Antivirus for OS X and/or Linux?

Question

What antivirus solutions would you recommend for OS X and Linux desktops? Is antivirus software even necessary?

Answer 1

The obvious answer here is clamAV, which has a unix and mac version (clamxav).

Avast! and Norton are both now offering anti-virus for macs.

Panda anti-virus is also avaliable on Linux and AVG are offering a "Linux server version".

If your handling windows files a virus checker might well be a good idea. However if you obey the unix security model (e.g. don't run as root) you should be protected from a lot of stuff.

If the machine is a server it might be worth running a root kit checker on a cron job.

Answer 2

ClamAV is a pretty nice open source antivirus solution for unix based operating systems.

As for "is it necessaray"? I personally do not even run AV software on my windows machines, I use other security methods along with good old safe browsing habits to avoid viruses. That being said, it is probably not a bad idea. While only a fraction of viruses target linux/osx, they do exist.

I would especially consider it on an internet facing server.

Answer 3

I also use the already mentioned ClamAV ( http://www.clamxav.com/ ). Not so much because I am worried about a Mac virus, but as bit of paranoid preventive precaution.

I have had it detect and clean an infected windows .exe file that I was transferring from one machine to another while using my mac as the middle man. So if only to prevent your machine from acting as a transmitter of infection, it probably doesn't hurt.

Answer 4

A list of supported AV scanners from my MailScanner.conf file:

sophos    from www.sophos.com
mcafee    from www.mcafee.com
command   from www.command.co.uk
bitdefender from www.bitdefender.com
drweb     from www.dials.ru/english/dsav_toolkit/drwebunix.htm
kaspersky from www.kaspersky.com
etrust    from www3.ca.com/Solutions/Product.asp?ID=156
inoculate from www.cai.com/products/inoculateit.htm
inoculan  from www.ca.com
nod32     from www.nod32.com
f-secure  from www.f-secure.com
f-prot    from www.f-prot.com
panda     from www.pandasoftware.com
rav       from www.ravantivirus.com
antivir   from www.antivir.de
clamav    from www.clamav.net
trend     from www.trendmicro.com
norman    from www.norman.de
css       from www.symantec.com
avg       from www.grisoft.com
vexira    from www.centralcommand.com
avast     from www.avast.com
esets     from www.eset.com
vba32     from www.anti-virus.by/en/

Answer 5

Since you say the users are untrusted, then I would suggest you should consider some sort of AV. Your OSX users might try to install cracked software or there might be another vulnerability found in Safari or Adobe Flash.

The fact that the sort of people who read serverfault are unlikely to get infected doesn't imply that security is unnecessary for naive users.

Answer 6

I haven't run any AV on either OS X or Linux boxes. ever. I think the only thing to be careful with is read messages and keep an eye on what is happening. Also enable extensions like noscript in firefox to ensure that you know what is being run.

Answer 7

I would recommend clamAV as others here, with the mention that it is mainly for email scanning on a server. I have also heard good things about Panda. I know others are getting into the Unix-like AV arena as well.

Keep in mind why you are using AV. Are you using it on a file server to ensure your users don't share virus-ridden files? Or are you using it to protect your email users from sending or receiving viruses? Or are you interested in ensuring users don't load a Unix-based virus on the system?

Each usage would probably recommend a different product as "best" for that situation.

That said, it sounds like you just want to be sure you do not get any viruses. In that case, from what I have read, Panda would be your best bet. Like others, I don't feel it is necessarily vital to have, but when on a mixed network with untrusted others, it's always a good idea.