Sophos releases free AV client for Linux

Discussion in 'all things UNIX' started by scoopnog, Apr 11, 2015.

  1. scoopnog

    scoopnog Registered Member

    Joined:
    Oct 3, 2012
    Posts:
    8
    https://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-linux.aspx

    The number of free (gratis) AV programs for linux is low. The number of AV programs that specifically detect potential linux malware is very low. Of these two categories, those left that actually work on distros released this year include two, afaik. ClamAV (?) and now Sophos. Sophos also has an on-access scanner.

    Updates are every 60 minutes.
     
    Last edited: Apr 11, 2015
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    It looks interesting, but I don't know if many Linux users would run it.
     
  3. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    I'd run it if I ran Linux. Sophos is excellent.

    Sophos ESC is free for deployment on your Windows devices (up to 10) provided you have a Sophos UTM (also free, LOL) running. Well worth it!
     
  4. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    I think it could be a bit surplus to requirements on most Linux systems though. In my country Sophos was regularly bundled with new Windows machines at one time. It seems to have lost out to McAfee and Norton of late though. It's always had a pretty good reputation. The thing is, what attracted me to Linux (Ubuntu) in the first place was the concept of not necessarily needing an AV, so, no false-positives borking my laptops and no slowing of the OS. I am typing this on a laptop with Ubuntu Trusty Tahr. The only security I have on it is in the browser (Chromium) itself, essentially just WOT and uBlock. I have a router firewall. I feel safe enough.
     
  5. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    There are more anti-virus for Linux, such as Avast, old AVG versions, BitDefender for Unices, Comodo, F-Prot, etc. But this is one of the very few that is on-access.

    Personally, I find VirusTotal and uBlock more than enough.
     
  6. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    Yeah they are still available for download, but most of them are way outdated and not working on more recent distros. Despite being more secure, Linux is not immune to malware. I am running Ubuntu on all my PCs (dual boot with Windows), and will be installing Sophos for Linux on all my PCs. The real time scanner is a big plus also.

    Thank you Sophos.
     
  7. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    Some day something like this might prove useful, but for the time being, no. The amount of free-range malware for Linux desktops is so minute as to practically nil. I'm sure someone has a story, but of all the Linux users I know or have spoken to about it, none use an AV and none have ever encountered malware. Keep calm and carry on.
     
  8. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    How do you know for sure there is no malware on Linux desktop OS? It might be rare, but not none. People thought Linux was bullet-proof until heartbleed, GHOST and shellshock were discovered. So Linux does have security holes and malware can sure get in. You never know.
     
  9. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    Terrorists might strike, Commies may be under my bed, an aircraft may land on my head, but when the threat is low I don't worry about it.

    And more people have seen bigfoot than have seen malware attacking a typical browsing Linux desktop.
     
  10. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    That made me laugh out loud! Thanks, I needed that today. :D:argh:
     
  11. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    Ignorance is a blessing, lol. Your logic is severely flawed. Go take a look at the history of heartbleed and shellshock. They had been present in every Linux desktop OS and Mac OS X system continuously for decades before they were very recently accidentally discovered. You might already have been silently monitored for decades, which could be worse than a actual malware.

    You have not been attached by terrorist for decades continuously. A air plane has not been landing on your head every day for decades. You have not seen bigboob everyday for decades. How can you compare the continuously present security holes with something that might happen in 1/million chance?
     
  12. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Uh, those exploits are far from likely to be prevented by a Linux AV, especially when they're not as advanced as their windows counterparts...

    Saying you need an AV specifically just for Linux is recommending one "cure" w/o considering other possibilities.
     
  13. accessgranted

    accessgranted Registered Member

    Joined:
    Mar 10, 2010
    Posts:
    182
    Downloading it just to see how it fares on Ubuntu... Man! It's a 403 Megs download ! :( Bad start to me.
     
  14. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    True, but the same logic applies to a Windows AV. vulnerabilities generally can not be prevented by an AV, and the AV is not the only one measure you can take to reduce the risk. No one ever said an AV is a cure, not to mention the only cure. I only said it will likely be helpful reducing security risk, that's all. Same thing for a Windows AV. It's definitely better than no AV. that's my point.
     
  15. accessgranted

    accessgranted Registered Member

    Joined:
    Mar 10, 2010
    Posts:
    182
    LOL How do you know you would deem it necessary since you don't run Linux!?
     
    Last edited: Apr 15, 2015
  16. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    Oh, nonsense. Of course there will be exploits, and if I were running a server that could be targeted I would treat security quite differently. But the bottom line is right now a Linux desktop client doing web surfing and such has a very, very, very small likelihood of encountering malware.

    You are confusing the threat for the vulnerability. You are continuously vulnerable to planes falling on your head or terrorists, but the risk is infinitesimally small. Likewise with a Linux desktop browsing the web, you have vulnerabilities, but the threats are for all practical purposes nonexistent.
     
  17. Mayahana

    Mayahana Banned

    Joined:
    Sep 13, 2014
    Posts:
    2,220
    Sorry Linux fans.. Linux had the most exploits and vulnerabilities of any OS in 2014. 2014 shattered the master race linux myth. I consider protection for my linux-based devices in the home extremely important. (DVR's, etc)
     
  18. mvario

    mvario Registered Member

    Joined:
    Sep 16, 2008
    Posts:
    339
    Location:
    Haddonfield, IL
    Actually quite false. I assume you are referring to this:

    http://www.gfi.com/blog/most-vulnerable-operating-systems-and-applications-in-2014/

    Read the update and you will see that even the author admits that trying to compare very different operating systems and development processes make comparison difficult. Not to mention the fact that closed source products don't have the level of transparency that open source does.

    But of course that is all about vulnerabilities, not exploits. Which are two very different things. I personally know quit a few people with Windows who have had their boxes exploited. If anyone knows someone who has got a Linux desktop infected with malware please raise your hand. And I'm not talking about servers that are specifically targeted. I don't know any, either personally nor anecdotally. I'd like to meet the unlucky sod if you do.

    I'm not saying that Linux has no vulnerabilities, of course it does. I'm saying there are pretty much zero in-the-wild exploits that a desktop user is ever going to run into doing normal web browsing. Perhaps in the future this might change, but right now its unheard of.
     
  19. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,030
    Location:
    Lloegyr
    I'm with mvario on this, and I don't know anyone who actually uses Linux has ever believed in a 'master race linux myth' which is a bizarre and strange statement to make. Virtually all the people I either know personally, or online, who run Linux, don't believe it is invulnerable. It's just that Linux malware or exploits are about as rare as people who claim to have seen Bigfoot. Linux users know this. I can't speak for Bigfoot.
     
  20. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    839
    Location:
    Québec, Canada
    Tried to install on Mint 17.1 XFCE and finally got:
     
    Last edited: Apr 16, 2015
  21. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    Installs fine on a Ubuntu 14.04.2 desktop. Real time scanning works on background, as there is no visible daemon on the taskbar.
     
  22. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    839
    Location:
    Québec, Canada
    Will try Xubuntu then.
     
  23. fblais

    fblais Registered Member

    Joined:
    Jul 31, 2008
    Posts:
    839
    Location:
    Québec, Canada
    I was finally able to install it in Mint.
    I had to do "sudo apt-get install build-essential" to install missing utilities.
    It was not obvious though...

    Now, how do I know if on-access scan is working?
    Only by checking the running processes with task manager?
     
  24. x942

    x942 Guest

    Linux has security issues like any other os. But AV's are nearly useless to begin with. Learn how to secure your OS instead of relying on a third-party to try and do it. A better solution would be Debian + Grsecurity/PaX. Debian is already moving (and nearly completed) over to reproducible builds, sticking to the FOSS repos only, using a GRSecurity kernel with RBAC and/or Applocker/Selinux would be miles more secure than running an AV.

    AV's are easily bypassed and just add unneeded overhead. If you want an AV I would instead use a UTM and have the AV on the edge of your network. If it is going to catch anything, at least catch it before it lands on your computer.
     
  25. oliverjia

    oliverjia Registered Member

    Joined:
    Jul 21, 2005
    Posts:
    1,517
    What you said makes sense if you are only using Linux. I use both Linux and Windows, so an AV is not useless to begin with. And I don't want to invest in a UTM at this moment. So a free AV, why not? It adds nothing to the performance of my computer with an i7+8GB Ram + SSD as OS drive.

    Oh, as you can see from my signature, I use Applocker and standard account under Windows, which is measures to secure my OS using its inherent tools.
     
Loading...