antivirus Whats the best free anti virus for a server?

[FuchsFuchs1]

So i have Server that i primarely use to host my Minecraft server and some wierd stuff have been happening(folder vanishing, anti virus broken). It runs Windows server 2019 Standart and the antivirus i use is Avira Free.

[Windows7ge]

"Best" is subjective. I would tell you Windows Defender should be fine but for third party I always used to use Avast Anti-virus and Malwarebytes Anti-malware but I don't know the state of either company today so do some research on them beforehand or wait for someone to come screaming in that you shouldn't or should use (insert software here).

 

If I were to throw my honest opinion out onto the open floor it'd be the best anti-virus you could use is yourself. Firewalls exist for a reason. Only open what you absolutely have to. Alternatively consider splitting the servers up with virtualization so they can't interact with each other as easily. Think about VLANs or separate subnets if you want to get really tinfoil hat like about it.

 

Also as for files/folders disappearing sounds more like a hardware/software issue than someone breaking in. Could be a drive is failing, bad sectors, file system corruption, or an issue with the motherboard.

[FuchsFuchs1]

18 minutes ago, Windows7ge said:

"Best" is subjective. I would tell you Windows Defender should be fine but for third party I always used to use Avast Anti-virus and Malwarebytes Anti-malware but I don't know the state of either company today so do some research on them beforehand or wait for someone to come screaming in that you shouldn't or should use (insert software here).

 

If I were to throw my honest opinion out onto the open floor it'd be the best anti-virus you could use is yourself. Firewalls exist for a reason. Only open what you absolutely have to. Alternatively consider splitting the servers up with virtualization so they can't interact with each other as easily. Think about VLANs or separate subnets if you want to get really tinfoil hat like about it.

 

Also as for files/folders disappearing sounds more like a hardware/software issue than someone breaking in. Could be a drive is failing, bad sectors, file system corruption, or an issue with the motherboard.

well my server is pretty old even out dating my Computer wich is from 2009. plus running vm would be way to anoyng to do on a server my level due to it being over 20 server conencted to each other and it would use way to mayn resorces.

[TPA50]

This is a good resource to check:

https://www.av-comparatives.org/tests/real-world-protection-test-february-may-2022/

They also test enterprise as well as consumer AVs.

Personally, for third party I used to use Avast myself but it's gotten so bloated over the years I've seen actual performance gains switching to another AV.

You can see their performance impact test here:

https://www.av-comparatives.org/tests/performance-test-april-2022/

[Windows7ge]

1 hour ago, FuchsFuchs1 said:

well my server is pretty old even out dating my Computer wich is from 2009. plus running vm would be way to anoyng to do on a server my level due to it being over 20 server conencted to each other and it would use way to mayn resorces.

When you say 20 different servers I'm guessing you mean you're hosting over 20 separate Minecraft server instances?

 

You could cluster them together to save on RAM. Make the host a hypervisor in itself. If you're Linux savvy run your MC servers in Linux. It would cut down on RAM/CPU considerably.

[FuchsFuchs1]

11 hours ago, Windows7ge said:

When you say 20 different servers I'm guessing you mean you're hosting over 20 separate Minecraft server instances?

 

You could cluster them together to save on RAM. Make the host a hypervisor in itself. If you're Linux savvy run your MC servers in Linux. It would cut down on RAM/CPU considerably.

Im shit at linux and yes i run  over 20 instances of mc server for my server network

[MrMase]

For the purposes of a server I would say Windows Defender should be fine as clients are the most likely point of infection.

Again Windows Defender on clients has come on leaps and bounds so for a lot of cases is fine but on my endpoint clients I prefer to use ESET Internet Security, partly becuase it doesn't complain about being installed on a domain joined computer unlike some products (Looks over at AVG / Kaspersky in years gone by).

[Windows7ge]

6 hours ago, FuchsFuchs1 said:

Im shit at linux and yes i run  over 20 instances of mc server for my server network

Hey I've been working with Linux for about 6~7 years now and I still think I'm shit at Linux. Every time I want to try something new it's always a battle but learning how to setup a Linux based MC server could prove to be helpful on your older hardware. It could also come with lower overhead for the people playing while giving you access to more firewall based control in a simpler environment if you're comfortable with CLI.

[Dat Guy]

Anti-virus software is a security risk. Using none reduces the attack surface.

[FuchsFuchs1]

12 hours ago, Dat Guy said:

Anti-virus software is a security risk. Using none reduces the attack surface.

smh

[FuchsFuchs1]

On 6/24/2022 at 3:15 PM, MrMase said:

For the purposes of a server I would say Windows Defender should be fine as clients are the most likely point of infection.

Again Windows Defender on clients has come on leaps and bounds so for a lot of cases is fine but on my endpoint clients I prefer to use ESET Internet Security, partly becuase it doesn't complain about being installed on a domain joined computer unlike some products (Looks over at AVG / Kaspersky in years gone by).

the only user on my server is directly on my server idk how to do the domain stuff

[FuchsFuchs1]

On 6/24/2022 at 4:12 PM, Windows7ge said:

Hey I've been working with Linux for about 6~7 years now and I still think I'm shit at Linux. Every time I want to try something new it's always a battle but learning how to setup a Linux based MC server could prove to be helpful on your older hardware. It could also come with lower overhead for the people playing while giving you access to more firewall based control in a simpler environment if you're comfortable with CLI.

i litrely have no idea what cli is plus i also run Mecury on that server so yeah. plus how do you expact someone who takes 1hour to find the root folder on linux to do anything proper on it

[Needfuldoer]

The only one I recommend is Sophos Home. It's unobtrusive and uses the same engine (and definitions) as their commercial product.

 

https://home.sophos.com/en-us

 

99% of the time though, Microsoft Defender is good enough.

[Windows7ge]

5 hours ago, FuchsFuchs1 said:

i litrely have no idea what cli is

CLI = Command Line Interface. Windows has it in the form of the Command Prompt and PowerShell.

 

5 hours ago, FuchsFuchs1 said:

plus i also run Mecury on that server so yeah.

This is when you would investigate a hypervisor. Run any software in any environment it's supported in be that Windows, Linux, UNIX, all on one box (computer).

 

5 hours ago, FuchsFuchs1 said:

plus how do you expact someone who takes 1hour to find the root folder on linux to do anything proper on it

The fact you know what the root folder is already puts you ahead of 99% of the populous and even a good chunk of the broader tech community.

 

You asked for what "the best" anti-virus software would be. I'm just sharing everything I know that would better tighten the security of the system as your request isn't technically possible. There is no best and really what you're looking for is a firewall which isn't really the same and one is already installed with Windows (Windows Firewall). An anti-virus isn't necessarily going to respond to someone who cracks say SSH on the MC server or if they find there way into your C:/ drive and start deleting files (as pointless an attack as that would be). It'll respond if they launch something malicious after the fact though. If they need something malicious to break in in the first place there's no guarantee any anti-virus will respond to it until they're already connected. A firewall can be set to notify you if say three failed passwords attempts are made by any account. A firewall can be set to deny or blacklist IP's who make too many requests to a specific port. That would typically be a brute force attack. There are many other mitigation tactics that can be used using features already in the OS.

 

At the end of the day you can be as paranoid about it as you want to. My philosophy is if it's connected to the internet it can be hacked. The question is how skilled is the attacker?

 

Following general safety practices when self-hosting a service will keep you safe 99% of the time but as I mentioned above you can mitigate that 1% using suggested configurations.

 

What I would do from here is do my homework. Research the Windows Firewall and see what you can use to prevent unauthorized access attempts. I would suggest virtualization if this server is doubling for work or personal file hosting that way if the MC virtual machine does get compromised the attacker will have a harder time infecting anything else. This is where I'd also investigate hosting the server on a different subnet which is a network separate from your home network so it's harder for them to infect other network clients or virtual machines. There's also VM hardening tactics to make it harder for them to compromise the host hypervisor but in all likelihood you're not going to have to deal with someone that experienced.

 

How far you take this is entirely up to you.

[FuchsFuchs1]

On 6/26/2022 at 7:59 PM, Windows7ge said:

CLI = Command Line Interface. Windows has it in the form of the Command Prompt and PowerShell.

 

This is when you would investigate a hypervisor. Run any software in any environment it's supported in be that Windows, Linux, UNIX, all on one box (computer).

 

The fact you know what the root folder is already puts you ahead of 99% of the populous and even a good chunk of the broader tech community.

 

You asked for what "the best" anti-virus software would be. I'm just sharing everything I know that would better tighten the security of the system as your request isn't technically possible. There is no best and really what you're looking for is a firewall which isn't really the same and one is already installed with Windows (Windows Firewall). An anti-virus isn't necessarily going to respond to someone who cracks say SSH on the MC server or if they find there way into your C:/ drive and start deleting files (as pointless an attack as that would be). It'll respond if they launch something malicious after the fact though. If they need something malicious to break in in the first place there's no guarantee any anti-virus will respond to it until they're already connected. A firewall can be set to notify you if say three failed passwords attempts are made by any account. A firewall can be set to deny or blacklist IP's who make too many requests to a specific port. That would typically be a brute force attack. There are many other mitigation tactics that can be used using features already in the OS.

 

At the end of the day you can be as paranoid about it as you want to. My philosophy is if it's connected to the internet it can be hacked. The question is how skilled is the attacker?

 

Following general safety practices when self-hosting a service will keep you safe 99% of the time but as I mentioned above you can mitigate that 1% using suggested configurations.

 

What I would do from here is do my homework. Research the Windows Firewall and see what you can use to prevent unauthorized access attempts. I would suggest virtualization if this server is doubling for work or personal file hosting that way if the MC virtual machine does get compromised the attacker will have a harder time infecting anything else. This is where I'd also investigate hosting the server on a different subnet which is a network separate from your home network so it's harder for them to infect other network clients or virtual machines. There's also VM hardening tactics to make it harder for them to compromise the host hypervisor but in all likelihood you're not going to have to deal with someone that experienced.

 

How far you take this is entirely up to you.

[FuchsFuchs1]

On 6/26/2022 at 5:11 PM, Needfuldoer said:

The only one I recommend is Sophos Home. It's unobtrusive and uses the same engine (and definitions) as their commercial product.

 

https://home.sophos.com/en-us

 

99% of the time though, Microsoft Defender is good enough.

well since its home it wont run on windows server