Linux Mint Forums

[CWB]

hello ,

i have done some checking with google trying to find out about an AV for mint 13 w/mate .
(changed over after being totally disgusted with those other "icon driven/new and improved" desktops)
i did find an "old" topic here titled "state of virus scanners ..." , the results of the tests in that thread are not too encouraging .
i have run bitdefender in ubuntu and used it to "decontaminate" recovered windows files ... worked great .

i tried to install bitdefender in mint13 w/mate ... no go . the program would not start so i did some research .
i found that i am not the only one with that problem and the fixes varied .
somewhere in the seach i saw it mentioned that bitdefender no longer has a free 'nix version and that eset does have one but it is not free .

i suppose what i am asking here is :
what is going on AV-wise since the date of the thread i read ?
does anone have any links or such that would be helpful (man , it is a google jungle out there) ?

thanks a bunch in advance

[oobetimer]

Actually you do not need AV programs for Mint, but it can be useful for Windows. ClamTK is a virus scanner, which can be installed via package management or command line.

sudo apt-get install clamtk

After installation you need to update a virus database using command sudo freshclam

http://www.youtube.com/watch?v=L98wEdcKe5c

http://clamtk.sourceforge.net/faq.html

[CWB]

thanks for the quick response .
i'll give clam a try .

yeah , supposedly one does not need AV/AM for 'nix stuff ... however ...
i use my machines for helping out my friends that have windows files/drives/machines that are infected .
there is also the issue of being a "typhoid mary" ... my 'nix machine may not suffer but i do not want to pass anything on .

thanks again .

[nomko]

There are so many topics about anti-virus tools and if it is needed or not. This was a reply of me in another topic which (i think) describes the best when using a ant-virus tool:
viewtopic.php?f=61&t=108103&p=619687#p618715

[homerscousin]

Back when I was running Windows, I used Comodo AV/Firewall. I kinda liked it. It's free. They now have a Linux version. I haven't looked into it, but here is the forum URL

http://forums.comodo.com/index.php

[nomko]

There is basically no need to run anti-virus and/or anti-malware under Linux since Linux is more secure than Windows due to a different architecture and better rights management system.

[Hiero2]

AVG and Bitdefender still show up in a search on "anti-virus" - as offering packages for the linux platform. Dr.Web runs their program rescue disk using linux as the platform. (Does that sentence make sense? Dr.Web has an emergency cd iso (live-cd) you can download and burn. It is linux, and you run the rescue from the live cd. )

The biggest danger, and it is also a danger to linux users, these days, is not viruses, but malware on the internet. While we have seen no exploits yet, this is certainly because linux is not a preferred target - read that as no money in it for the hacker. For this reason I highly encourage anyone I have influence with to use programs like no-script for FF. Chrome has a similar program. A properly patched system is also pretty important - but at the annual breakage fests, the hackers still always manage to get in!

[nomko]

AVG and Bitdefender still show up in a search on "anti-virus" - as offering packages for the linux platform.

AVG offers an free anti-virus tool. But the last time i installed it, it was a terminal command operated program. Bitdefender offers a paid version.

Dr.Web runs their program rescue disk using linux as the platform. (Does that sentence make sense?

Yes, it makes sense. They use Linux because they know that Linux is lesser vulnerable for Virusses and much more secure than Windows.

Dr.Web has an emergency cd iso (live-cd) you can download and burn. It is linux, and you run the rescue from the live cd. )

Best system to run an emergency disc...Linux!

The biggest danger, and it is also a danger to linux users, these days, is not viruses, but malware on the internet.

Examples please in which malware threatens Linux..

While we have seen no exploits yet, this is certainly because linux is not a preferred target - read that as no money in it for the hacker.

The reason for it is not that hackers don't see money in it. The reason for it the more secure rights management system of Linux. To bypass that you need the password of the user and since every user has it's own created password it is really difficult for a hacker to gain access to that password. Or even find out which password is being used. This will take a lot of time to find out which any virus/malware/spyware doesn't have.

For this reason I highly encourage anyone I have influence with to use programs like no-script for FF. Chrome has a similar program. A properly patched system is also pretty important - but at the annual breakage fests, the hackers still always manage to get in!

Best to do is keep your system up-to-dated! Any add-on for Firefox sounds good, but it only protects Firefox and not your whole system! Add-on's such as no-script aren't firewalls or anti-malware or ant-virus tools. Keep that in mind.

[sammiev]

BitDefender offers a free version to Linux users for years now. I have been using BitDefender and install it on all Linux computers I use or help setup for others. Here is a little read on how it helped me. http://ubuntuforums.org/showthread.php?t=1992822

[Hiero2]

. . .The reason for it is not that hackers don't see money in it. The reason for it the more secure rights management system of Linux. . . .

If that were indeed the case, then Mac OSX would also be more secure by design. But, Mac is almost always the first to fall to the hackers. Why is this? The winning hackers and competitors have told us quite clearly - there is more money in the real world for hacking exploits that break into Windows - so they don't even use their best Windows exploits, according to them. The Mac exploits get more prestige and name recognition. They also win money from the contest. However, the amount of prize money ~$10K as I recall (update, 15K in 2012), is less than what their best Windows exploits will earn them in the real world (~$50K or more, according to them). Look up pwn2own.

For this reason I highly encourage anyone I have influence with to use programs like no-script for FF. Chrome has a similar program. A properly patched system is also pretty important - but at the annual breakage fests, the hackers still always manage to get in!

. . .Best to do is keep your system up-to-dated! Any add-on for Firefox sounds good, but it only protects Firefox and not your whole system! Add-on's such as no-script aren't firewalls or anti-malware or ant-virus tools. Keep that in mind.

We agree that keeping the system up-to-date is important.

But, forbidding scripts protects the whole system. Rights are gained by exploiting vulnerabilities in software. No password needed. Then malware is installed, and bingo, you're a bot. Using scripts are often how malware gains admittance to these higher security levels. They don't need your password with all the exploits available. Follow something like the CERTStation newsletter (http://www.certstation.com/#tma-tab), and you'll see. Check out the exploits from pwn2own that have been released. People get in through the browser. Up-to-date patches are only one aspect of good security.

And, you might like to think linux is invulnerable, but it is not. There isn't any money in breaking it - we are still too small a percentage of the computer population to bother with. Denying this does not change that linux is not unbreakable. The fact that the design makes it inherently more secure does not mean as much as people would like it to. Again, if it were the design of rights and passwords, Macs would be the last to fall, not the first.

As for existing examples, check wikipedia - if I recall, they have some linux viruses listed. But, again, viruses are NOT the primary threat today. Malware is, and malware gets in through email and browsers.

The second lesson from Pwn2Own is that the browser is the new Achilles heel of security regardless of the hardware or software platform.

http://www.pcworld.com/article/192419/security_lessons_learned_from_pwn2own_contest.html

[Hiero2]

Huh - an example was asked for - and I was too lazy to spend my time searching - but not 30 seconds after I posted my last reply, I ran into this:

http://certstation.blogspot.com/2012/12/linux-servers-targeted-by-new-drive-by.html

The danger is real, and the danger includes linux. Be educated, and stay up-to-date. Don't be in denial.

[nomko]

Huh - an example was asked for - and I was too lazy to spend my time searching - but not 30 seconds after I posted my last reply, I ran into this:

http://certstation.blogspot.com/2012/12/linux-servers-targeted-by-new-drive-by.html

The danger is real, and the danger includes linux. Be educated, and stay up-to-date. Don't be in denial.

Ofcourse the danger is real and it cannot be ignored. But the danger is much lesser than for Windows servers/desktops. Like i said, it's much more difficult for a trojan/virus to get an Linux system on it's knees due to the much better and much more secure user rights managements.

I never said you should ignore the threat and be blind for it. The best thing to do is keep your system up-to-date and make sure you're running the latest version of any Linux distro. I won't say that an older version is more vulnerable, but the security risk is much higher than with a newer version since newer version have al the latest updates onboard. There's a reason for it that older version aren't supported any longer. As a normal home-user you don't have to be that afraid that your system will be hijacked or infected. A hacker hasn't got any intention to spend so much time on 1 single system just to get it infected. A server is much more interesting.

But basically it is up to the user in how far he/she believes all those horror stories. If you, as a user, thinks that an anti-virus/malware tool is required, be my guest and use it. But don't fall into the trapp of misguided belief of having good security. There's nothing exisiting like really good security! The biggest security thread does not come from the internet, but is sitting in front of the computer