Sophos Anti-Virus for UNIX 7.0 Beta Available – Why bother?

Chris Northwood, one of the developers of Sophos Anti-Virus 7.0 for UNIX

Sophos has recently launched the beta of Sophos Anti-Virus 7.0 for UNIX. Initially this will be for Solaris 9 & 10 Sparc platform and allows users to centrally control policies, consolidate alerts and view reports etc.

Anyone wishing to join the beta program should contact as soon as possible.

But why bother, I hear you ask. Doesn’t malware only affect Windows? So why do I need to add anti-virus to a platform that isn’t affected?

We may note of course that the first internet worm infected UNIX machines, and the first rootkits were trojanised versions of UNIX system utilities. You may say it is ancient history.

More recently our own analysis shows that nearly half the compromised web servers hosting malware are running Apache, and 70% of the infections caught on our linux honeypot are a six year old virus called Rst-B. And the most commonly infected files are trojanised versions of Unix system utilities downloaded by hackers after a successful break-in.

Another good reason is the story of “Typhoid Mary“. The story goes that a health inspector was investigating an outbreak of Typhoid. His initial report was as follows:

“I had my first talk with Mary in the kitchen of this house. . . . I was as diplomatic as possible, but I had to say I suspected her of making people sick and that I wanted specimens of her urine, feces and blood. It did not take Mary long to react to this suggestion. She seized a carving fork and advanced in my direction. I passed rapidly down the long narrow hall, through the tall iron gate, . . . and so to the sidewalk. I felt rather lucky to escape.”

Using other platforms as files servers, or hosting business critical applications makes a great deal of sense, but although modern malware does target the Windows operating system, protecting any UNIX servers, helps prevent reinfection of those desktops from your very own Typhoid Mary.

You may of course disagree with me and you’re confident that your UNIX servers are clean, in which case why not join the beta program and prove me wrong.

PS. The photo above is of Chris Northwood. Chris is a placement student who is working as a developer on our Sophos Anti-Virus for Linux/UNIX R&D team. Apparently the rest of the team chose Chris for the photoshoot as they thought he looked the smartest of all of them. 🙂