it
meets the requirement of "commercial software". It may have
commercial support, but it I don't think that satisfies the the
"commercial software" requirement.
Someone also mentioned "tripwire". Again, a fine tool but I don't
believe it strictly meets the requirement. Indicating a file has
changed is not the same as indicating malware is or is not present.
- Paul Beltrani
More information about the bblisa
mailing list