“So, we’ve covered Virus scanning for Linux in general, as
well as where to place the scanning software. Even if you do all
that perfectly, though, you can still run into problems.“
“Software being disabled, intentionally or accidentally, is a
problem. Sometimes users will simply start right-clicking on stuff
in the taskbar to free up memory, or do a ps listing and kill off
commands that don’t look critical. Sometimes software just stops
working (i.e. fails to start at boot time), or is not called
properly by a helper program such as AMaViS, which scans
email….”
“Viruses that bypass software are another problem. If you
install an antivirus firewall, and scan all traffic to and from the
Internet, it is still possible for users to slip a virus in
(intentionally or not). The simplest problem would be an SSL-based
Website. The virus scanner can’t scan encrypted content, so the
virus will get past. Encrypted email is another example of this
problem. If you have a dial-in pool of modems, you’d better make
sure there is virus scanning software in between them and the
network. (Having a firewall in between is also a good idea,
preferably one that requires authentication). If users are allowed
to use removable media (floppy disks, CD-ROMs, zip disks, etc.),
they can inadvertently introduce a virus onto the network.”