Hi, I work for a server that runs on apache and red hat. I need to get a anti-virus for the server as we have possible trojans that we need to quarantine. I appreciate any posts.

What gives you the impression that you might have Trojans on your system?

Well the unix version of trojans here is what I have.

Well, there's 3 possible causes:

- A virus got onto your system. This would most likely involve a virus exploiting a security hole in one of your daemons, or you or another administrator executing malicious code under the root account.
- A hacker broke into your system. They replaced a number of your system binaries with Trojans (and probably a hell of a lot of other stuff too).
- Your system is fine, that's just the result of a lousy Trojan-checker.

Since I find #1 extremely unlikely, and judging by the fact that you haven't even bothered to mention the name of the program that made these Trojan claims, nor has it provided any kind of proof on why it's making these claims, I would say that it's most likely to be case #3.

Of course, if you did manage to compromise the security of an entire server, I would recommend you wiping the entire OS and starting from scratch again. It's one thing to have a virus or two on a desktop computer, it's quite another when an entire network server gets compromised.

The first thing you should probably do is compare checksums between the suspected binaries and fresh copies downloaded from the web (remember to download the exact same version). If they match, then it was a false alarm. However, if you're finding quite a number of those binaries to have different checksums, then the security of your server has probably been compromised.

Thanks it was #3 I had the techs at the company I work at update all of our software and doublecheck the server to make sure it is safe and it is. IT was a bad whm scanner.

I think you can get ClamAV and AVG for linux anyway