#! what kind of Anti Virus and Anti Malaware do you recommend.

protocoder · 2012-05-16 10:34:52

I know linux is cool and bad guys target linux less. But do you guys run and recommend any Antivirus and Anti Malaware to be running (without compromising on space and speed). I am definetly not talking about windows (I use Avira and except for that annoying pop up, it is pretty fast and does not slow my system). Thank you in Advance.

TitanMech · 2012-05-16 10:42:54

I run the eset online scanner in wine, to check for infections on my windows partition primarily, but it has been known to detect little nasties in my chromium cache folder from time to time, even though those little nasties are unlikly to affect my linux machine.

I also run rkhunter for rootkits, but all i seem to ever get is false positives.

And clamav at the command line to check for any potential windows nasties on all my partitions.

Ive never found a "linux only" infection, but from time to time things that would affect windows, do appear in browser cache folders, and since i dual boot and have the windows partition mounted all the time, i dont like the idea of these things, jumping to another parttion, and borking my windows install cause i still use it for the odd game.

*Edit*
Corrected my mistake

Last edited by TitanMech (2012-05-16 12:25:49)

Awebb · 2012-05-16 10:48:18

No, we don't. There is in fact no way to determine, wether software is malicious in Linux. Your own behavior is the best anti-virus. There are, in fact, rootkit hunters like chrootkit or rkhunter, but you should rather protect yourself with a sane behavior instead of relying on software.

EDIT: clamav does not look for linux nasties.

Last edited by Awebb (2012-05-16 10:48:49)

machinebacon · 2012-05-16 10:48:22

It's a good idea to have for example clam on the linux partition in case you want to cross-check some windows drive. Apart from that, I never use it.

orionthehunter · 2012-05-16 12:45:24

Some of what Awebb means is:

Manage your root access carefully. Don't give root access to users who don't know what they're doing or want to hurt you or your computer.

Stay up to date with security updates to avoid folks getting at any potential vulnerabilities.

You might do well to learn about some of the reasons why Linux is less susceptible to viruses than Windows, a lot of it has to do with security defaults like not logging in as root.

That said, running scripts or binaries that you don't know or trust the source of is a terrible idea. When in doubt read the source code. If there isn't source code available, consider whether or not you should be running it at all.

el_koraco · 2012-05-16 12:54:41

I didn't use snake-oil for the last two years I used Windows, and I still wouldn't put it on my relatives WIndows machines if Microsoft didn't publish MSE. No way in hell will I recommend something on Linux.

orionthehunter · 2012-05-16 12:56:30

@el_koraco: I'm inclined to agree... I honestly have to wonder how many of the viruses are propagated by Norton and Kaspersky and such...

rhowaldt · 2012-05-16 18:06:26

@el_koraco: indeed. MSE is simply perfect, i cannot say otherwise. i am so glad my dad accepted me installing that on his Win7, and he could ditch his paid Panda Antivirus, which i spent the next month (weekly, half-hour sessions) trying to remove. that made me remember why i hate panda's. big_smile

i never used antivirus on Windows, and i have even less reason to do so now. i only had 1 virus (on Windows) in the past 15 years or so of computer-use, and i knew i was getting in trouble the moment i clicked that file (why did you click, you ask? i don't know)

if it says 'CUTE KITTENZOMG!!!1!11!11.exe', don't click it.

ivanovnegro · 2012-05-16 19:04:03

Antivirus, nope!!

protocoder · 2012-05-16 20:30:27

To summarize from all:
1. Some one writing these virus to make people buy anti virus software. .and there others exploring to break the defence and public are caught in collateral damage.
2. Some one want to exploit the weakness ( who knows inside out of OS) and try to get information
3. People testing the software and having fun...
4. Govt computer experts creating it to extract information for good .. Say 'X" visits a dirty site which govt want to profile.. trojans/virus will get in his machine which are markers for minitoring 'X'.

I have a question, If hackers can be caught and prosecuted, why not the virus creators ?

Only category 1 above may not be relevant to linux as it is free and no commercial interest unless used by the corporates. But 2, 3 and 4 still possible in linux.
Simply put it, if we stay on good sites and careful with email attachments and USBs windows or linux we are safe .. Is my understanding right.

Last edited by protocoder (2012-05-16 20:31:00)

rhowaldt · 2012-05-16 21:18:05

^ pretty much right i think, yeah. i think the reason hackers get caught a bit easier than virus-makers is because a hacker is present in the system at a certain time, whereas a virus is created and sent out into the world to do whatever on its own. of course when it is a virus which is 'calling home' (connecting to the creator's computer in some way to send back data), that might make it easier to catch the person who made it. but i'm not sure if it works that way.

yes, linux is still vulnerable to viruses. however, better permission-control on the OS, coupled with the fact that there are relatively less Linux-users than there are Windows-users, will make a Linux-PC a less attractive target for a virus-maker.

all in all, just being smart about what you do and don't open is the best remedy to viruses, period. it is simply a plus that you also happen to be on Linux and therefore a bit less likely to be targeted.

CaptainIndifferent · 2012-05-17 02:03:46

At work we use Sophos AV on all of the Linux and OS X boxes. I usually switch off the on-demand scanning which can dog down the system and just set a cron job to do a complete system scan in the middle of the night when no one will care. To be honest I don't know if it's really worth it but corporate says we have to and I've been there long enough to know to pick my battles. smile

We use Trend Micro on the Windoze systems and it usually finds one or two infections a month out of hundreds of machines.

At home I use Sophos on my Macs as there's a free version and my wife is way too click happy to not have something keeping an eye on what she's doing. lol

I've never bothered with AV software on my Linux systems but I'm beginning to think that I might install clamav or something similar just to run the occasional scan of the browser caches.

johnraff · 2012-05-17 05:13:08

The one aspect that hasn't been mentioned too much is not wanting to send an infected file to our friends running Windows. You get a file as an email attachment or download from the net and while it might not be able to harm you, it would be a courtesy to run a quick scan over it before sending it on to a friend.

It's probably easier to do that scan when stuff arrives than at sending time. I Installed clamav recently for that purpose, and just do a general scan of ~/downloads before moving anything out of it.

When I remember. roll

zalew · 2012-05-17 06:27:02

saying that I use clamav would be an overstatement as I remember about it probably twice per year, and only for the reason johnraff mentioned and also just in case for the sake of it, because just I don't get/download files that could be harmful.
nevertheless, if you need to use av, you're doing it wrong.

sometimes chrootkit fo sure.

Last edited by zalew (2012-05-17 06:28:26)

CaptainIndifferent · 2012-05-17 06:46:57

zalew wrote:

nevertheless, if you need to use av, you're doing it wrong.

Don't forget that these days it's not just about being careful about what you download and avoiding sketchy sites. Perfectly innocent sites can be compromised and you just have to visit them. Keeping up with the latest security updates and using plugins like NoScript! can help but it's only a matter of time before something slips through.

Last year Mac users were smugly saying that they didn't have to worry about viruses and look what happened to them. Can you say Flashback? sad

zalew · 2012-05-17 11:23:59

u know, it doesn't matter if it slips as long it doesn't get executed tongue

btw nice read http://www.reddit.com/r/IAmA/comments/s … ma/c4g3lls those guys laugh at av.

viruses aside, av doesn't protect you against ask.com and other crapware anyways, I was recently invited to clean up a windows box which was 'clean' from the latest greatest av's point of view, from my point of view the os was barely usable filled with shit top to bottom and hello regedit.exe, yuk. yet I'd suggest windows users to have virus/adware protection anyway, at least *some* of the crap gets filtered out.

afaik macbois didn't have the java security update the rest of the sane world got months ago.

el_koraco · 2012-05-17 12:17:19

CaptainIndifferent wrote:

Perfectly innocent sites can be compromised and you just have to visit them.

If you're using XP with Windows Explorer and full ActiveX content allowed.

rhowaldt · 2012-05-17 12:34:53

the fact that many people still use IE6 isn't helping either..

machinebacon · 2012-05-17 12:50:42

^ Although - until you finally manage to open a page on IE: http://www.youtube.com/watch?v=UI8oQZgGWlY

hinto · 2012-05-17 13:08:45

johnraff wrote:

The one aspect that hasn't been mentioned too much is not wanting to send an infected file to our friends running Windows. You get a file as an email attachment or download from the net and while it might not be able to harm you, it would be a courtesy to run a quick scan over it before sending it on to a friend.
It's probably easier to do that scan when stuff arrives than at sending time. I Installed clamav recently for that purpose, and just do a general scan of ~/downloads before moving anything out of it.
When I remember.

Sounds like a good opportunity to be a #! evangelist wink
-H

Ed Flanders · 2012-05-17 15:31:17

I use BitDefender to scan other people's flash drives and files I intend to send to Windows users.
It's free and you only need to re-enter the password you are given once a year.
search "Bitdefender Antivirus Scanner for Unices"

Awebb · 2012-05-17 18:05:01

Hackers do not get caught and prosecuted, only idiots and idiots who happen to be famous idiots do. Virus creators do get caught, they just happen to be idiots ending up in US official "idiot got caught and prosecuted" news.

zalew · 2012-05-18 03:59:05

rhowaldt wrote:

the fact that many people still use IE6 isn't helping either..

many? currently about 1%, most which is probably a corporate environment

johnraff · 2012-05-18 05:09:26

^1% of how many million? Not many??
Never overlook minorities.

zalew · 2012-05-18 06:56:02

look at the second part of the sentence.

it's not like average joes cannot upgrade or dont'want to. the ones who could already did that, because websites stopped working, google stopped supporting it, etc, that's why now the number is low. the ones who are left with ie6 are mostly boxes in corporate structures where some erps or other local software ordered ages ago is strictly tied to msie6 with some shitty web gui or whatever. those environments have more control over what can flow in/out and what gets installed than joe's box.

CrunchBang Linux

SEARCH

#1 2012-05-16 10:34:52

#! what kind of Anti Virus and Anti Malaware do you recommend.

#2 2012-05-16 10:42:54

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#3 2012-05-16 10:48:18

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#4 2012-05-16 10:48:22

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#5 2012-05-16 12:45:24

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#6 2012-05-16 12:54:41

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#7 2012-05-16 12:56:30

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#8 2012-05-16 18:06:26

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#9 2012-05-16 19:04:03

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#10 2012-05-16 20:30:27

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#11 2012-05-16 21:18:05

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#12 2012-05-17 02:03:46

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#13 2012-05-17 05:13:08

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#14 2012-05-17 06:27:02

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#15 2012-05-17 06:46:57

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#16 2012-05-17 11:23:59

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#17 2012-05-17 12:17:19

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#18 2012-05-17 12:34:53

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#19 2012-05-17 12:50:42

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#20 2012-05-17 13:08:45

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#21 2012-05-17 15:31:17

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#22 2012-05-17 18:05:01

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#23 2012-05-18 03:59:05

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#24 2012-05-18 05:09:26

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

#25 2012-05-18 06:56:02

Re: #! what kind of Anti Virus and Anti Malaware do you recommend.

Board footer