Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Do i need Antivirus for Linux?


  • Please log in to reply
20 replies to this topic

#1 lukexj

lukexj

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:19 PM

Posted 30 May 2015 - 04:39 PM

I am sort-of new to Linux and i was wondering if you need antivirus / anti-malware for Linux, I'm mostly worried about viruses that can get on to my computer VIA wine and viruses meant for Linux What are some good Antiviruses for Linux? my price range is about 60$. my Laptop uses Fedora 21, and im planning on switching to Fedora 22 in the next month (or so).



BC AdBot (Login to Remove)

 


#2 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,371 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:19 AM

Posted 30 May 2015 - 04:46 PM

I do not run any Antivirus or Anti Malware on Linux.

 

You can install ClamAV if you want it's free.



#3 lukexj

lukexj
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:19 PM

Posted 30 May 2015 - 04:49 PM

I do not run any Antivirus or Anti Malware on Linux.

 

You can install ClamAV if you want it's free.

 

Does ClamAV scan for root-kits as well as malware? 



#4 Al1000

Al1000

  • Global Moderator
  • 7,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:19 PM

Posted 30 May 2015 - 04:54 PM

rkhunter (which you can also install free) scans for rootkits.

One of the Bleeping Computer malware experts mentioned not so long ago that there are no active rootkits for Linux "in the wild," so it would probably be a waste of time installing it.

#5 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,371 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:19 AM

Posted 30 May 2015 - 04:57 PM

 

there are no active rootkits for Linux "in the wild," so it would probably be a waste of time installing it.

Correct.

 

Linux is not like Windows and Windows malware cant run in the Linux environment. 

 

How To Use RKHunter to Guard Against Rootkits on an ...

#6 lukexj

lukexj
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:19 PM

Posted 30 May 2015 - 04:59 PM

What about via wine Would it be possible for malicious code to be ran Via wine?

 

 

Windows malware cant run in the Linux environment. 


Edited by lukexj, 30 May 2015 - 04:59 PM.


#7 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,371 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:19 AM

Posted 30 May 2015 - 05:07 PM

 

What about via wine Would it be possible for malicious code to be ran Via wine?

Read this please.

http://askubuntu.com/questions/562388/do-wine-viruses-only-work-while-wine-is-running

 

I do not use Wine.


Edited by NickAu, 30 May 2015 - 05:09 PM.


#8 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:06:19 PM

Posted 31 May 2015 - 04:24 AM

lukexj, hello &  :welcome: to BC Forums! Glad to have you abroad! :)

 

The main thing that one would need a virus scanner on a Linux computer for, would be for scanning emails & other files that would be sent to Windows computers.

 

With that in mind, there's a free alternative called ClamAV, which is included with the OS. All you need to do is open the Terminal & copy/pate the below command in, which scans & cleans any threats found. 

 

clamscan --remove=yes -i -r ~/

 

Source:

 

http://askubuntu.com/questions/417429/how-can-i-scan-for-possible-viruses-on-my-ubuntu-system

 

Hope this at least gives you one option to use.  :thumbup2:

 

As far as WINE goes, I don't want it on my Linux installs, the risks outweighs the benefits & WINE still has a way to go to be considered as a 'stable' emulator of Windows. A virtual machine is a better option, where the user has control over folder sharing. 

 

Should you have further concerns or questions, always feel free to ask, there's no 'dumb' Linux questions around here.

 

Cat


Edited by cat1092, 31 May 2015 - 04:28 AM.

Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#9 Habesque

Habesque

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:England, UK
  • Local time:10:19 PM

Posted 31 May 2015 - 10:16 AM

I notice in LXLE of which I am evaluating at the moment, in the built in accessories there is a ClamTK function of which on opening appears to be an infection scanner. In addition the web browser Mozilla Sea Monkey has something called a Blue Devil firewall already installed perhaps suggesting Linux can be attacked, unless of course given LXLE is designed as a ' drop in ' replacement opearting system for Windows XP/Vista/Win 7 users, the prescence of the security features might be more to do with easing the anxieties of ex Windows users who are often well versed in the need to protect against external threats.



#10 Al1000

Al1000

  • Global Moderator
  • 7,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:19 PM

Posted 31 May 2015 - 11:40 AM

ClamTK function of which on opening appears to be an infection scanner.

 
Indeed, that is how it appears. ClamTK is actually a graphical user interface for ClamAV, which is a command line interface anti-virus scanner. IOW, ClamTK is just a way of using ClamAV by pressing icons etc, rather than entering commands in a terminal.
 

Mozilla Sea Monkey has something called a Blue Devil firewall already installed perhaps suggesting Linux can be attacked



Most Linux distros come with firewalls already installed, although most are disabled by default.

unless of course given LXLE is designed as a ' drop in ' replacement opearting system for Windows XP/Vista/Win 7 users, the prescence of the security features might be more to do with easing the anxieties of ex Windows users who are often well versed in the need to protect against external threats.


I get the impression that's true to at least some extent wrt ClamTK and ClamAV, as most Linux distros don't come with anti-virus software.

Edited by Al1000, 31 May 2015 - 11:42 AM.


#11 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:06:19 PM

Posted 02 June 2015 - 02:42 AM

What all Linux users does need for security is a Firewall, just as any other OS does. 

 

The ufw Firewall is simple in concept, yet very powerful. The user gets out, no one gets in, that's the bottom line. On Ubuntu based OS's (the most popular, which includes lots of OS's) this is easily activated by entering the following command in the Terminal (copy/paste is fine), press Enter & then enter your password & Enter after finished. You'll see no movement during the typing of password, this is for our security. 

 

sudo ufw enable

 

You'll then get a message that the Firewall is enabled & active at startup. To check the status at anytime (password required as above):

 

sudo ufw status verbose

 

My Linux Mint OS will be back up tomorrow, am doing some upgrading of my computer, so couldn't show the output. Maybe someone will run the command & post the output. :)

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#12 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,371 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:08:19 AM

Posted 02 June 2015 - 02:46 AM

 

Maybe someone will run the command & post the output.
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip



#13 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:06:19 PM

Posted 02 June 2015 - 03:16 AM

Thanks Nick! :thumbup2:

 

Have put this fresh Linux Mint install off because thought I had no SATA ports left, only to discover I had one after all, so didn't need to add a SATA card to this PC. 

 

Yet getting to that port with my GPU in place proved to be the hardest install for one wire I've ever done, or has been in desktop PC. I need to find something slim to get in there for those type of jobs. Didn't want to chance damaging the MB, so left the needle nose pliers in the box, my hands are not that steady. 

 

Am off of Linux Mint 17.1 for one night & already feel lost! :P

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#14 mremski

mremski

  • Members
  • 495 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:06:19 PM

Posted 02 June 2015 - 06:14 AM

That's a good intelligent decision by the ufw folks.  Firewalls:  default deny.  Outbound, there's really not all that much needed for "typical" use (email, web browsing, etc), maybe a half dozen TCP plus 3 or 4 UDP.

 

Keep in mind that most malware/virii are attacking applications, typically not the OS itself.  Heck Bind and Sendmail were targets long before Windows was a gleam in Bill Gates eyes.  Follow security threads about the applications you typically use, make sure you get updates from known sources.  Probably the biggest thing you can do for protection:

 

Don't run as root.  Create an user account with limited privileges for normal use.  Use sudo when you need to.  This simple thing provides a lot protection for no loss in functionality.


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#15 Al1000

Al1000

  • Global Moderator
  • 7,875 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:11:19 PM

Posted 02 June 2015 - 07:02 AM

Don't run as root. Create an user account with limited privileges for normal use. Use sudo when you need to. This simple thing provides a lot protection for no loss in functionality.


+1

Fortunately the root account is disabled by default in many of the popular modern Linux distros, such as Mint and *buntu.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users