Linux AV Is it necessary?

My new notebook pc which I get next week comes with Linspire Linux installed which Im eager to try since I want to get off the windows treadmill once and for all and Linspire supposedly is the easiest distro to use for linux newbies coming from windows. I have read that Linux antivirus isnt really necessary because there are so few linux malware. The CEO of linspire said that windows refugees insisted on having a linux av even though it wasnt necessary because of the paranoid mindset associated with their windows use.

 

I would say that it's nice to have an AV scanner for linux somewhere that you can use, but at least for the time being, you're pretty safe from viruses right now.

Linspire is a pretty cool distro, too. I got my mom on it, and she's pretty satisfied with it.

 

f-prot among others offer FREE linux versions of their products. so u may as well try one

 

Bitdefender also offers a free linux antivirus

 

But there are no realtime scanners, right?

 

The ClamAV project also offers Free linux AV with realtime scanner.

 

They're not needed, Linux AV's are mailly to filter data for windows pc's or for mail servers... Linux users only have to be aware for Root-Kits, wich you can prevent working with a good IDS...

 

When you are talking about Linux its more about the need to stop malware

There are some viruses out there but software packages tend to be obtained from trusted sources more often than not, so getting a virus is sometimes a little bit harder than it would be on "other" Operating Systems

As was mentioned there are plenty of rootkits out there for Linux and the other Unix'es and when someone compromises a box they would probably be installing a rootkit to hide their processes. There are Linux keyloggers that can potentially still get usernames and passwords that you type in..

Its hard to say in any generic way if you need an A/V for Linux, part of it depends on what distro you have, whether you login as a non-privileged user and how/where you get your software

For peace of mind, I'd certainly recommend getting one of the free ones, at the very least they will scan the windows programs that you download...

 

@gottadoit
The security in Linux needs other types of layers then Windows. IPtables and Snort play a big role to prevent rootkits getting installed. Technoligies like Security-Enhanced Linux (http://www.nsa.gov/selinux/) add extra prevention. Therefore I recommend the use of Debian wich delevers updates longer the the commercial distro's...

Happy Linux using
(no way of sarcasm, I use Linux alot)

 

Yes, there is absolutely no reason to run AV software on a linux desktop machine. Far more important is to ensure you have a properly configured firewall, disable all unused services and properly secure any remaining active services. And of course make sure you keep your system updated.

Ned

 

with the plethora of linux distros available today its really hard to choose one distro and keep that updated/maintained properly.i think you can use the bitdefender version,which among the free linux av versions has the best detection..

 

Not really - they're all based on the same source and the majority of security fixes are done upstream by package maintainers, not the distro's themselves. The distro's simply implement and distribute the updates in their affected packages. Most distro's now contain automatic updating tools like Windows Update to make the process easier.

Putting an AV package on a poorly maintained or updated system isn't going to protect it. The threat to a linux system doesn't come from viruses. The point about keeping a system up to date is to patch security vulnerabilities that may be exploited in order to gain access to the system by a hacker. Similarly, publically available services should be properly secured to prevent unauthorized access. No AV package is ever going to prevent that.

Security issues are very different on Linux (UNIX) compared to Windows.

Ned

 

Ned[/QUOTENot completely right, some are, because of the difference in architecture of linux. More so because linux in fact refers to the kernel only. All distributions comprise of a kernel and lots of software. At will. Tools are not part of the OS.
Big linux pro is the fact that linux requires you to use a root acocunt and a separate user account for daily use. Of course nothing prevents a user of using root for daily operation, except modern linuxes like Linspire and Ubuntu and Ark that disable root from logging in.

Using linux as a line of defense against windows threats is of course a great way to reach a higher level of security. My linux mail server cannot be infected by Windows virusses, while it surely does catch them.
In the same way, a windows system might be a good enhancement for a linux environment

My linux desktop is not vulnerable to windows virusses and since there are no linux virusses (yet), there is no need for a linux virus scanner (yet).

 

Exactly

 

You need in Linux:

Rootkit detection - Rootkit hunter or Chrootkit (I've used Rootkit hunter)
AV - F-prot or Bitdefeder Linux versions (I've used F-prot, very happy)
Firewall - iptables (Usually comes with every distro). You can use Firestarter (for GNOME) or Guarddog (for KDE) to maange your iptables firewall rulesets

You need a firewall in Linux, but the Antivirus is optional, and a rootkit dtector is also optional.

 

I use a linux based gateway, sme server. That handles the firewall part. For Sme server to act as a mailserver it is equipped with clamav an spamassassin, great stuff. rkhunter is scheduled daily.
On my linux desktop root is disabled. No av needed.