Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Ubuntu Antivirus


  • This topic is locked This topic is locked
22 replies to this topic

#1 Monty007

Monty007

  • Members
  • 1,151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:10:52 AM

Posted 18 June 2008 - 07:57 PM

Hi all, Ive just installed Ubuntu into a VM and would like to know what you recommend for a free anti-virus?
Thanks, Monty007.
MCP
MSDST

BC AdBot (Login to Remove)

 


m

#2 mckooter

mckooter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maine
  • Local time:09:22 PM

Posted 18 June 2008 - 08:46 PM

ive never run an AV on linux because obviously most of the virus' you will run into will be windows based and will not effect it, and you are running it in VM so hopefully your windows AV would pick it up

if you really want to try one out, i think http://www.clamav.org has a good one
You can just call me Chris

I found out I was Marilyn Monroe in a previous life


#3 JacksonT

JacksonT

  • Members
  • 105 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver, WA
  • Local time:06:22 PM

Posted 18 June 2008 - 11:21 PM

There is no need for one , the two linux scanners that I know of by ClamAV and AVG and bot jusrt scan for windows viruses

#4 Monty007

Monty007
  • Topic Starter

  • Members
  • 1,151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:10:52 AM

Posted 19 June 2008 - 06:49 AM

Thanks for the response. I will be running it soon on my lappy so I was getting ready for it. The VM is just to test a few things for my work. Clam looks a good program, so should I go with that?
MCP
MSDST

#5 Miljet

Miljet

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Location:Texas Gulf Coast
  • Local time:08:22 PM

Posted 19 June 2008 - 09:59 PM

No, there is NO need for anti-virus on Linux.

#6 Monty007

Monty007
  • Topic Starter

  • Members
  • 1,151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Australia
  • Local time:10:52 AM

Posted 20 June 2008 - 07:10 AM

Hi Miljet, why do you say that?
MCP
MSDST

#7 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:08:22 PM

Posted 20 June 2008 - 06:08 PM

Please do not be fooled. There are viruses for Linux, just not very common.
The main point of AV on Linux is so you do not pass on infections to Windows
users.
AVG will be sufficient for your personal system.
Personally I use BitDefender because I have tested both side by side and AVG missed a few things.
See my post here for more info:
http://www.pclinuxos.com/forum/index.php?t...g13200#msg13200

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#8 mckooter

mckooter

  • Members
  • 211 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Maine
  • Local time:09:22 PM

Posted 20 June 2008 - 09:26 PM

keep in mind that as raw mentioned, the virus' you will most likely see are for windows, and yes, you need to be concerned about passing them on, but you are running this install in a VM, so you would be passing these files back onto the windows machine your on, which should have its own AV installed. So its a bit of overkill, but if you feel the need, then id use the one mentioned by raw above
You can just call me Chris

I found out I was Marilyn Monroe in a previous life


#9 Miljet

Miljet

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Location:Texas Gulf Coast
  • Local time:08:22 PM

Posted 21 June 2008 - 10:55 PM

Sorry if I sounded a bit harsh before. It just seems to me that after 3 different people informed you that it is a waste of resources to run an anti-virus on a Linux system, you keep insisting on a recommendation of which one to run. It's your system, so install whatever you want.

#10 machiner

machiner

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA, New England
  • Local time:06:22 PM

Posted 11 July 2008 - 09:54 AM

Yeah -- why burden your filesystem with unnecessary checks on in/out when you don't need to? Moreover, clam and avg are replete with flaws, as are most other anti-virus "solutions".

Most of you might think me crazy, but I didn't even run an anti-virus on my windows machine. What for? They don't do anything (productive) anyway.

I want to agree with raw that there certainly viruses out that can run on Linux - but as far as I recall none have been released into the wild and they were more proof-of-concept than anything else. Viruses as we know them can't really run on Linux and if you are squared away with your permissions, daemons, and common sense -- well, you know the drill.

Don't be scared by propoganda from some company. How is it remotely conceivable that a cottage industry spurned by the (lack of) efforts of Microsoft...well, sorry, that's for another time. But you get the idea.

New users of Linux must stop thinking that it's at all like Windows. It's nothing like Windows. Windows is an electric shaver -- it does a barely passable job, must be maintained continually, uses more resources (electricity) and people "settle" for it. Linux is a regular razor: does the job well, no maintainence (well, barely any) uses far less resources (no electricity) and did I mention that it gets the job done?

If you continually demand that you "protect" yourself with an anti-virus, I have this terrific bridge I can sell you - cheap. I don't mean to belittle your concerns, but they are completly unfounded. I need to reiterate because most people just aren't listening -- Linux is NOT Windows.

#11 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:22 AM

Posted 11 July 2008 - 10:05 AM

Hi Monty,

I was looking at Mcaffee's website earlier and found http://www.mcafee.com/us/enterprise/produc...inuxshield.html not sure how much use it will be but just thought I'd mention it.

You can get a virus on anything these days, Someone was telling me about how his phone was infected via bluetooth. If someone can be bothered to make a virus for a phone then there is a good bet that there are viruses out there that can infect Linux. Better safe than sorry is my approach when it comes to malware.
Regards,

Alan.

#12 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:08:22 PM

Posted 11 July 2008 - 08:07 PM

Here is my public position on this, your opinion may vary.
Machiner is correct that Linux "virus" code is mostly Proof of Concept.
Due to the Linux system security that separates normal users from the
super user "root" it is hard to do anything more then ruin your own user account
on an average desktop box. I will not bother with mentioning servers as this is
not the target audience.
The reason for recommending AntiVirus for Linux is simply to keep Linux users
(especially new ones) from passing bad things on to Windows users.
Since Linux virus scanners are not "real-time" they use no resources so why not
have one? I use BDC, every now and then (mostly then) I just type: bdc --files ./
and it quickly (usually under 4 minutes) scans my entire home directory and gives
me that warm fuzzy feeling that I have no malicious files.
DisclaimerThe above statement is for illustrative purposes only.
If you happen to see my other post it has my real scan results and yes it does show malicious
files because I have these files on my system for research purposes. I do not recommend
anyone doing this unless you absolutely know what you are doing.

As i've said before, as Linux becomes more popular so will the exploits. One of the simplest i've seen
in real life:
IRC
badguy: scrolls some cool script or macro
newbie: man that's cool can I get that?
badguy: sure ... just accept this file and install it as root.
newbie: sweet, thanx

So newbie gets his hot new program and quickly becomes root to install and
types: sh hotnewprogram.sh

Unfortunately hotnewprogram.sh has only one line of program code:
rm -rf /*

Sure AntiVirus would not help in this situation only common sense would.

So to sum it all up:
Do Linux users need AntiVirus? - No
Should they install one? - Yes, even if it's just for piece of mind.

Want to secure your Linux box? Make sure to enable the firewall.
Make sure you are not running unneeded services. These are usually disabled
by default on desktop distros. And never run that hot new program as the root user
and your Linux system will live a very long and productive life.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#13 machiner

machiner

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA, New England
  • Local time:06:22 PM

Posted 12 July 2008 - 09:44 AM

Raw, you used an important word that I want to bring attention to in order to illustrate distinction. You wrote "exploit" You and I know that a virus is not an exploit, but code that takes advantage of exploits, to simplify. Most people have no idea that their computer, that magical almost random magic-dance of 1's and 0's, is just that -- 1's and 0's. a thing is either on or off. It's as simple as that. Hardware and software merely turn aspects of their utility on or off in order to give us functionality.

Exploits take complete advantage of the process on watever particular layer they are running, and I think there's a bunch of traversal -- but I'd be talking out my pooper if I tried to postulate. Exploits allow the virus access and exploits allow it to run. Moreover, exploits can be created to open the door for more mischief. Hell, if I understood the process on a fundamental level I'd probably go out of my itty-bitty mind. ;)

A virus is a piece of code designed to introduce specific functionality into the mix. Perhaps some code does a thing wrong, or leaves a door open, or, through a magical connection of this on to this off, sees an "in". Again, probably just blowing a lot of smoke s I have no real training here.

As you write, Linux is not set up to allow that malicious piece of code to do much at all. However, there are plenty of exploits to take advantage of in the running code on "pick your favorite distro". I wish that we could help computer users everywhere understand the difference between a set of instructions and a rouge piece of code looking for instructions, as it were. A virus, to me, is a payload, an exploit is a door open waiting for it.

I liked your example a lot -- here, kid, here's some code, become root and run it. You can be l33t like me. And the ego prooves to be our undoing. (I try to Humanize all aspects of computing.) The more we talk about this the more confusing it can be to people. lol, sometimes a little information can make the mind wander into crazy territory -- ARGH!!! lol.

Personally, I'm a lot more worried about exploits than viruses, even on a Windows box.

Run a web browser -- uh, oh
have a network connection - uh, oh
install programs from untrusted sources (your cousin is not a trusted source) - uh, oh
wanna be l33t above all - uh, oh.

You don't need to worry about viruses - you need to worry about bad-guys website knowing more about your machine than you do.

I hope that I didn't add more confusion to the mix in my attempt to seperate an exploit from a virus, and I hope I wasn't talking out my pooper too much. If anyone can point out anything incorrect in my thinking or attitude I would be greateful for the added knowledge. In the great scheme of things, I don't really know anything at all.

#14 nigglesnush85

nigglesnush85

  • Members
  • 4,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:01:22 AM

Posted 12 July 2008 - 12:21 PM

In the great scheme of things, I don't really know anything at all.


:thumbsup:
That's what wikipedia is for... http://en.wikipedia.org/wiki/Social_engine..._horse_or_gimme
Regards,

Alan.

#15 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:08:22 PM

Posted 12 July 2008 - 07:15 PM

Excellent explanation of the differences.
nigglesnush85: nice link. "Gimmes" are a bad guys wet dream.
Nice "Gimme" video - Not Safe For Work/Kids - Adult Language
http://www.pwned.nl/
Want an example of an "exploit"
http://rawcreations.net/jabber/xmodulepath.htm

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users