ClamAV - do you suggest to use it?
I do not run an email server, I am using google apps for all of my sites.
Therefore, I am considering disabling ClamAV.
Most of what I can find about ClamAV is in regards to email server.
So without running an email server, would you still suggest using ClamAV? Or does it really not matter?
Also, I am on a Linode 512, I just checked and clamd was using more memory than anything else, 160mb.
14 Replies
Not saying that it doesn't its job well, just that cost on Linode512 is too high.
i now have 9 sites using 5mb vram and 220mb ram, i am quite happy now.
Seems it doesn't apply in OP's case.
most of the sites on this server are mine or i am in control of them and the client is not.
only two sites are used by other people i know and they barely use the sites.
@rsk:
So when someone tries to send infected stuff through your mailserver / FTP exchange / download site you notice and stop it before it spreads flagging you as the source.
Seems it doesn't apply in OP's case.
How would it spread if every client PC is protected? If every client PC needs antivirus protection anyhow, there isn't much point running a central AV for the mail server. If you have unprotected machines on your network that might spread something, that's a different story.
If the OP isn't running a mail server, then ClamAV serves no purpose.
@rsk:
Spread as in, gets sent through you, and the next mailserver (or eve end-user's local AV) notices it, and screams "That stuff from
is virused!". J. Random user implies "that server's bad". We want to avoid it, don't we?
Gets sent through you how? Unless you're running an open relay, that doesn't happen. In most corporate environments, antivirus programs are mandatory and enforced on PCs.
So, again, the only risk here is if you've got unprotected machines connecting to your mail server.
I do the same for firewalls. If I can keep from it I will have multiple brands and types of firewalls protecting my critical assets in case one has a vulnerability that causes it to permit traffic that it shouldn't.
@carmp3fan:
in case one has a vulnerability that causes it to permit traffic that it shouldn't.
If that was even remotely true - time to find a way better firewall
@vonskippy:
@carmp3fan:in case one has a vulnerability that causes it to permit traffic that it shouldn't.
If that was even remotely true - time to find a way better firewall
My primary job is in security, so I deal with firewalls quite often. I've seen this issue with multiple firewalls from different well-known and commonly used vendors. Firewalls are just software on the inside. Coding mistakes happen.
@ripken204:
for the 100th time i am not running a mail server!
In my opinion it all depends on what the server is used for. For a mail server, of course, but since you have said for the 100th time that you aren't running a mail server, it depends. For an FTP server, probably. For a web server, maybe. For a simple test server, probably not. It just depends on what you are using it for and what other controls you have in place to protect the system and the files available on it.