Demand grows for antivirus for Linux

As Linux is used more and more for mission-critical applications, enterprises are asking for antivirus protection for open-source platforms.

Linux has outgrown its geeky mystique to become firmly entrenched in the enterprise. As such, issues like antivirus protection have become more important as companies use the operating system for sensitive duties.

Antivirus protection for the open-source operating system wasn't as big an issue when it was only used by "technology gurus," said Steven Sundermeier, product manager at Medina, Ohio-based Command Central, which offers antivirus protection for Linux systems. "They saw the Linux operating system as their antivirus protection," he said.

But times have changed. IBM has bet billions of bucks on Linux. It's now running on everything from low-end servers to its zSeries mainframes. Some companies are turning to Linux to escape the constraints of Windows licensing, said Dennis Bella, director of sales and alliances for New Rochelle, N.Y.-based RAE Internet, which sells antivirus software for many distributions including for Linux on the mainframe.

Choices for Linux antivirus protection abound. The large vendors have offerings for the platform because their customers demand support for it as they run Linux in additional to other OSes. Some smaller vendors see Linux as a strategic market, and see room to get in early and potentially dominate.

Of course, users of Linux may want to stick to open-source applications and there is a move afoot to create just such antivirus software. The Open AntiVirus Project was started in 2000, to address the "urgent need for transparent antivirus solutions which can be reviewed properly and without restrictions or limitations," said Howard Fuhs, the project's co-founder, in an e-mail interview.

So far, the project has some working products available for download but Fuhs wouldn't recommend them to "the average mortal computer user" yet. "It cannot yet be compared to commercial projects in the field of antivirus-technology," he said.

Some Linux users may question the need for antivirus software of any kind. There aren't many Linux worms and viruses. The constant onslaught of malicious code may be one reason why some switched from Windows to Linux in the first place. "A lot of Linux admins (and Mac ones as well) think viruses and worms aren't something they need to worry about," Chris Wraight, technology consultant at antivirus vendor Sophos.

Echoing those sentiments, Fuhs said "Today anti-virus software is no longer an optional protection system for anxious users but more a mandatory protection for people communicating worldwide over the Internet."

Protecting against Linux-based malicious code isn't the only issue. While a worm may not infect a Linux machine, the system may be able to forward it to Windows systems it can infect. "Let's say Sally is running Linux so she can't be infected by a Word Macro virus," Sundermeier said. "She may send it along to Joe. He assumes Sally is protected and blindly opens up the infected Word file."

A more dangerous case would be a Linux e-mail server. While most intercepted viruses and worms won't infect it, the machine can definitely pass on infected messages. As such, Linux antivirus software often includes both definition files for Linux, Windows (and in some cases Mac) malicious code.

But as Linux becomes more popular, more malicious will likely follow suit. "Virus writers will attack the most prevalent operating systems and applications, because that will get their virus to spread the farthest," said Ryan McGee, director of product marketing for McAfee Security.

On the whole, Windows is still the domain for viruses but development of true Linux worms is on the rise, said Roger Thompson, technical director of malicious code research for TruSecure Corp. "They are something to be concerned about as they do exist," he said.

There has been some high-profile Linux worms such as Ramen and Lion, Thompson said. More recently, the Slapper worm targeted Linux machines.

The availability of Linux source code doesn't necessarily make it easier to write malicious code to attack it, Thompson said. "The real issue is if there is exploit code public. If that is the case then anything is possible."


FOR MORE INFORMATION:

SearchSecurity.com news exclusive: "Basic security tenets apply to open source programs too"

SearchSecurity.com news exclusive: "Is a Sendmail worm likely?"

Best Web Links on securing Linux platforms

SearchSecurity.com Webcast: "The State of IT Security"

Dig deeper on Malware, Viruses, Trojans and Spyware

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close