Is any virus protection software needed for Red Hat Enterprise Linux?

Resolution

• Red Hat does not provide anti-virus software.

• Red Hat does provide a high level of security in the operating system and packages that we distribute. As security issues are discovered in various applications, Red Hat provides updated packages in a way which keeps potential risk to a minimum.

• For information on Red Hat's policy on backporting security fixes see "Security Backporting Practice".

• For information on Red Hat's policy on product security see "Product Security Overview".

• Red Hat Enterprise Linux also includes a set of technologies which can greatly reduce the chance of Linux-specific exploits. One example found in Red Hat Enterprise Linux 3 and above versions is ExecShield, which helps to eliminate memory buffer overflow exploits . Another example available in Red Hat Enterprise Linux 4 and above is SELinux, which is an implementation of a mandatory access control mechanism.

• There are also some good security practices to follow to make sure a system is safe:

  • Keep a system updated so all patches and security updates are installed. A subscription to Red Hat Subscription Management (RHN) will help keep a system updated.
  • Run a local firewall on the system, such as iptables, to block any unused ports.
  • Do not login as the root user unless needed. Use sudo and log in as a non-root user.
  • Do not execute any untrusted code on the system, especially as the root user.

• Enable Security-enhanced Linux (SELinux). This mechanism is in the Linux kernel, checking for allowed operations after standard Linux discretionary access controls are checked.

• The following guides give detailed information on configuring a particular version of Red Hat Enterprise Linux from a security point of view :

  • Red Hat Enterprise Linux 9
  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 4

• There are third party anti-virus programs available from the Linux community, that protect other Windows clients on the network from viruses. They scan the files looking for Windows virus signatures. Thus, for example, a samba server serving files to Windows clients could have the anti-virus running on the samba server scanning these files

  • One example of such an anti-virus is ClamAV. Clam AntiVirus is available from http://www.clamav.net/ but is not distributed or supported by Red Hat.
    Note: Links contained herein to external website(s) are provided for convenience only. Red Hat has not reviewed the links and is not responsible for the content or its availability. The inclusion of any link to an external website does not imply endorsement by Red Hat of the website or their entities, products or services. You agree that Red Hat is not responsible or liable for any loss or expenses that may result due to your use of (or reliance on) the external site or content.

  • The article Is fanotify supported in Red Hat Enterprise Linux? provides insight into real-time filesystem scanning and usage by various anti-virus software vendors.