State of virus scanners on Linux?

Chat about Linux in general

State of virus scanners on Linux?

Postby xenopeek on Fri Jul 20, 2012 8:56 am

As virus scanners are coming up from time to time as a topic, I thought to give the free ones I could find a try to get some impressions. I chose to try them on Linux Mint 13 MATE 64 bit. Except for ClamAV and LMD I was unable to get any working, so I'm clearly disappointed and had expected less problems on a Ubuntu derivative distro. Did I make some errors, or miss some free virus scanners? Wondering about the experiences of others here.

And I'm hoping we can make this topic not about whether virus scanners are needed or not :) Defence in depth makes sense to me and I do share files with Windows systems.

Avast!
Downloaded the deb file from from http://www.avast.com/linux-home-edition. After installation visited http://www.avast.com/i_kat_207.php?lang=ENG for the mandatory (but free) registration for a 1 year license. After receiving the license key by email, ran avast from the terminal as from the GUI it wouldn't open. Entered the license key.

Running avast then fails with the following error:
Code: Select all
/usr/bin/avast: 178: /usr/bin/avast: /usr/lib/avast4workstation/bin/avast: not found

Running avastgui also fails, with the following error:
Code: Select all
/usr/bin/avastgui: 178: /usr/bin/avastgui: /usr/lib/avast4workstation/bin/avastgui: not found

Running avast-update works, but not much use without the other two...

Conclusion: fail :(

AVG
Downloaded the deb file from from http://free.avg.com/download.tpl-stdfull.prd-alf. It fails to install with the following error:
Code: Select all
Selecting previously unselected package avg2012flx.
(Reading database ... 152223 files and directories currently installed.)
Unpacking avg2012flx (from .../avg2012flx-r1793-a5062.i386.deb) ...
Setting up avg2012flx (2012.1793) ...
Installing 'avgd' service initscripts...
Registering 'avgd' service to runlevels...
 Adding system startup for /etc/init.d/avgd ...
   /etc/rc0.d/K20avgd -> ../init.d/avgd
   /etc/rc1.d/K20avgd -> ../init.d/avgd
   /etc/rc6.d/K20avgd -> ../init.d/avgd
   /etc/rc2.d/S20avgd -> ../init.d/avgd
   /etc/rc3.d/S20avgd -> ../init.d/avgd
   /etc/rc4.d/S20avgd -> ../init.d/avgd
   /etc/rc5.d/S20avgd -> ../init.d/avgd
Registering with license: LUWKJ-KBRC4-AABPT-QNJNP-DO9QI-M4FKI
/usr/bin/avgctl: 17: exec: /opt/avg/av/bin/avgctl: not found
dpkg: error processing avg2012flx (--install):
 subprocess installed post-installation script returned error exit status 127
Processing triggers for man-db ...
Errors were encountered while processing:
 avg2012flx

Conclusion: fail :(

Avira
Downloaded the "Avira Free Unix/Linux" from http://www.avira.com/en/download/produc ... -antivirus. Extracted the files and ran "sudo ./install" as given in the instructions. It fails to install with the following error:
Code: Select all
It is not possible to install AVIRA AntiVir Workstation (UNIX), because your system platform is not supported.

Conclusion: fail :(

BitDefender
While various websites are sharing you can download a free edition of BitDefender at http://www.bitdefender.com/business/ant ... nices.html, I could not find a free edition. Only a trial edition.

Conclusion: no longer free :(

ClamAV
Can easily be installed with a front-end by installing clamtk, as in:
Code: Select all
sudo apt-get install clamtk

Conclusion: while it works, the front-end takes a bit of getting used to as it isn't very user friendly IMHO. One of the reasons for me to try other free virus scanners.

F-Prot
A free edition of F-Prot can be downloaded at http://www.f-prot.com/download/home_use ... linux.html. But I couldn't find a 64 bit edition, only a 32 bit editon.

Conclusion: no support for 64 bit systems :(

Linux Malware Detect (LMD)
LMD is a malware scanner for Linux for the threats faced in shared hosted environments. A tarball can be downloaded from http://www.rfxn.com/projects/linux-malware-detect/, and is easily installed.

Conclusions: while it works, it isn't really meant for desktop use. If you run Linux in a shared hosted environment it is certainly something to explore! (If you have a Linux server hosted by somebody else, and unless you know the difference, assume it is in a shared environment.)
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14725
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Linux Mint is funded by ads and donations.
 

Re: State of virus scanners on Linux?

Postby /dev/urandom on Fri Jul 20, 2012 8:59 am

According to your logs, it seems that most of them "only work" on openSUSE, Fedora, Ubuntu or something and already fail when only one path is different or something. If I were you, I would simply file a bug report. :)
Linux is not the only answer! :: eD2k/Kad mirrors for Linux Mint and LMDE.
Users who misspell "Windows" as "Windoze" intentionally will be considered stupid.

Image
User avatar
/dev/urandom
Level 4
Level 4
 
Posts: 491
Joined: Sun Jul 17, 2011 8:02 pm

Re: State of virus scanners on Linux?

Postby xenopeek on Fri Jul 20, 2012 9:22 am

I'd be happy to do that, but I find it surprising so many fail to work with a Ubuntu derivative. While Linux Mint adds to Ubuntu, it doesn't change paths for Ubuntu provided files. Hence my disappointment.
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14725
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: State of virus scanners on Linux?

Postby /dev/urandom on Fri Jul 20, 2012 9:47 am

Do they work on Ubuntu then?
Linux is not the only answer! :: eD2k/Kad mirrors for Linux Mint and LMDE.
Users who misspell "Windows" as "Windoze" intentionally will be considered stupid.

Image
User avatar
/dev/urandom
Level 4
Level 4
 
Posts: 491
Joined: Sun Jul 17, 2011 8:02 pm

Re: State of virus scanners on Linux?

Postby xenopeek on Fri Jul 20, 2012 10:14 am

AVG gives the same error on Ubuntu 12.04. Avast! might work on Ubuntu, but it would surprise me. Even so, with BitDefender not being free any longer, F-Prot and apparently Avira not supporting 64 bit, having only Avast! as an option besides ClamAV is slim pickings.
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14725
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: State of virus scanners on Linux?

Postby /dev/urandom on Fri Jul 20, 2012 10:21 am

According to the internet (here) the trial version of BitDefender has some button to claim a free key?
Linux is not the only answer! :: eD2k/Kad mirrors for Linux Mint and LMDE.
Users who misspell "Windows" as "Windoze" intentionally will be considered stupid.

Image
User avatar
/dev/urandom
Level 4
Level 4
 
Posts: 491
Joined: Sun Jul 17, 2011 8:02 pm

Re: State of virus scanners on Linux?

Postby marko_s on Fri Jul 20, 2012 11:30 am

Just tried Avast myself, and I have to say I am not impressed :(

I use 64-bit system, and the downloaded .deb is... 32-bit. Okay, installed it anyway, it might still work...

Got the free registration key, put it in before I could even open the program, the program opens... and it is just ugly, like something out of the 1990's :shock: A dull grey window that doesn't entirely fit my Linux Mint 13 screen and cannot be resized :lol:

Tried to update the virus signatures (which were from 2009, like the program itself), and... it crashes. Now it won't even restart. Maybe after I restart the computer? Haven't bothered to do that yet.

Yeah, at least Clamav works, and it really seems to be the only option left what comes to anti-virus software on Linux :? Then again, there still isn't much use for a virus scanner on Linux *fingers crossed* :)

EDIT 1:

Bitdefender was actually a pretty nice program last time I used it. Too bad to hear that it isn't free for home use anymore - on the website there was only talk about "trial version" - whatever that means in this case - do you have to pay for it after a while? Is it still free for home use? What's the deal? They used to have the repositories somewhere, but I couldn't locate them anywhere on the site (which is extremely hard to navigate anyway). :?

EDIT 2:

I removed the Avast package from my computer, I really have no interest messing with it now. It could be that the problem was that it was a 32-bit package on a 64-bit system. I remember trying Avast on a 32-bit Ubuntu sme years ago, and it looked better and if I remember correctly it also actually worked. But it is clear that the Linux version hasn't been updated at least since 2009. So yeah, no Avast :roll:
Linux Mint 13 Maya (MATE)
marko_s
Level 1
Level 1
 
Posts: 29
Joined: Fri Jun 29, 2012 10:36 am

Re: State of virus scanners on Linux?

Postby Klaw117 on Fri Jul 20, 2012 9:24 pm

The link below will give you a free license for BitDefender after filling out the information. You'll be mailed a key to use and judging by what BitDefender says, it should be good for a year before you have to re-apply for a free license key.

http://www.bitdefender.com/site/Products/ScannerLicense/
Klaw117
Level 1
Level 1
 
Posts: 26
Joined: Fri Dec 02, 2011 2:48 am
Location: New York, United States

Re: State of virus scanners on Linux?

Postby xenopeek on Sat Jul 21, 2012 10:43 am

BitDefender looked promising for a few minutes, and the GUI is actually quite nice. They have a repository of deb and rpm packages, so you can easily install it with a few commands and also keep your program up to date automatically. Awesome! You can install it with:
Code: Select all
wget http://download.bitdefender.com/repos/deb/bd.key.asc -O - 2>/dev/null | sudo apt-key add -
sudo apt-add-repository 'deb http://download.bitdefender.com/repos/deb/ bitdefender non-free'
sudo apt-get update
sudo apt-get install bitdefender-scanner-gui bitdefender-common

After installation, there is no menu entry but you can launch it with:
Code: Select all
bdgui

or the console version with:
Code: Select all
bdscan

As shared in the comments earlier, you have a 30 day trial but the GUI includes a link to get a 1 year free license. After updating the virus signatures, trying to scan results in a:
Code: Select all
Segmentation fault

Scanning from the console has the same result.

Conclusion: fail :(
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14725
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: State of virus scanners on Linux?

Postby marko_s on Sat Jul 21, 2012 11:37 am

It might be that these virus scanners just won't work on a 64-bit systems too well?
Linux Mint 13 Maya (MATE)
marko_s
Level 1
Level 1
 
Posts: 29
Joined: Fri Jun 29, 2012 10:36 am

Re: State of virus scanners on Linux?

Postby eanfrid on Sat Jul 21, 2012 11:51 am

It is quite surprising. I was still using Bitdefender last year on my 64bit desktop (pure-Debian Testing) and it was running ok :shock: Since then and because BD is not free and not open-source I switched again to clamav only, which is growing better and better as time goes on. I will try again on a VM :?

Edit: if you go for live-media, there is http://download.bitdefender.com/rescue_cd/2013/ (Ubuntu) and http://www.avg.com/us-en/avg-rescue-cd-download (Debian)

Edit2: I forgot http://www.freedrweb.com/livecd/ but it runs on a Gentoo and is more oriented toward Windows scan/rescue.
Last edited by eanfrid on Sat Jul 21, 2012 12:35 pm, edited 5 times in total.
Main desktop: Debian GNU/Linux Wheezy 64bit w/custom 3.14 longterm kernel - MATE 1.8.1
(i5 2400@3.7GHz - 16GB DDR3 - HD6770 w/radeon driver - SSD+RAID1)
True private storage on SpiderOak
User avatar
eanfrid
Level 7
Level 7
 
Posts: 1784
Joined: Mon Apr 30, 2012 2:49 am
Location: FR

Re: State of virus scanners on Linux?

Postby Klaw117 on Sat Jul 21, 2012 11:56 am

I ran into the Segmentation Fault error as well. However, there is a way around it using a few terminal commands. I'll edit this once I find them again.

EDIT: There are two solutions to this. The first is to use these commands:

Code: Select all
sudo rm /opt/BitDefender-scanner/var/lib/scan/bdcore.so

Code: Select all
sudo ln -s /opt/BitDefender-scanner/var/lib/scan/bdcore.so.linux-x86_64 /opt/BitDefender-scanner/var/lib/scan/bdcore.so

People on other forums stated that these two commands alone work. However, there was a second solution and since I wasn't sure which one to use, I decided to use both. The second solution is to use these two commands:

Code: Select all
sudo -i

Code: Select all
cat /opt/BitDefender-scanner/var/lib/scan/versions.dat.* |awk '/bdcore.so.linux/{print $3}'|while read bdcore_so;do touch /opt/BitDefender-scanner/var/lib/scan/$bdcore_so;bdscan --update;ln -s /opt/BitDefender-scanner/var/lib/scan/$bdcore_so /opt/BitDefender-scanner/var/lib/scan/bdcore.so;done

For some reason, putting sudo before cat /opt... didn't allow the command to run as a superuser, which required me to VERY BRIEFLY use the root account. If you know how to make the cat /opt... command run as a superuser without sudo -i, then use what you know instead since it will probably be safer.

In my case, I used the first solution before using the second solution because I believe I read something saying that the second solution would not work unless bdcore.so was removed first, which I believe the first solution accomplishes with the rm /opt... command. I may be wrong though - my knowledge of Linux is still very basic.

I found the solutions here...:
http://forum.bitdefender.com/index.php?showtopic=30005

...and an explanation for the error here:
http://unices.bitdefender.com/2011/11/01/bitdefender-antivirus-scanner-for-unices/
Klaw117
Level 1
Level 1
 
Posts: 26
Joined: Fri Dec 02, 2011 2:48 am
Location: New York, United States

Re: State of virus scanners on Linux?

Postby xenopeek on Sat Jul 21, 2012 1:44 pm

Thanks Klaw117, I haven't tried that yet but it looks promising. Still, it does underwrite my concern about the state of virus scanners on Linux. They seem to be not well supported, or at least not working out-of-the-box on Ubuntu or its derivatives. Given the user base of Ubuntu I would expect virus scanners for home users to be much better supported on it.

So for now, I'll agree with eanfrid and be happy to recommend ClamAV to users asking about a virus scanner on Linux. Seems to be little point in recommending any of the other solutions to average users.
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14725
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: State of virus scanners on Linux?

Postby Klaw117 on Sun Jul 22, 2012 10:05 pm

Just thought I'd throw this in. I don't really understand your error with avast!, but I read the post below that may help you out. It helped me get avast! working for me.

http://ubuntuforums.org/showpost.php?p=11924343&postcount=5

Oddly enough, I didn't need to force avast! on my 64-bit machine. It seemed to work right after installing and applying the fix above. It might have been because I already installed the 32-bit libraries for my AMD driver. I switched over to avast! from BitDefender after reading that avast! had better detection rates and had automatic updates.
Klaw117
Level 1
Level 1
 
Posts: 26
Joined: Fri Dec 02, 2011 2:48 am
Location: New York, United States

Re: State of virus scanners on Linux?

Postby tancrackers on Tue Aug 07, 2012 11:48 pm

Kaspersky also has a program for Linux. It's mainly for email and servers.
ESET Nod32 has a fantastic full antivirus (paid) for Linux.
Bitdefender's on-demand scanner no longer works for me ever since gnome 3.x
Just your local Arch user!
User avatar
tancrackers
Level 1
Level 1
 
Posts: 6
Joined: Wed May 25, 2011 3:22 pm

Re: State of virus scanners on Linux?

Postby nomko on Thu Aug 16, 2012 6:11 am

The discussion of using an anti-virus tool goes on for many years now. When I started using Linux in 2007, the discussion was already going on. I think there are a few situations for using or not using an anti-virus tool under Linux:
- Standalone Linux system with a wired/wireless connection to the internet
- Linux system integrated in a network which also has Windows systems integrated and with a wired/wireless connection to the internet
- None of above
Then there’s the situation which we all deal with, namely sharing files with Windows-users.

Keep in mind that any file which contains a virus, Linux stores that file with the virus included! The use of different filesystems (Ext3/Ext4 or NTFS) has no effect on the virus itself. The source code of the virus will not be modified or what so ever. The only difference is that Windows viruses will never work on Linux systems due to the major difference in the operating system architecture. The only variation on this statement is, when Windows programs are indeed installed on Linux systems by means of tools like WINE or VirtualBox. Then the Windows virus will do have impact, but only on the Windows programs and not on Linux.

If we take the first situation of the standalone system with only a connection to the internet then an anti-virus tool would be not needed. Unless the user shares files with a Windows-user through the internet, an anti-virus tool would be of assistance. But then the question will rise if we, as Linux users, are responsible for the safety and security of the system of a Windows-user. Meaning, do we need to scan the files we send to the Windows-user for viruses? Yes and no. Yes, to prevent that computer viruses can spread out and no, it is the full responsibility of each individual computer user to secure its own system well.

If we take the second situation of a network in which Linux as well Windows systems are integrated, yes, then we do need an anti-virus tool to avoid unwanted infection of any Windows system through the Linux systems. This situation makes it clear that anti-virus tools installed on Linux systems are very useful. No further explanation required here.

It is clear to say that a Linux system which is not connected to the internet or a network really doesn’t need an anti-virus tool. Unless it is used to share files with a Windows-user ofcourse.

Overseeing my opinion, I can only conclude that the use of an anti-virus tool is only required when the Linux-user is sharing files with a Windows-user. Whether this is done a network connection, through the internet of by using memory cards, USB sticks, CD’s or DVD’s, when a Linux-user shares an infected file with a Windows-user, the Windows system will be infected with that virus which is not noticed by the Linux-user.

Are we, as Linux-users, responsible for the security of the system of a Windows-user? No, we are not! But we can help Windows-users of not getting infected by scanning the files first before we share it with Windows-users. See this as being polite to Windows-users.

But then again, we can make the decision ourselves if we want to use an anti-virus tool or not.
ASUS P5KPL-AM SE*Intel Core2 Quad CPU Q8200*4 GiB ram*nVidia GeForce 9500GT*Realtek RTL8101/8102E*Optiarc DVD-RW AD-7200A*HDD:Samsung HD501LJ/HD103SI*Sitecom X5-N600 Router (WLR-5100)

My personal website
User avatar
nomko
Level 9
Level 9
 
Posts: 2533
Joined: Sat Feb 25, 2012 7:28 pm
Location: The Hague, The Netherlands

Re: State of virus scanners on Linux?

Postby marko_s on Sun Aug 19, 2012 3:28 am

<- Exactly what nomko said.

I think the virus scanner situation in Linux will get a boost only if Linux becomes a much more popular platform for home desktop use. That would probably bring up more viruses and malware directed specifically at Linux systems, hence the bigger need for more up-to-date virus scanners.

So maybe the present situation should be thought of as good - virus scanners in Linux systems are haphazard because the threat level from viruses and malware is so much more low than in Windows systems :mrgreen:
Linux Mint 13 Maya (MATE)
marko_s
Level 1
Level 1
 
Posts: 29
Joined: Fri Jun 29, 2012 10:36 am

Re: State of virus scanners on Linux?

Postby Pierre on Sun Aug 19, 2012 8:14 am

BitDefender
While various websites are sharing you can download a free edition of BitDefender at http://www.bitdefender.com/business/ant ... nices.html, I could not find a free edition. Only a trial edition.

Conclusion: no longer free :(


I've been using this for - years :)

the "trial" is renewed annually - by re-applying for a new 'key' - takes about 30s
It is used for home/personal use - ever since it was installed on Mint from a DEB file.
it's on two dual boot PCs - Mint/XP - so it is used to 'check the XP' partition - not to check the linux partition . . .
Works - Just Fine.
Image
User avatar
Pierre
Level 6
Level 6
 
Posts: 1389
Joined: Fri Sep 05, 2008 5:33 am
Location: Perth, AU.

Re: State of virus scanners on Linux?

Postby AbdRahim on Mon Feb 25, 2013 9:12 pm

Bit Defender works in Ubuntu, but crashes in Mint 14. None of the fixes worked here. :(
AbdRahim
Level 1
Level 1
 
Posts: 2
Joined: Mon Feb 25, 2013 9:08 pm

Re: State of virus scanners on Linux?

Postby Skara Brae on Sun Mar 03, 2013 7:07 pm

I am not going to install a virus scanner, because Windows users (which I am, too, for the record) are too "careless".

As a Windows user, I am not careless. (Well, usually I am not :P But if I ever get a virus, then I will blame only myself.)

At my Windows computers, I have had a virus scanner only once - Panda Antivirus - for a year (may have been 2), and I have had a virus only once: it destroyed a dozen or so files (mp3's, clips, Office documents). Now and then I do a few online virus scans in Windows. They never find anything. (How trustworthy are such online scans?)
Codename "PUMA": Intel Core i5-3450 // Gigabyte GA-H77-D3H // 1 x 4 GB DDR3-RAM // Gigabyte Geforce GT 630 // WD Caviar Blue 500 GB (S-ATA) // Samsung WriteMaster DVD-rw // Aopen QF50C PC case
--
Registered Linux User #495429
Skara Brae
Level 1
Level 1
 
Posts: 48
Joined: Sat Jun 09, 2012 10:45 am

Linux Mint is funded by ads and donations.
 
Next

Return to Chat about Linux

Who is online

Users browsing this forum: Yahoo [Bot] and 7 guests