Antivirus for Linux

Printable View

02-20-2013
annadaprasad

Antivirus for Linux

I've heard from many guys that Linux doesn't need an Antivirus. I know that a virus had to get the root permission to get active and a virus generally can't do any harm to a Linux system, though only a few Linux virus are still out there in the wild. But after an argument with my friend, I was referred to this site and since its an official site of a really popular anti-virus lab, I want to ask do I really need an Antivirus for Linux?

I'm running, Mint OS Nadia KDE.
Link: www[dot]quickheal[dot]co[dot]in/small-linux-workstation[dot]asp
02-20-2013
oz

hello

you can read the following short security article for help in deciding if you need to install any security apps under linux:

http://www.linuxforums.org/forum/sec...-security.html
02-20-2013
jayd512

Generally speaking, you don't really need an AV program on a Linux system. Most viruses are of an .exe format, which can't run on Linux. The handful of Linux viruses that might affect you are still going to need executable permissions to run. And so long as you're not running as root, then the worst that can happen is usually going to be damage to your home directory, and not a total system hosing.

I typically don't use an AV program, unless I think I'm going to be sharing files to a Windows machine.
02-20-2013
oz

Quote:

Originally Posted by jayd512

Generally speaking, you don't really need an AV program on a Linux system. Most viruses are of an .exe format, which can run on Linux. The handful of Linux viruses that might affect you are still going to need executable permissions to run. And so long as you're not running as root, then the worst that can happen is usually going to be damage to your home directory, and not a total system hosing.

I typically don't use an AV program, unless I think I'm going to be sharing files to a Windows machine.

In full agreement here with jayd512, and in more than 12 years of running linux I have never installed any AV software. That's not to say that others shouldn't at least consider it. :)
02-21-2013
elija

But then you have to ask the question "Which is more important, my system which I can easily rebuild or my data which represents years of my life?" It's a loaded question to which the correct answer is my data which I have fully backed up.

That said, I do have a virus scanner installed which I use to scan files I'm sharing with my Windows using friends. After all that's only polite :mrgreen:
02-22-2013
Steven_G

I've had this argument so many times I've lost count. My philosophy is: You're not paranoid if they're actually out to get you.

If some 12 year script kiddie in the Urals cleans out your bank account are you going to really care that it was done with a java or broswer or network exploit and your underlying "invulnerable" linux system was never actually compromised?

Malware works differently on *nix than it does on doze, but it can still work. Apple claimed for years that it was *IMPOSSIBLE* (their word, not mine) for a Mac to get malware. Here's a google for Mac malware. Yep. looks pretty impossible to me. And stuff ports (in both directions) between *nix and Mac's fairly well.

And for giggles here's a google of Android Malware. And *nix and 'droid are more than kissing cousins.

So my philosophy is: Why take chances?

You need to understand that *nix malware is %1000 different than doze malware. If you try to use all the same tricks and licks from one to the other then you'll get nowhere fast.

On *nix, your biggest concern with the OS itself, as far as malware goes, is rootkits and trojans. For the most part you either have to draw the attention of the wrong person and get yourself cracked or get tricked in to installing crappy software to get hit by either one of those. But that dose not mean it cannot happen.

Even though your underlying OS is more secure you're still just as vulnerable to crossplatform exploits that work on things like java, browser and networking protocol exploits or human error.

Here is a thread that includes a post I did recently on baisc *nix / general 'puter sec.

The only things I didn't really cover it were: I use ClamAV and AVG AV. Both of which, yes, scan for doze crap. But they also scan for crossplatform crap like java too.

And don't do your business in public. You've got no business balancing your checkbook down at the coffe shop.

The list of tips and tricks in my other post is rather extensive. Master what's in it and you'll be ahead of all the script kiddies.

You still will not be invulnerable. But, the people with the skill level to crack you will not be interested in you because you're too small a fish, i.e. you're not the Pentagon and you're not running a server.