Hi guys, I've been looking at ClamAV for my Debian-based Linux machine. I like the granularity the command line affords, though it takes time to get the hang of it. Does anyone know how to set up an exclusions file that will work in conjunction with a command line scan? A lot of speed can be gained by exclusions of directories, large files, and certain file types, but the number of directory exclusions I would have are too great to conveniently place in a command line (or even in a bashrc file alias, as I am using). Thanks.
I don't use an AV with Linux either. That said, I think ClamAV is mostly used with Linux mail servers. (but I may be wrong too)
Malware doesn't infect UNIX. If you need to install an AV, its to protect Windows users. I've never had a malware problem with my Mac or with Linux.
this is total nonsense. Although linux malware is a small number ,it does exist and can infect a linux system if run as root.Also if the distro repositries were compromised then there is an infection vector. Dont forget that the linux mint site itself was compromised,so anything is possible.
Maybe it should be rephrased "Windows malware can't infect UNIX". There's probably very few unix-targeted malware around.
The Red Moon- You are absolutely correct; actually the first malware I wrote was for UNIX systems as these at the time were the most lucrative targets (errors of a misspent youth). But Norman makes a very important statement as his feeling is also the prevailing "wisdom" by both Rookies and Pros in that UNIX is not especially vulnerable to malware attack- hardly the case! So we have both Security Researchers and Corporations concentrating on Windows. This is an issue in that with Windows we talk of Zero-Day malware, whereas with Unix/Linux, essentially unprotected, we may talk about Zero-Year (if you get my drift...).
There is file sharing with windows machines, there are windows programs operating under WINE, there are cross-platform browser exploits, and there are firmware exploits, which the Linux user ought to be concerned about. Linux is less susceptible than Windows, but not immune. My aim is to have an on-demand scanner, which I would use periodically, and on downloads I wasn't sure of. I think that is a reasonable protocol for a Linux user at this point in time.
