News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Linux : Needs to have anti-virus program? If so, what would be the best program?

    Home Forums AskWoody support Other platforms – for Windows wonks Linux for Windows wonks Linux : Needs to have anti-virus program? If so, what would be the best program?

    This topic contains 11 replies, has 6 voices, and was last updated by

     Charlie 2 months ago.

    • Author
      Posts
    • #255105 Reply

      anonymous

      I am migrating to Linux (Mint 19, intending to upgrade it to 19.1), so I am wondering if it is truth that antimalware/virus program is unnecessary and even being security risk in themselves?

      If one desires to have a protection program in place, what would be the best? I have seen Sophos came up as the best especially if one disables the telemetry in it?

      Should I just download Clam and just use it to as on demand scanner?

      Any tips in this area?

      I also would like this thread to be use for anyone who are considering moving to Linux from Windows and wondering about the protection.

    • #264889 Reply

      mn–
      AskWoody Lounger

      Well.

      Of course these things all carry some amount of risk, even on Windows. (Just how many cases have we seen of a combination of a specific antivirus / other security product and a specific Windows update causing problems, again?)

      These tend to be a very manageable risk nowadays on Linux too.

      Sophos does seem like a decent product and has listed support for Ubuntu 18.04 so up to date in that regard… hm, really should do some testing on that one myself too… though with no GUI included it’s a bit more of a server-type product than what Mint is usually used for.

       

      Comodo for example would be more desktop-oriented at least and specifically lists Mint… but not a recent version. Also hasn’t done particularly well in tests.

       

      (On-access scanning being limited to only officially supported kernel builds used to be the major problem of Linux antivirus software way back when. This has improved since, but… well, see the Sophos technical article on fanotify vs custom kernel modules…)

       

      And of course you should have Clam installed and updated too (freshclam cronjob preferably). Even if you only only use it as a secondary on-demand scanner (no daemon). It’s a very low-risk product, using it simultaneously with another security product adds negligible risk and allows fallback if your primary tool fails for some reason.

       

      As to whether these are necessary… well, that’s more of a question of what you’re doing with the computer, and how. Linux-focused malware does exist in the wild, I’ve seen some… but proper password discipline, closing unneeded service ports and a basic firewall setup seem to block a greater proportion of it and most of the rest is such that it relies on social engineering to get the user to run it anyway.

    • #264914 Reply

      anonymous

      Should I just download Clam and just use it to as on demand scanner?

      You can, I have chosen to do this just because there is need because sometimes third party software is downloaded and checked for things.

    • #292409 Reply

      Microfix
      AskWoody MVP

      @OP, This has been discussed previously here at AskWoody
      My view still stands the test of time regarding this topic, with no viruses and malware kept at bay by RKHunter and Chrootkit.
      One thing I would advise is to read easylinuxtipsproject which has some valuable tips and tweaks to safeguard security in LM19
      I keep linux stuff for linux and Windows stuff for Windows and don’t share between. YMMV

      | W10 Pro x64 1803 | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x64/ XP Pro O/L
        Can't see the wood for the trees? Look again!
      1 user thanked author for this post.
    • #292446 Reply

      MrJimPhelps
      AskWoody_MVP

      I use Sophos A/V for Linux:

      https://www.askwoody.com/forums/topic/does-linux-need-antivirus/#post-129891

      This is what I posted at the link Microfix referred to in the previous post.

      Group "L" (Linux Mint)
      with Windows 8.1 running in a VM
      1 user thanked author for this post.
    • #308147 Reply

      anonymous

      Thank you for your replies 🙂 Especially with the links.

      So to sum up as for Anti-Virus, I does not really need one but if I want to be 100% sure that I am not passing or holding virus, I use the Clam. Clam will not harm the computer and could be just there for peace of mind for Newly ex-Window users.

      As for Antimalware and antirootkit, I should use RKHunter and/or CHRootkits to check (and they are on demand only) on occasion.

      If I feel overly concerned, Sophos may be useful.

      Other than that, the protection system is unnecessary and may be even harmful to the Linux system by giving the malware path to system root.

      Is that accurate summary?

      • #308231 Reply

        Microfix
        AskWoody MVP

        I’d say so, ClamAV is also resource friendly in linux and is a good choice should you wish to transfer files to Windows. You’ll also need ClamTK which is a front-end interface for easier access for quick scans and updates.
        Just remember to always have an up-to-date AV in Windows.

        Edit: ClamTK is in the repositories 😉

        | W10 Pro x64 1803 | W8.1 Pro x64 | Linux x64 Hybrids | W7 Pro x64/ XP Pro O/L
          Can't see the wood for the trees? Look again!
        1 user thanked author for this post.
      • #308738 Reply

        anonymous

        I should use RKHunter and/or CHRootkits

        Second option iirc may be named chkrootkit… but, yeah, you’ve got the right idea.

        Is that accurate summary?

        Yes.

        From a security perspective, maybe also consider that it’s probably better (i.e., safer) to choose to use a well-known well-regarded distro with lots of users and devs that take security – and providing timely security updates – seriously. And then don’t forget the basics…

        Be careful what you download and what you install on your system – only install vetted software from your selected distro’s recommended/trusted software repo(s) (or other known and trusted sources). Apply security updates when available. Don’t run as root. And regardless of what OS you’re using, continue to engage in safe computing practices…

        https://security.berkeley.edu/resources/best-practices-how-to-articles/top-10-secure-computing-tips

        Hope this helps.

    • #314319 Reply

      Charlie
      AskWoody Plus

      I’m considering putting Clamav & Clamtk on my new Linux Mint 19.1 but I can’t seem to find it with Software Manager, even using the search.  Is it not yet available for 19.1?  Can they be downloaded from somewhere else and installed via Terminal commands?

      Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Group B

      • #314328 Reply

        DrBonzo
        AskWoody Lounger

        Interesting, I’m having a similar problem with Ubuntu 16.04 LTS. I have no problem finding ClamTK searching in the software manager but the only place I’ve found Clam AV is from the ClamAV website. As I understand it ClamTK is just the graphical interface and it needs Clam AV. It’s not a big deal, but it seems odd to me I can’t find ClamAV from the software manager. I’m not very familiar with Ubuntu – or Linux, for that matter – so I figure I’m just missing something that’s probably fairly obvious.

      • #314329 Reply

        mn–
        AskWoody Lounger

        I’m considering putting Clamav & Clamtk on my new Linux Mint 19.1 but I can’t seem to find it with Software Manager, even using the search. Is it not yet available for 19.1? Can they be downloaded from somewhere else and installed via Terminal commands?

        Well… Yes. Usually “sudo apt-get install clamtk clamav-freshclam” should pull at least the basics, unless your repository config is messed up. Try “apt-cache search clamav” for a listing on what’s available. (You might want the “clamtk-gnome” package if you use a Gnome-compatible desktop environment, for example, and “libclamunrar7” is a separate package due to rar format licensing…)

        But I’d expect the Software Manager to have found those already. Don’t use Mint myself, don’t know of its specific quirks… all I have here is Xubuntu and I mostly do this kind of thing from the command line anyway.

         

        And then if nothing else helps, it’s also available in source form from https://www.clamav.net/downloads – look for the .tar.gz file.

        But, do note that installing from source is generally thought to be rather more advanced than the typical end user wants to do. You’ll need development libraries, compilers and such installed before you can start the process, and the resulting application probably won’t be automatically managed by your software package manager… still, if you really want to do this, it’s possible. You can even do this on all kinds of weird systems that you can’t get premade packages for…

        1 user thanked author for this post.
    • #314639 Reply

      Charlie
      AskWoody Plus

      Thanks mn-  I’ve seen the command “sudo apt-get install” at another Linux website but I wasn’t sure if it would actually do the whole job of downloading and installing a new program or programs.  Also, since Clamtk is in repositories, I’ll have to make sure that’s configured properly too.

      I’ve only had several months of hands on experience with Linux Mint so I’m still in the learning curve.  Your help is very much appreciated.

      Win 7 Home Premium, x64, Intel i3-2120 3.3GHz, Group B

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Linux : Needs to have anti-virus program? If so, what would be the best program?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.