Linux AV Is it necessary?

Discussion in 'other anti-virus software' started by I who know nothing, May 5, 2005.

Thread Status:
Not open for further replies.
  1. My new notebook pc which I get next week comes with Linspire Linux installed which Im eager to try since I want to get off the windows treadmill once and for all and Linspire supposedly is the easiest distro to use for linux newbies coming from windows. I have read that Linux antivirus isnt really necessary because there are so few linux malware. The CEO of linspire said that windows refugees insisted on having a linux av even though it wasnt necessary because of the paranoid mindset associated with their windows use.
     
  2. JimIT

    JimIT Registered Member

    Joined:
    Jan 22, 2003
    Posts:
    1,035
    Location:
    Denton, Texas
    I would say that it's nice to have an AV scanner for linux somewhere that you can use, but at least for the time being, you're pretty safe from viruses right now.

    Linspire is a pretty cool distro, too. I got my mom on it, and she's pretty satisfied with it. :D
     
  3. tahoma

    tahoma Registered Member

    Joined:
    May 31, 2003
    Posts:
    228
    f-prot among others offer FREE linux versions of their products. so u may as well try one
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Bitdefender also offers a free linux antivirus
     

    Attached Files:

  5. Weber

    Weber Registered Member

    Joined:
    Jun 16, 2003
    Posts:
    107
    Location:
    Porto Alegre - Brazil
    But there are no realtime scanners, right?
     
  6. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    The ClamAV project also offers Free linux AV with realtime scanner.
     
  7. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    They're not needed, Linux AV's are mailly to filter data for windows pc's or for mail servers... Linux users only have to be aware for Root-Kits, wich you can prevent working with a good IDS...
     
  8. gottadoit

    gottadoit Security Expert

    Joined:
    Jul 12, 2004
    Posts:
    601
    Location:
    Australia
    When you are talking about Linux its more about the need to stop malware

    There are some viruses out there but software packages tend to be obtained from trusted sources more often than not, so getting a virus is sometimes a little bit harder than it would be on "other" Operating Systems

    As was mentioned there are plenty of rootkits out there for Linux and the other Unix'es and when someone compromises a box they would probably be installing a rootkit to hide their processes. There are Linux keyloggers that can potentially still get usernames and passwords that you type in..

    Its hard to say in any generic way if you need an A/V for Linux, part of it depends on what distro you have, whether you login as a non-privileged user and how/where you get your software

    For peace of mind, I'd certainly recommend getting one of the free ones, at the very least they will scan the windows programs that you download...
     
  9. Sputnik

    Sputnik Registered Member

    Joined:
    Feb 24, 2005
    Posts:
    1,198
    Location:
    Москва
    @gottadoit
    The security in Linux needs other types of layers then Windows. IPtables and Snort play a big role to prevent rootkits getting installed. Technoligies like Security-Enhanced Linux (http://www.nsa.gov/selinux/) add extra prevention. Therefore I recommend the use of Debian wich delevers updates longer the the commercial distro's...

    Happy Linux using :)
    (no way of sarcasm, I use Linux alot)
     
  10. Ned Slider

    Ned Slider Registered Member

    Joined:
    Mar 24, 2005
    Posts:
    169
    Yes, there is absolutely no reason to run AV software on a linux desktop machine. Far more important is to ensure you have a properly configured firewall, disable all unused services and properly secure any remaining active services. And of course make sure you keep your system updated.

    Ned
     
  11. clansman77

    clansman77 Registered Member

    Joined:
    Jan 31, 2005
    Posts:
    234
    Location:
    kochi,kerala,india
    with the plethora of linux distros available today its really hard to choose one distro and keep that updated/maintained properly.i think you can use the bitdefender version,which among the free linux av versions has the best detection..
     
  12. Ned Slider

    Ned Slider Registered Member

    Joined:
    Mar 24, 2005
    Posts:
    169
    Not really - they're all based on the same source and the majority of security fixes are done upstream by package maintainers, not the distro's themselves. The distro's simply implement and distribute the updates in their affected packages. Most distro's now contain automatic updating tools like Windows Update to make the process easier.

    Putting an AV package on a poorly maintained or updated system isn't going to protect it. The threat to a linux system doesn't come from viruses. The point about keeping a system up to date is to patch security vulnerabilities that may be exploited in order to gain access to the system by a hacker. Similarly, publically available services should be properly secured to prevent unauthorized access. No AV package is ever going to prevent that.

    Security issues are very different on Linux (UNIX) compared to Windows.

    Ned
     
  13. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    Ned[/QUOTENot completely right, some are, because of the difference in architecture of linux. More so because linux in fact refers to the kernel only. All distributions comprise of a kernel and lots of software. At will. Tools are not part of the OS.
    Big linux pro is the fact that linux requires you to use a root acocunt and a separate user account for daily use. Of course nothing prevents a user of using root for daily operation, except modern linuxes like Linspire and Ubuntu and Ark that disable root from logging in.

    Using linux as a line of defense against windows threats is of course a great way to reach a higher level of security. My linux mail server cannot be infected by Windows virusses, while it surely does catch them.
    In the same way, a windows system might be a good enhancement for a linux environment :D

    My linux desktop is not vulnerable to windows virusses and since there are no linux virusses (yet), there is no need for a linux virus scanner (yet).
     
  14. Ned Slider

    Ned Slider Registered Member

    Joined:
    Mar 24, 2005
    Posts:
    169
    Exactly :)
     
  15. squash

    squash Registered Member

    Joined:
    Mar 25, 2005
    Posts:
    313
    You need in Linux:

    Rootkit detection - Rootkit hunter or Chrootkit (I've used Rootkit hunter)
    AV - F-prot or Bitdefeder Linux versions (I've used F-prot, very happy)
    Firewall - iptables (Usually comes with every distro). You can use Firestarter (for GNOME) or Guarddog (for KDE) to maange your iptables firewall rulesets

    You need a firewall in Linux, but the Antivirus is optional, and a rootkit dtector is also optional.
     
  16. meneer

    meneer Registered Member

    Joined:
    Nov 27, 2002
    Posts:
    1,132
    Location:
    The Netherlands
    I use a linux based gateway, sme server. That handles the firewall part. For Sme server to act as a mailserver it is equipped with clamav an spamassassin, great stuff. rkhunter is scheduled daily.
    On my linux desktop root is disabled. No av needed.
     
Loading...
Thread Status:
Not open for further replies.