- Red Hat Enterprise Linux 8
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 4
- Is any virus protection software needed for Red Hat Enterprise Linux?
- Does Red Hat provide any-virus protection software?
Red Hat does not provide anti-virus software.
Red Hat does provide a high level of security in the operating system and packages that we distribute. As security issues are discovered in various applications, Red Hat provides updated packages in a way which keeps potential risk to a minimum.
For information on Red Hat's policy on backporting security fixes see "Security Backporting Practice".
For information on Red Hat's policy on product security see "Product Security Overview".
Red Hat Enterprise Linux also includes a set of technologies which can greatly reduce the chance of Linux-specific exploits. One example found in Red Hat Enterprise Linux 3 and higher versions is ExecShield, which helps to eliminate memory buffer overflow exploits . Another example available in Red Hat Enterprise Linux 4 and above is SELinux, which is an implementation of a mandatory access control mechanism.
There are also some good security practices to follow to make sure a system is safe:
- Keep a system updated so all patches and security updates are installed. A subscription to Red Hat Subscription Management (RHN) will help keep a system updated.
- Run a local firewall on the system, such as
iptables, to block any unused ports.
- Do not login as the root user unless needed. Use
sudoand log in as a non-root user.
- Do not execute any untrusted code on the system, especially as the root user.
Enable Security-enhanced Linux (SELinux). This mechanism is in the Linux kernel, checking for allowed operations after standard Linux discretionary access controls are checked.
The following guides give detailed information on configuring a particular version of Red Hat Enterprise Linux from a security point of view :
There are third party anti-virus programs available from the Linux community, that protect other Windows clients on the network from viruses. They scan the files looking for Windows virus signatures. Thus, for example, a samba server serving files to Windows clients could have the anti-virus running on the samba server scanning these files
- One example of such an anti-virus is ClamAV. Clam AntiVirus is available from http://www.clamav.net/ but is not distributed or supported by Red Hat.
- The article Is fanotify supported in Red Hat Enterprise Linux? provides insight into real-time filesystem scanning and usage by various anti-virus software vendors.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.