On 3/25/19 2:43 PM, Sheehan, Jeremy wrote:
Well, when talking about the malware, one has to think of the use of the systems. Systems that are promiscuous (used by many users), which are in direct contact with the internet or end-user systems probably do need to be protected. However, if your database server is connected to internet, you have bigger problems than malware. That is what firewalls are for. I have played with ClamAV for Linux and found that it has quite a profound impact and it's a nuisance. I wanted to install the new version of Eclipse, which I use for testing SAP Hana, and it has flagged quite a number of jar files as "infected". It was a fresh download directly from eclipse.org. I removed the ClamAV tool and all was well again.
We had a push from Infosec to start installing AV on our Linux servers. They did and then we starting having all sorts of problems (crazy memory leaks) and the server would crash. Keep in mind these are just standalone db servers, not EXA. After asking the Linux admins to look, they said it was the AV software and promptly uninstalled from the affected machine with not even a slap on the wrist from Infosec. It was almost like it was an optional installation and wasn’t even necessary.
Thanks,
*Jeremy*
