Best AV for LinuX?

Router takes care of it all for me inbound, then just Linux, nothing added, no AV, don't think it's needed at all. That's what I love about Linux most, the fact that you don't really need any security software as compared to Win.

 

Question:

Root access is needed to access a core Linux operating system component or to install a patch or some software application that requires root access ?

 

Yes, in a way. More like root privileges not access.

 

So what happens if millions of consumers start using linux, and install/uninstall applications on a regular bases. Is there no security risk they will just install it?

 

I laughed when I read this. First all Linux distros combined are estimated (forget where I read this) to occupy only 0.8% of total nonserver installs.

Second Linux is not like M$ OS. Click on a exe & pray. There are at least 3 different file types rpm, deb & tar.gz varieties. My limited understanding is each distro only is able to install 1 type from the get. Without further compatability software & or compiling each piece of software.

Third installing software outside a distros repository (software that has been tested to work) is NOT easy. I remember practically screaming here & at the PCLOS forum, "How the hell do you install software in Linux?" LOL

 

As zapjb mentions, most software for Linux comes from repositories for each distro, where it has been compiled, tested, and more or less certified "clean". Kinda like if you downloaded all your Win software from MS or something, although not exactly.. Anyway, the risk this way is very minimal, at most something might break when you update or install something new, but there is no "security" risk to speak of. This is yet another selling point of Linux.

 

In order to install software in linux as stated above you have what are called repositories this is where the programs updates etc. go to get "pushed" to clients(your box). There are fairly stringent rules in regards to repos, so mainstream and third party places like livna, Dag etc are all at least "semi-tested" and trusted. Once you venture out to other repos you are on your own, so maybe this could be an issue one day but trust me mainstream repos have almost everything you need, I have only ever had to compile one program from source that I needed and it was HTop for Centos(real need huh?).
Now if you are using the source to "install" a piece of software then you need to know how to make it, so this in itself would deter enough people to hopefully stave off an epidemic.

//EDIT//
#// Sorry about the semi similiar post I was posting and got distracted! //#

 

Ok, thx for the explanation. (and likuidkewl)

 

once a mozilla repo had a linux virus.

 

you can use SElinux or apparmor to profile programs so they can't be exploited.

 

I do believe it was a Korean fan site and not an official repos I could be wrong though, but SElinux and AppArmour are good choices to harden your system.

 

I disagree. If you get software, e.g., as a deb file from outside the repositories it's usually no problem to install it on a Debian or Ubuntu system. The same is probably true for rpm files under other distros. So the most important rule is: Stick with the official repositories and you're safe.

 

I meant for a newbie to nix.

A 2 yr old can click on a exe.

 

err.... 'SysTrace is another good tool in Penguin boxes too.

 

True precompiled rpms can be an issue, but users need to understand the huge prompt that comes up and says this is from an untrusted source! I am all for removing gui updaters in linux and forcing ppl to use the command line.

 

Installing a Deb file is very easy...an intelligent 5 year old could do it. I stick to the Repositories...plenty there to keep me interested.

After 3 months, I hardly boot into windows at all. Linux is the biz.

I know that there is no need but I do have ClamAV installed solely out of consideration for Windows' users. My friends all use MS and some of them are not well protected.

Boy, am I glad I discovered Linux. It's fun and it's educational and really, the basics are not that difficult to grasp and once I learnt a few things, I was away in a hack. I don't want to disparage Windows esp. XP, but personally, I far and away prefer the penguin in the tux.

 

Yes, all you need is the root password.

Indeed, and the best thing is that I don't have to spend 50% of my time just to keep my applications and security tools up-to-date. What a relief ...

 

Good idea it maybe, Linux will be forever doomed, I will dare not recommend my Windows refugee friends to do the switch from Windows to Linux.

 

No defrag, no virus or spyware scannng, when it's time to do a chkdisc, Linux does it automatically and it doesn't take half the day, a few sudos and I can update and upgrade in seconds. I love it!

 

I have to agree with the comments above, but as I stated a few times in this thread AV's are not really the issue with Linux. We have a 50 client LTSP box that we scan weekly for rootkits and two or three times a week we will fire up WireShark to monitor the traffic for anything out of the ordinary coming from any of the boxes not on the LTSP server. Denyhosts, properly setup IPTables and SeLinux are a simple must for a box always on the internet(directly).