Is any virus protection software needed for Red Hat Enterprise Linux?

Resolution

• Red Hat does not provide anti-virus software.

• Red Hat does provide a high level of security in the operating system and packages that we distribute. As security issues are discovered in various applications, Red Hat provides updated packages in a way which keeps potential risk to a minimum.

• For information on Red Hat's policy on backporting security fixes see "Security Backporting Practice".

• For information on Red Hat's policy on product security see "Product Security Overview".

• Red Hat Enterprise Linux also includes a set of technologies which can greatly reduce the chance of Linux-specific exploits. One example found in Red Hat Enterprise Linux 3 and higher versions is ExecShield, which helps to eliminate memory buffer overflow exploits . Another example available in Red Hat Enterprise Linux 4 and above is SELinux, which is an implementation of a mandatory access control mechanism.

• There are also some good security practices to follow to make sure a system is safe:

  • Keep a system updated so all patches and security updates are installed. A subscription to Red Hat Subscription Management (RHN) will help keep a system updated.
  • Run a local firewall on the system, such as iptables, to block any unused ports.
  • Do not login as the root user unless needed. Use sudo and log in as a non-root user.
  • Do not execute any untrusted code on the system, especially as the root user.

• Enable Security-enhanced Linux (SELinux). This mechanism is in the Linux kernel, checking for allowed operations after standard Linux discretionary access controls are checked.

• The following guides give detailed information on configuring a particular version of Red Hat Enterprise Linux from a security point of view :

  • Red Hat Enterprise Linux 8
    • Security hardening
    • Securing networks
    • Managing and monitoring security updates
    • Using SELinux
  • Red Hat Enterprise Linux 7
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 4

• There are third party anti-virus programs available from the Linux community, that protect other Windows clients on the network from viruses. They scan the files looking for Windows virus signatures. Thus, for example, a samba server serving files to Windows clients could have the anti-virus running on the samba server scanning these files

  • One example of such an anti-virus is ClamAV. Clam AntiVirus is available from http://www.clamav.net/ but is not distributed or supported by Red Hat.
  • The article Is fanotify supported in Red Hat Enterprise Linux? provides insight into real-time filesystem scanning and usage by various anti-virus software vendors.