Server Anti-Virus - Hardware & Software

So I was really thinking about this today as I own 2 servers that hosts quite a few game servers for people, obviously the server is open to attack from malicious people. Is it recommended to install some sort of anti-virus or antis-malware on the boxes? Obviously I can't use something made for regular desktops as it'd be running so much and decrease the server's performance.

Bit of an unspecific question. What OS do your servers run? I'm guessing Windows Server? (And what version?)

oh damn, you're right. But yes, they're both windows server 2008 R2 SP 1 x64 standard.

Just use whatever you'd use on your desktop. You might lose some performance on your servers, though, if they scan / live scans. Also make sure they don't have a firewall, or have an easily configurable one, or you might have a difficult time.

I don't see much of a need for an anti-virus if all you're doing is hosting game servers and everything is properly set up. It would be better to have some type of intrusion detection system set up. If you're colocating or renting from a provider, they may offer an intrusion detection service.

[QUOTE=joe_sandwich;41526309]I don't see much of a need for an anti-virus if all you're doing is hosting game servers and everything is properly set up. It would be better to have some type of intrusion detection system set up. If you're colocating or renting from a provider, they may offer an intrusion detection service.[/QUOTE] As in software? or a hardware firewall? Never actually heard of such a thing. Anything you would recommend?

[QUOTE=FrankPetrov;41530475]As in software? or a hardware firewall? Never actually heard of such a thing. Anything you would recommend?[/QUOTE] It can be either hardware or software based, but I doubt you need the efficiency of hardware for just a few game servers. Basically, it scans all of you traffic and will alert you if there is any unusual activity. On the other hand, a firewall filters traffic based on predetermined rules, and an anti virus checks individual files for known signatures of viruses.

[QUOTE=joe_sandwich;41534428]It can be either hardware or software based, but I doubt you need the efficiency of hardware for just a few game servers. Basically, it scans all of you traffic and will alert you if there is any unusual activity. On the other hand, a firewall filters traffic based on predetermined rules, and an anti virus checks individual files for known signatures of viruses.[/QUOTE] Awesome, thanks for the advice. After looking around some sites for some top programs to use I ended up going with Cyberarms Intrusion Detection([url]www.cyberarms.net[/url]) and to be honest, I'm rather skeptical. Only after one day, apparently there has been over 10,000 "possible intrusion attempts". It seems awflly high. I used whois to trace back some IPs and some of them led to comcast and verizon while a few others pointed towards russian VPS hosts. I even apparently had a possible intrusion from an IP belonging to ArenaNet, makers of Guild Wars. Should I really trust this program or should I look for another? [editline]21st July 2013[/editline] read it wrong, wasn't arenanet, it's ARNEA-NET [editline]21st July 2013[/editline] Also, considering the possibility that they are actual intrusion attempts, should I be notifying the ISPs about these happenings? Or would they not care and not do anything?

Look, you probably aren't going to need any sort of anti-virus or intrusion detection system with what you're running. If you're on Windows Server, you can't download many free anti-virus products, as they'll tell you to buy enterprise/business licences. Likewise, whatever random program you installed is probably just picking up on random shit that's scanning your box. You're running game servers? Probably people/scripts are just reading the master server lists and pinging/attempting to open connections to you. Nothing to worry about there. As long as you keep your server up to date, and responsibly stay informed about security vulnerabilities, you shouldn't need anything else. Again, you probably are getting false positives akin to the "registry error" snake oil and "tracking cookies" that were commonly sold by anti-virus programs that couldn't find anything else to alert on. If you're running a web server, you're probably getting spammers.