Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Antivirus for Linux?


  • Please log in to reply
63 replies to this topic

#1 Bloemkool

Bloemkool

  • Banned
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:25 AM

Posted 31 August 2012 - 02:34 PM

Title says enough, is there a Free antivirus for Linux?

BC AdBot (Login to Remove)

 


#2 OSO ROJO

OSO ROJO

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Salt Lake City, UT
  • Local time:01:25 AM

Posted 31 August 2012 - 02:37 PM

Do a search in the Linux repository for Virus Scanner .. I know one of them is the ClamAV .. but in my opinion you don't really need one for Linux because there are so few virus' out there .. as well as it is so secure .. I don't run one on mine .. hope that helps :busy:

#3 Btech

Btech

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:25 AM

Posted 31 August 2012 - 02:48 PM

I have a desktop and a laptop at home that both run linux. I don't have antivirus on either and have never had a problem.

#4 buddy215

buddy215

  • Moderator
  • 13,130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:25 AM

Posted 31 August 2012 - 04:50 PM

I did a search just now for "known Linux malware"..... lo and behold... there is something to report.

Dr. Web is reporting the first ever "backdoor keylogger" that installs itself on both Macs and Linux platforms.
How this malware is spread is not known at this time. How many machines have been infected is unknown.

You can read more here:

The first Trojan in history to steal Linux and Mac OS X passwords
August 22, 2012

Dr.Web - innovation anti-virus security technologies. Comprehensive protection from Internet threats.

Fortunately, the precautions are pretty easy: 1. Check for the offending file in your home directory: search for and remove any files titled "WIFIADAPT." (If you don't have any files with this name on your computer, there is no need to proceed with steps 2 and 3)

2. Block IP address "212.7.208.65" that the Trojan communicates with.

3. Download free trial of Dr. Web anti-virus for OS X or Linux or wait for the BackDoor.Wirenet.1 update from your anti-virus software.

Edited by buddy215, 31 August 2012 - 05:11 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 buddy215

buddy215

  • Moderator
  • 13,130 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:03:25 AM

Posted 31 August 2012 - 05:37 PM

Excellent advice in this link for securing a home computer running Linux: BasicSecurity - Ubuntu Wiki

Here is a part of what is offered there:


Linux Vulnerabilities
The majority of new users are coming from Windows environments, where security focuses mostly on anti-virus software. To understand security on Ubuntu, you must shift your thinking from this point of view. In the following bullets, we're going to analyze what threats actually effect you as a Ubuntu user.

  • Myth: If I install an anti-virus program I'll be fine.
  • Reality: At the time of writing, there are no known viruses on the big bad web designed to target Linux. A few targeting Windows can execute in a manner that could allow compromise of a Linux system via an interpreter layer like Wine. Very few people recommend existing anti-virus software for Linux machines, in part because there are few decent free anti-malware solutions available. Enterprise class solutions are good, but the consumer-grade products aren't on par with their Windows counterparts enough to warrant their use. Moreover, if you focus entirely on viruses then you are ignoring the vast majority of real threats to your Ubuntu machine.
  • Myth: Security through obscurity keeps me safe.
  • Reality: It's a favoured argument from Linux supporters, but Linux/Ubuntu is not that obscure to “crackers”. They may be obscure to you or your friends, however, there are many who know how to exploit Linux vulnerabilities just as easy as Windows, Mac OSX, Solaris, AIX, or any other operating system's vulnerabilities. The best defence is knowledge and preparation. Relying on an “obscure” operating system to hide behind is NOT a good strategy.
  • Myth: I can browse however I want to because malware on the web is mostly designed for Windows.
  • Reality: While the majority of malware does target Windows, this statement overlooks the fact that an entire spectrum of web based attack vectors exist that work on any operating system. Cross Site Scripting, Cross Site Request Forgery, Click-Jacking, Session Riding, and many other methods can be used to exploit weaknesses in a relationship of trust between you and a website, or a website and you, regardless of your operating system. For things like this we have browser add-ons which will be discussed in the browser security section.
  • Myth: I don't need to use fancy browser add-ons when using public access wifi because I use Ubuntu.
  • Reality: An absurd statement. Most attacks carried out on public wifi include several varieties of man in the middle attacks. If you want to utilize public wifi, it is highly discouraged to do anything more than trivial in nature with it unless you are an advanced user and you know how to set up a virtual private network (VPN), a VPN via Secure Shell (SSH), or use Secure Sockets Layer (SSL) in conjunction with SSLstrip.
  • Myth: I don't need a firewall because Ubuntu has no open ports by default.
  • Reality: This is a matter of risk tolerance. Added protection, particularly that which takes only a few minutes to set up, is always worth it. Firewalls are discussed in more depth later in this document.
  • Myth: Windows malware can not compromise Ubuntu.
  • Reality: Ubuntu CAN be compromised by Windows malware if you're using Wine. This is not to say that Windows malware can infect a Linux system directly, however it CAN, if targeted properly, utilize the Wine interpreter to send system calls to the Linux kernel. This is a very rare case, and it is highly unlikely that it would occur as it would be a very targeted attack. But for completeness sake we should mention that it CAN happen.
  • Myth: Ubuntu is harder to exploit than Windows, Mac OSX, whatever else - and it's targeted less than those other operating systems as well.
  • Reality: The process of discovering a vulnerability and exploiting it is pretty much the same across the board, regardless of operating system.
These are just some common myths associated with Ubuntu and security. This list is not comprehensive, but it covers the largest misconceptions held by new users. This does not mean that Ubuntu is inherently insecure, or is less secure than previous versions, or is more/less secure than any other operating system. It is just an effort to dispel common myths and get the reader (you) thinking in a positive direction toward improving their system's security posture. If you follow the steps in this Wiki, you will have a decent defense built to protect your machine from viruses as well as the other more pressing threats out there.


And of course, we'd be remiss not to mention social engineering. What information you're putting into public view? Do you know who you're giving valuable information to? Social engineering is important to understand but beyond the scope of this Wiki.

A bit more:


Make Your Browser More Secure
The majority of threats to your machine come from your browser, even when you use common sense. You have absolutely no control over vulnerabilities on someone else's web page as an end user, so it's important to defend yourself against any malicious activity originating from a compromised web page. If you are interested in learning how browser exploits happen, you can read this summary of the top ten vulnerabilities in a poorly designed web page.


Secure your browser. We will discuss Firefox because that's the browser packaged in Ubuntu. However, other browsers have similar features. We recommend that you use the following services. As mentioned before, these measures may inhibit functionality until you manually configure them. Again you must weigh the need for security against the need for functionality as it relates to your personal situation.





Preferences
Find Preferences in the menu bar of Firefox. Under the privacy tab you can tell web sites you don't want to be tracked and you can choose to never remember history. You can choose to whitelist sites for specific needs using exceptions, allow for session at most; clear history when closing the browser. Choose "never remember history" so that if someone hijacks your browser section, they won't find any valuable stored data. Don't use "hardware acceleration".





NoScript
If you unknowingly visit a compromised website, this will prevent scripts (i.e. programs) from running on your system. It can be a tricky tool to use at first glance as it blocks all scripts from running at first. If you spend a little time getting familiar with NoScript, you will find it easier to use. As a user, you tell NoScript what sites to partially or fully trust. Don't "allow all scripts globally" under any circumstances! Here is an excellent explanation why we recommend NoScript.


Configuring NoScript is notoriously daunting to the new user. A helpful guide to configure NoScript is included on a separate page, https://wiki.ubuntu.com/BasicSecurity/NoScript.




AdBlockPlus
You can tell by the name that it (surprise!) blocks annoying ads, but it can also block those ads from collecting personal information about you. Adblock Plus provides a default list of blocked ads. Additionally, you can block any individual ads or scripts that show up by adding them manually.

The material on this wiki is available under a free license, see Copyright / License for details.









“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 DarkSnake-Kobra

DarkSnake-Kobra

  • Members
  • 633 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Iowa, USA
  • Local time:03:25 AM

Posted 31 August 2012 - 07:13 PM

ClamAV is by far the best due to the limited amount of malware. I use this on all my Linux boxes along with Rkhunter, Chkrootkit and OSSEC. :)

#7 Bloemkool

Bloemkool
  • Topic Starter

  • Banned
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:25 AM

Posted 01 September 2012 - 08:22 AM

Thanks for all the answers,

If I understad it good, a anti-virus for Linux is not specialy needed?

#8 rburkartjo

rburkartjo

  • Members
  • 3,982 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:austin,tx
  • Local time:03:25 AM

Posted 01 September 2012 - 01:55 PM

buddy215 that was an excellent post
quote:He that would live in peace & at ease, Must not speak all he knows,nor judge all he sees.'

#9 rburkartjo

rburkartjo

  • Members
  • 3,982 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:austin,tx
  • Local time:03:25 AM

Posted 01 September 2012 - 01:57 PM

bloe i have been using linux for years and alway have a firewall running (ufw) and have an anti-virus program.
quote:He that would live in peace & at ease, Must not speak all he knows,nor judge all he sees.'

#10 rburkartjo

rburkartjo

  • Members
  • 3,982 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:austin,tx
  • Local time:03:25 AM

Posted 01 September 2012 - 02:00 PM

comodo has an anti-virus program for linux. i use their combo firewall/anti-virus suite in my win7 partition
quote:He that would live in peace & at ease, Must not speak all he knows,nor judge all he sees.'

#11 lopezsimmon

lopezsimmon

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:03:25 AM

Posted 04 September 2012 - 02:27 PM

There are many anti-virus for A linux systemunix that you will discover in the marketplace, like Kaspersky, Avira and others. You can get the no cost edition or the test. But, if you want to get best security, it's better if you get the complete edition.

#12 evti

evti

  • Members
  • 39 posts
  • OFFLINE
  •  
  • Local time:06:25 PM

Posted 15 September 2012 - 03:30 PM

Linux doesn't really need a virus scanner. There are very few viruses that attack Linux. The main thing Linux has going for it is that nothing will be installed unless you explicitly ask it to be installed. The main reason for any virus on Linux is someone installing something they don't know about, not like Windows where something might be installed without your knowledge. It has to do with the way permissions work in Linux.

#13 attak sekwence

attak sekwence

  • Members
  • 64 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:phoenix, AZ
  • Local time:12:25 AM

Posted 10 October 2012 - 03:59 AM

Linux doesn't really need a virus scanner. There are very few viruses that attack Linux. The main thing Linux has going for it is that nothing will be installed unless you explicitly ask it to be installed. The main reason for any virus on Linux is someone installing something they don't know about, not like Windows where something might be installed without your knowledge. It has to do with the way permissions work in Linux.


Agreed, I also run my linux distros without virus scanners and even my purely for gaming windows OS's I install firefox with no script, adblocker, caffeine and various other security plugins that ensure nothing will be able to secretly download for the rare occaisions I navigate to the internet while on the those OS's.

However if one was to download something by accident or without knowing there was a malicious segment of a program, or adding extra sketchy repositories etc etc. All it would really take to kill a linux distro is a simple keylogger to snatch you typing a password for a su or sudo command, get access to root and it could all be over for you. It would be a pretty simple script to automate the deletion of critical files as it would only take a couple to make the system unbootable.

That's just my opinion but I could be wrong, I'm still learning linux so I may be missing a piece of the puzzle or something that would disprove my theory.

#14 liquidbroadcast

liquidbroadcast

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 12 October 2012 - 12:31 PM

Well,Linux doesn't need any anti virus.But if you want to use,then i have tried avast antivirus for linux.

#15 stiltskin

stiltskin

  • Members
  • 238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Western MO
  • Local time:03:25 AM

Posted 13 October 2012 - 08:14 AM

Anti-virus on linux is primarily there for Windows.

Linux is, by default, a multiuser system. It can connect several people at the same time. Even if few use it that way at home.

A lot of people dual-boot. And a lot of server systems connect to a multitude of different operating systems. While linux won't get infected, it can easily pass an infectious program on to something that can. Anti-virus for linux is there to scan those things that will be passed on to others and/or get put onto Windows partitions in dual-boot configurations.

That's not to say infections on linux are impossible. Rootkits (had one around 2001/2), trojans and worms have made it. However, one of the strengths of linux is that it isn't monolithic (Windows is monolithic in that you can expect the same versions of everything in the OS in every install of the same version of OS.). Any one person can run any of a number of versions of the same program across different machines. What can be infected in one version could either never have existed in an older version, or it's already been fixed in a newer one. They can run practically identically and still have different versions of libraries, programs, etc.

Another strength, and actually the biggest one, is the system of permissions. A user has to deliberately install something before it can affect the system. Yes, a user can install something that affects just them easily enough. But the system isn't compromised, and such things are difficult to make run at login, so a reboot will usually kill it and neutralize it. And where it still runs at login, replacing just the user's files will eliminate the problem (that's what backups are for).

If a user gets infected on linux, the system is still safe, but the user may be compromised. For some people that will amount to the same thing. But, again, it's a lot harder to do on linux even when targeting the user. That's why you may find a fair number of infectious materials, but the numbers of actual infections are pretty low.

If it will make you feel better, or if you have Windows partitions or connect to Windows machines, run it. No big deal. If all you're doing is making yourself feel safer, more power to you. Linux won't get bogged down by the overhead the way Windows can do at times, so it won't hurt anything.

I would advise running a rootkit checker every now and then. Run it from a flash drive that doesn't stay plugged in or something so it can't also be compromised. There are a couple of good ones in repositories: rkhunter, chkrootkit.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users