News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Linux : Needs to have anti-virus program? If so, what would be the best program?

    Home Forums AskWoody support Other platforms – for Windows wonks Linux for Windows wonks Linux : Needs to have anti-virus program? If so, what would be the best program?

    This topic contains 7 replies, has 4 voices, and was last updated by  anonymous 5 days, 3 hours ago.

    • Author
      Posts
    • #255105 Reply

      anonymous

      I am migrating to Linux (Mint 19, intending to upgrade it to 19.1), so I am wondering if it is truth that antimalware/virus program is unnecessary and even being security risk in themselves?

      If one desires to have a protection program in place, what would be the best? I have seen Sophos came up as the best especially if one disables the telemetry in it?

      Should I just download Clam and just use it to as on demand scanner?

      Any tips in this area?

      I also would like this thread to be use for anyone who are considering moving to Linux from Windows and wondering about the protection.

    • #264889 Reply

      mn–
      AskWoody Lounger

      Well.

      Of course these things all carry some amount of risk, even on Windows. (Just how many cases have we seen of a combination of a specific antivirus / other security product and a specific Windows update causing problems, again?)

      These tend to be a very manageable risk nowadays on Linux too.

      Sophos does seem like a decent product and has listed support for Ubuntu 18.04 so up to date in that regard… hm, really should do some testing on that one myself too… though with no GUI included it’s a bit more of a server-type product than what Mint is usually used for.

       

      Comodo for example would be more desktop-oriented at least and specifically lists Mint… but not a recent version. Also hasn’t done particularly well in tests.

       

      (On-access scanning being limited to only officially supported kernel builds used to be the major problem of Linux antivirus software way back when. This has improved since, but… well, see the Sophos technical article on fanotify vs custom kernel modules…)

       

      And of course you should have Clam installed and updated too (freshclam cronjob preferably). Even if you only only use it as a secondary on-demand scanner (no daemon). It’s a very low-risk product, using it simultaneously with another security product adds negligible risk and allows fallback if your primary tool fails for some reason.

       

      As to whether these are necessary… well, that’s more of a question of what you’re doing with the computer, and how. Linux-focused malware does exist in the wild, I’ve seen some… but proper password discipline, closing unneeded service ports and a basic firewall setup seem to block a greater proportion of it and most of the rest is such that it relies on social engineering to get the user to run it anyway.

    • #264914 Reply

      anonymous

      Should I just download Clam and just use it to as on demand scanner?

      You can, I have chosen to do this just because there is need because sometimes third party software is downloaded and checked for things.

    • #292409 Reply

      Microfix
      AskWoody_MVP

      @OP, This has been discussed previously here at AskWoody
      My view still stands the test of time regarding this topic, with no viruses and malware kept at bay by RKHunter and Chrootkit.
      One thing I would advise is to read easylinuxtipsproject which has some valuable tips and tweaks to safeguard security in LM19
      I keep linux stuff for linux and Windows stuff for Windows and don’t share between. YMMV

      | W10 Pro x64 | W8.1 Pro x64 | Linux x64 Hybrids | XP Pro O/L
      1 user thanked author for this post.
    • #292446 Reply

      MrJimPhelps
      AskWoody Plus

      I use Sophos A/V for Linux:

      https://www.askwoody.com/forums/topic/does-linux-need-antivirus/#post-129891

      This is what I posted at the link Microfix referred to in the previous post.

      Group "L" (Linux Mint)
      with Windows 8.1 running in a VM
      1 user thanked author for this post.
    • #308147 Reply

      anonymous

      Thank you for your replies 🙂 Especially with the links.

      So to sum up as for Anti-Virus, I does not really need one but if I want to be 100% sure that I am not passing or holding virus, I use the Clam. Clam will not harm the computer and could be just there for peace of mind for Newly ex-Window users.

      As for Antimalware and antirootkit, I should use RKHunter and/or CHRootkits to check (and they are on demand only) on occasion.

      If I feel overly concerned, Sophos may be useful.

      Other than that, the protection system is unnecessary and may be even harmful to the Linux system by giving the malware path to system root.

      Is that accurate summary?

      • #308231 Reply

        Microfix
        AskWoody_MVP

        I’d say so, ClamAV is also resource friendly in linux and is a good choice should you wish to transfer files to Windows. You’ll also need ClamTK which is a front-end interface for easier access for quick scans and updates.
        Just remember to always have an up-to-date AV in Windows.

        Edit: ClamTK is in the repositories 😉

        | W10 Pro x64 | W8.1 Pro x64 | Linux x64 Hybrids | XP Pro O/L
      • #308738 Reply

        anonymous

        I should use RKHunter and/or CHRootkits

        Second option iirc may be named chkrootkit… but, yeah, you’ve got the right idea.

        Is that accurate summary?

        Yes.

        From a security perspective, maybe also consider that it’s probably better (i.e., safer) to choose to use a well-known well-regarded distro with lots of users and devs that take security – and providing timely security updates – seriously. And then don’t forget the basics…

        Be careful what you download and what you install on your system – only install vetted software from your selected distro’s recommended/trusted software repo(s) (or other known and trusted sources). Apply security updates when available. Don’t run as root. And regardless of what OS you’re using, continue to engage in safe computing practices…

        https://security.berkeley.edu/resources/best-practices-how-to-articles/top-10-secure-computing-tips

        Hope this helps.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Linux : Needs to have anti-virus program? If so, what would be the best program?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.