You don’t “clean malware”. You level the machines and start over. Anything less is a disservice to your Customer and asking for trouble. As far as dealing with the “threat”, you don’t allow users to run with Administrator-level accounts (on Windows), and you don’t install untrusted software (inasmuch as is possible). It seems fairly simple … Read more
The main reason to have anti-virus running on linux servers is usually not to protect the server itself – but to protect the end users who use the services / files on the server. Think of the server as a potential virus carrier. In order to protect the server itself you should be looking at … Read more
We use NOD32. The main reason for choosing it was because it was less of a resource-hog than the others.
Windows Defender adds entries to the Event Viewer in the following location: Event Viewer >> Applications and Services Logs >> Microsoft >> Windows >> Windows Defender >> Operational Where you’ll see: Windows Defender scan has started. (Event ID 1000) Windows Defender scan has finished. (Event ID 1001) Windows Defender signature version has been updated. (2000)
Yes, it’s certainly a reasonable request. The day you deny that your infrastructure is vulnerable to virus threats is the day you’ve lost a great deal of credibility. You need to weigh the ramifications (annoyance factor, possible performance issues, maintenance overhead) of running AV with the value of this contract. If one company is listing … Read more
A well run webserver should IMHO not have a commercial anti-virus (AV) package installed. The kind of Office macro viruses and mass-market trojans that AV packages are optimized for are a poor match to the problems of a web server. What you should do is: Absolutely obsess over input validation. Examples: that users can’t upload … Read more
I think you acknowledge an interesting sys-admin truth there, which is that unless you can reduce the probability of being hacked to zero then eventually, at some point, you are going to get hacked. This is just a basic truth of maths and probability, that for any non-zero probability of an event. The event eventually … Read more
You NEED antivirus software It’s been said a few times in these answers that developers should know better, or should only install software they need from known good sites, etc, so if you need antivirus you have a social issue, not a technical issues. A few points on that: Prevention is only one of the … Read more
The easiest way would be to us an EICAR test file. Create a text file and add in the following code: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* More information here
Yes, although for the most part they are configured to scan for viruses overnight with real-time file protection disabled, the exceptions are: File servers – Set to scan on write only. Full nightly scan. Sharepoint – No current anti-virus, waiting on Sophos for SharePoint to come out of beta. Exchange – Exchange specific anti-virus soloution. … Read more