Best AV for LinuX?

Discussion in 'other anti-virus software' started by Howard Kaikow, Mar 31, 2007.

Thread Status:
Not open for further replies.
  1. Howard Kaikow

    Howard Kaikow Registered Member

    Joined:
    Apr 10, 2005
    Posts:
    2,802
    I'm "thinking" of dual booting Windows/Linux, so what are the recommended AV for Linux.

    Native only, I'm not going to run Windows apps within Linux.
     
  2. Sjoeii

    Sjoeii Registered Member

    Joined:
    Aug 26, 2006
    Posts:
    1,240
    Location:
    52?18'51.59"N + 4?56'32.13"O
    Hi Howard

    take a look at the Kaspersky forum.
    They are beta testing it right now
     
  3. Howard Kaikow

    Howard Kaikow Registered Member

    Joined:
    Apr 10, 2005
    Posts:
    2,802
    There is a free F-Prot for Linux for home use?
    Any good?
     
  4. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    Well, I don't know the *best* AV, but you can try these:

    AVG Professional for Linux
    AVIRA AntiVir Workstation for Linux
    F-Prot for Linux (Free for home users)
    Norman Virus Control for Linux
    Vexira Antivirus (based on VirusBuster engine)

    All the solutions listed above provide real-time scanning as well as On-Demand scanning. If you do not mind not having a real-time monitor, you can try BitDefender Linux edition and Dr.Web for Linux, and also eScan for Linux. These solutions provide only an On-Demand scanner.

    Detection rates are pretty much the same as what has been said at AV-comparatives for all products. Since you are going to be using your AV on Linux, detection rates in AV-comparatives' "other malware" and "otherOS malware" is paramount. You should choose an AV that does well in these 2 categories. Judging in this regard, I recommend AVIRA Workstation for Linux, or F-Prot should also do well, and offers great value for a free product. I really cannot recommend anyone to use any other Linux AV other than F-Prot, AVIRA or AVG, as these three have good detection rates (and also provide an on-access/real time scanner). If you do not want a real time scanner, then I will also recommend BitDefender Linux edition and eScan for Linux.
     
  5. Howard Kaikow

    Howard Kaikow Registered Member

    Joined:
    Apr 10, 2005
    Posts:
    2,802

    Thanx!

    I do not expect to use Linux much on the internet.
    Wonder how KAV is going to compare?
     
  6. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    Kaspersky is among the best for detecting Linux malware. Kaspersky's own Linux scanner costs a fortune, that is why I have mentioned eScan for Linux instead. eScan's Linux edition uses the KAV 5.0 engine, and will provide good protection, though there is no On-access scanner. eScan costs $25 for 1 year, and $35 for 2 years per user. Its better that you get AVG or AVIRA for similar price because you also get an on-access scanner.

    BitDefender's on-demand scanner for Linux is free though. :)
     
  7. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    For a desktop system I wouldn't even bother, it's a waste of resources. Linux malware is rare to start with, and if you don't logon as root all the time you don't need it.
     
  8. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Add ArcaVir and ClamAV.
     
  9. Howard Kaikow

    Howard Kaikow Registered Member

    Joined:
    Apr 10, 2005
    Posts:
    2,802
    Is there an AV comparitives, or something of that ilk, for Linux AVs?
     
  10. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,207
    Hello,
    Howard, you do not need an AV for Linux. Honestly.
    All you need is a strong root password and that's all. A firewall if you like.
    No spyware, no pryware, no nothing. That's one of the beauties of Linux.
    Mrk
     
  11. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Even Symantec has Linux av for long time now, Norton av can scan Executable and Linking Format(ELF) used by Linux, OpenBSD, FreeBSD, NetBSD operating systems. As for best AV see above post as this is also my recommendation.
     
  12. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    Avira and AVG are not free?
     
  13. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    No, the workstation edition of Avira is not free, and AVG has only a Professional edition for Linux, which is also not free.
     
  14. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,164
    Location:
    UK / Pakistan
    As I know there is a free version of Avira for linux too and there are instruction on how to install it with on-access module.
     
  15. kr4ey

    kr4ey Registered Member

    Joined:
    Aug 13, 2006
    Posts:
    187
    Location:
    Florida USA
    I agree with Mrkvonic. No need for an AV on Linux.
    I have been using openSUSE Linux on my desktop computer for a very long time and never had an AV installed. Just have the Firewall active.
    See this link
     
  16. Howard Kaikow

    Howard Kaikow Registered Member

    Joined:
    Apr 10, 2005
    Posts:
    2,802
    Well, I thought that DEnial was a river in Egypt!
    DEnying that AV is needed makes no sense.

    Not that AV software offers 100% protection.
    Thecost of recovering from even a single successful malware can be very high.
    Think of AV as insurance.

    However, I would not opt for an open source AV, as that tells the malware writers all they need to know to avoid the AV.
     
  17. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,207
    Hello,

    Howard, you need to change your thinking.

    Linux is NOT Windows.

    No viruses, no malware. And if something exists - it can't do anything, because you are not running your system as root.

    Trust me, nothing happens in the world of NIX. It's oh so quiet.

    Mrk
     
  18. Howard Kaikow

    Howard Kaikow Registered Member

    Joined:
    Apr 10, 2005
    Posts:
    2,802
    AV software is necessary to try to catch malware that destroys, or does other mischief, to your files, root is irrelevant.
     
  19. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,207
    Hello,

    Please tell me how such software will get onto your machine?

    I'll tell you - except you executing code deliberately, no way.

    In the world of Linux, your download sources are official repositories that have everything you need.

    Most of the times you'll be downloading from sources too, so no tricks here.

    Even if you download something manually, then you have checksums for everything you download. Just look at the checksum, compare to what you download, if they match, you're all set.

    Mrk
     
  20. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
    Okay, i can see that you need av for linux.:) Just pick anyone mentioned here - I'd recommend free F-Prot until you discover that you can do without it.
     
  21. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    Hmm... if I remember, some of the first virusses (worms) were *NIX. And of course, rootkit comes from the *NIX world.

    Certainly, *NIX code is just as exploitable as any code - it just hasn't received the attention of the cybercriminal. Up until recently, Firefox users thought they were impervious.

    But why should cybercriminals waste their time on *NIX , when millions of Windows users are just sitting there waiting to join a botnet?

    However, it is a moot question, because any system/software is safe if used intelligently, as many users of Windows and -- dare I say: IE -- have demonstrated in years of no malware intrusions.


    regards,

    -rich

    ________________________________________________________________
    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
     
  22. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    10,207
    Hello,

    Whenever addressing a problem one should estimate its importance in the overall picture. Yes, there are virii and rootkits and such for *NIX. But the question is how really dangerous or likely are they?

    In default configuration of an average Linux distro versus default Windows configuration, they are several orders of magnitude less dangerous and less likely.

    While I believe it takes skill to get infected even in Windows, it takes supernatural powers to do it in Linux.

    First virii and rootkits were for Unix. Okay ... So? It's been 20 years since. Windows hardly existed then...

    I do not subscribe to the security through minority approach.

    Firefox is not being targeted not because it appeals to a small percentage of population. It is not targeted because it is a very HARD target. It's so much easier writing code that will corrupt IE than Firefox. So much easier.

    Furthermore, I don't think Firefox users are getting disillusioned about their favorite toy. Security fixes notwithstanding - they are fixed before anyone can blink and think twice about exploiting, another super side of Firefox - I have yet to see a successful, working exploit for Firefox.

    Back to Linux, the same applies. You get instant patches for tiniest vulnerabilities. You get transparency and security from the mere fact that everything is open-source and available for review ans scrutiny of thousands of uber-geeks. It's like BORG.

    You are right about why bother with *NIX when Windowsers are waiting to be fed malware. True. But even if you take Windows out of the equation, the world of malware does not make a simple turn toward *NIX and starts celebration. No no.

    *NIX systems are completely different.
    *NIX users are completely different.

    Combined, it takes much effort to self-inflict damage.

    In this regard, the default user running a default Linux has nothing to worry about virii or such. After all, how and where is he going to find them? In official releases of the applications that come with his distro?

    Finally, it does not matter what you run - or me. But go for the middle of the pile, you will see the astronomical difference between Windows and Linux.

    Mrk
     
  23. Johnny123

    Johnny123 Registered Member

    Joined:
    May 4, 2006
    Posts:
    548
    Location:
    Bremen, Germany
    Root is not irrelevant. It would be irrelevant if you logged on all the time as root, but you don't do that. If you get malware with a Linux distro it's because you installed it yourself. Let's say you go to a malicious site and it wants to install malware on your system. It can't do it if you are not running as root. You may get a popup asking you for the root password. If you're stupid enough to enter it, then you may get something, but even in this case the chances of it being a Linux malware are a million to one. With almost 100% certainty it's a Windows exploit, and even if you give it the root password it won't run anyway.

    Antivirus applications for Linux are mainly intended for servers that have Windows clients in a network and they look for Windows malware. If you are not using Linux as a mail or file server in this type of environment you do not need an antivirus.
     
  24. aluckystar

    aluckystar Registered Member

    Joined:
    May 30, 2006
    Posts:
    66
    Location:
    Paris of the East
    No need to install antivirus software on Linux for personal use.

    There are only very very few viruses.:)
     
  25. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    Well, I've applied the "how likely" criteria to Windows for years. I've even used the internet regularly with IE on low sedurity settings, hoping to find an exploit in my normal work. I have to actually know about a infected site and go to it before I find any exploit.

    Agreed, but this is not a fault of Windows, rather, how it comes out of the box. Easy to set up to be secure.

    Agreed, but this is a user problem, not an OS problem. Correctly configured, Windows users should not be afraid of getting infected.

    Agreed, but tiny vulnerabilities can become bigger and more pervasive if enough cybercriminals focus on doing it. My comment was in response to your implication that somehow, Linux had some type of armor shield around it, making it somehow impenetrable

    Agreed, but I do not blame Windows, for users can be easily taught how to use it safely, which has been my experience for many years.

    Just because the statistics indicate the many problems people have had with Windows and MS products doesn't mean that everyone is automatically plopped into that pool of users.

    NOTE: we are getting a bit off topic, and should probably start another thread.

    regards,

    -rich

    ________________________________________________________________
    "Talking About Security Can Lead To Anxiety, Panic, And Dread...
    Or Cool Assessments, Common Sense And Practical Planning..."
    --Bruce Schneier​
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.