Is AV Software Necessary for Linux Desktops?

I recently set up an Ubuntu 6.x box as public/open websurfing computer for a company that had wanted me to install an illegal copy of Windows 98. The Ubuntu box is behind a router on a different Internet pipe from the company network, as separate and segregated as can be. Only two people, including me, know the root password.

What are the hazards of running a public Ubuntu box without real time (expensive) anti-virus software?

Most of the freeware anti-virus software for Linux is of a "command line" "on-demand" rather than a real-time type -- its use, updating and scanning, requires a greater deal of competence and dilgence than one can reasonably expect from most users -- unlike Windows's "set-it-and-forget-it-type" anti-virus offerings. [Edit: My point here is that having "on demand" anti-virus is probably the same as having no anti-virus.]

Much anti-virus software for Linux seems geared to scanning files passing through SMTP gateways, mail servers, file servers, web servers, etc, in order to protect Windows clients using these resources.

There is anti-virus software for Linux desktops which claims to be real-time but it is not free.

What I am wondering is if anti-virus software for a Linux desktop is even necessary. Other than trying to install, update and run Panda's freeware offering on one of my old Red Hat boxes, I have sallied forth on my Linux boxes (Suse, Red Hat, Ubuntu) out into the wild web without any anti-virus software, and to the best of my knowledge I have never been compromised.

Have I been rash and foolish?

 

see this thread: Linux AV Is it necessary?

main point: its not a necessity.

 

Thanks. I missed this thread. Most informative.

 

Sorry as I am just intruding in but for me even more imp is firewall. What about this in linux?

 

for linux, a firewall would be more important than antivirus. some distros have their own firewall but i rele dont know anything about configuring one.

 

Hi,

aigle:
Checkout the Guarddog firewall for Linux. Works with iptables, and is easy to setup with DMZ once you read and understand the great documentation.

houseisland:
You should at least have chkrootkit installed on Linux and run daily scans to make sure that the covered Unix/Linux rootkits (e.g. SuckIt) don't crap up your computer.

-- Tom

 

Thanks. But I think many distros have built in firewall? How good those are?

 

The only two distros I really used, Mepis came with Guarddog and PCLinuxOS came with Shorewall. Both were ok. I tried Firestarter with Mepis but had problems with it. It only ran under root for some reason. I didn't fool with it that much and went back to Guarddog.

I had ClamAV (with the KlamAV KDE frontend) on both distros just for the heck of it (some Windows habits die hard, lol). It was interesting to find trojans in Firefox's and Konqueror's cache. Once they got there they didn't know what to do with Linux, lol.

 

Hi aigle,

Yes, by now almost all distros should have at least iptables built-in, however, if you choose to use Guarddog, you will have elected to use a human compatible high level easy to configure interface vs the alternative which is to slog through configuring iptables at a low-level (time-wise not a good choice IMO). Maybe not a problem if you are a networking expert though.

-- Tom

 

Thanks, I prefer one which is very easy to use esp in linux as I am very much beginner here.

 

Well for better or worse, I put Clam, Firestarter, and Chkrootkit on the box.

Pointless, maybe. Nobody who uses the box will have a clue about how to use any of these apps. And none of them will have the rights to run FreshClam or Chkrootkit. Nor do they have the rights to run Firestarter.

The box is behinded a NATed router. Ubuntu locks down most of its ports anyway.

Oh well, it was fun installing the apps anyway.

Have to say I do like Ubuntu, a very sweet desktop.....