7 Replies Latest reply on Aug 21, 2015 11:56 AM by exbrit

    Protection against Linux malware


      Does the Linux version of McAfee protect against Linux malware?


      My understanding is that it will detect Windows malware that is passing through a Linux machine whose role is to interact with other platforms, such as a file server or a mail server.  However, I can find no explicit statement on the McAfee website that the Linux version will also detect Linux malware.  I found one document that comes close to saying this, but I have to say it comes across as weasel words. 


      If we are to believe Wikipedia (Linux malware - Wikipedia, the free encyclopedia), McAfee does not detect Linux malware.


      Can you shed light on this?  If you are a McAfee contributor, I'm looking for some explicit documentation about this.



        • 1. Re: Protection against Linux malware

          Yes it does. McAfee has common DAT for all platforms Windows, Linux and Mac, therefore, VSEL will catch malware for all platforms.




          1 of 1 people found this helpful
          • 2. Re: Protection against Linux malware

            Thanks Vineet.


            Your first sentence is plain enough, but I'm still looking for a McAfee statement that would back it up.  I'd also be interested to know why McAfee has not amended the Wikipedia page, if that page is simply wrong. 


            Your second sentence doesn't seem to be consistent: from the fact that the same malware signature file is used on all platforms it does not follow that this file addresses Linux malware. 



            • 3. Re: Protection against Linux malware

              You'll never get a list as that's confidential but I know they add at least 150,000 signatures daily.


              The nearest you'll get is whatever you can find here: McAfee VirusScan Enterprise for Linux | McAfee Products

              • 4. Re: Protection against Linux malware

                Thanks Ex_Brit.


                This still seems woolly as far as Linux malware is concerned.  I've revisited the data sheet that's available from the page you link to.  Although I stand by my original "weasel words" impression of it, I have to admit that it does lean towards saying that protection against Linux malware is available.  But that's not enough for me to put my reputation on the line and recommend it as such to my employer. 


                There doesn't seem to be any independent testing of anti-malware products against Linux threats, in the way there is for Windows ones.  This is unfortunate, and does mean that even if McAfee were completely explicit about protecting against Linux malware it would be impossible to judge the quality or veracity of such a statement. 


                Nevertheless I wish we could have such a statement from McAfee, as a starting point. 



                • 5. Re: Protection against Linux malware

                  The easiest way to check is to do a Google Search by malware name and add the word VirusTotal into the search and it should list all the a/v companies and how they protect.


                  You wont ever get any statement out of McAfee, or any other company for that matter, but you will get a response if you submit new malware for them, to analyse: Submit a Virus or Malware Sample | McAfee Labs

                  • 6. Re: Protection against Linux malware

                    Thanks again Ex_Brit.  That's by far the most useful information I've received on this.  I had never heard of VirusTotal, but it does appear to be a good, independent way of verifying the recognition of a particular piece of malware by an AV vendor. 


                    And lo and behold, McAfee recognises Linux malware, at least the couple I tested this method with.  That was really all I needed to know.  I am very grateful to you. 

                    • 7. Re: Protection against Linux malware

                      OK, good luck ;-)