LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-17-2013, 12:57 AM   #1
greenmachine63
LQ Newbie
 
Registered: Nov 2013
Posts: 1

Rep: Reputation: Disabled
Anti Virus


should you have anti virus running on linux system? if so does anyone know of a GOOD FREE
antivirus program and a good firewall?
 
Old 11-17-2013, 01:27 AM   #2
sag47
Senior Member
 
Registered: Sep 2009
Location: Orange County, CA
Distribution: Kubuntu x64, Raspbian, CentOS
Posts: 1,845
Blog Entries: 36

Rep: Reputation: 453Reputation: 453Reputation: 453Reputation: 453Reputation: 453
I don't personally use an AntiVirus software on my workstation but if I did it would probably be AVG. As far as a firewall goes I always recommend iptables (it comes pre-installed on many distros or is in package management). iptables requires you to know a bit about networking so don't expect it to be pointy clicky user friendly like Windows Firewall. You didn't specify what distro you're using so there's not much more that can be said.

If you're not looking to run any hosted services or require other computers to connect to your system then here's a good iptables config which basically allows you to do your work and blocks everybody from your system.

Code:
#load firewall config with iptables-restore < iptables.rules
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
#The following rules required for normal communication
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

#allow incomming ping (optional, can be commented out)
-A INPUT -p icmp -m state --state NEW -m icmp --icmp-type 8 -j ACCEPT

#enable firewall denied connections logging
#keep rules commented unless troubleshooting
#-N LOGGING
#-A LOGGING -p tcp -m limit --limit 2/min -j LOG --log-prefix "iptables DROP: " --log-level 4
#-A LOGGING -j RETURN
#-A INPUT -j LOGGING
#-A FORWARD -j LOGGING

#Required, any traffic that is not allowed will be dropped by these rules
#Never comment these out unless you know what you're doing.
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
EDIT: Ubuntu comes with ufw firewall which is a wrapper for iptables.

https://help.ubuntu.com/community/UFW

So you can use my iptables config or ufw on Ubuntu systems.

Last edited by sag47; 11-17-2013 at 11:54 AM.
 
Old 11-17-2013, 05:41 AM   #3
Mr. Bill
Member
 
Registered: Mar 2011
Location: Maryland, USA
Distribution: Xubuntu 14.04 - 64
Posts: 185

Rep: Reputation: 14
Quote:
Antivirus is rapidly becoming irrelevant in the current malware world
Internet Storm Center

Tricking users into installing traditional malware with their tell-tale signatures has been on the decline for some time, now. Keeping your system up-to-date is your best protection as vulnerabilities in the OS/software have been the main venue of late. Personally, I also use a router/firewall with default name/password changed as well as the Firefox browser with the Ad-Block Plus addon.
 
Old 11-17-2013, 10:40 AM   #4
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,284

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
If you do feel the need to have AntiVirus, I've found ClamAV to be a good free product. However, I agree with the poster's above that it's generally not necessary on a Linux machine and may even lull one into a false sense of security. The only time I'd consider using it is on a server that serves files to Windows clients.
 
Old 11-17-2013, 11:35 AM   #5
DavidMcCann
Senior Member
 
Registered: Jul 2006
Location: London
Distribution: CentOS, Salix
Posts: 4,269

Rep: Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268Reputation: 1268
The firewall (iptables) is built-in. The only catch is that Debian-based distros usually have it turned off; no doubt they can explain that to their satisfaction. If you have something like Ubuntu, install gufw, run it, click on "unlock" and then on "on". You also need to switch it on with PCLinuxOS, but their tool is in the menu. If you have a distro with "point and click" firewall configuration (Fedora, CentOS, OpenSUSE, PCLinuxOS), just make sure no port is marked as open.

And please put your distro in your profile: it makes it so much easier to answer your questions!
 
1 members found this post helpful.
Old 11-17-2013, 11:54 AM   #6
Captain Pinkeye
Member
 
Registered: Oct 2012
Location: The Czech Republic
Posts: 280

Rep: Reputation: 97
Quote:
Originally Posted by greenmachine63 View Post
should you have anti virus running on linux system?
No.
 
Old 11-17-2013, 03:57 PM   #7
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 16,990

Rep: Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448Reputation: 2448
No , but maybe yes

if you dual boot with windows then ALSO use ClamAV in conjunction with Norton or McAfee
-- Clam will find things that norton and Mcafee mis
if you download files then share them with friends using WINDOWS then use ClamAV to scan them for WINDOWS viruses
( pdf's and tiff images are the new thing right now )

if you run a mail server and windows clients use it
run clamAV's mail deamon
 
1 members found this post helpful.
Old 11-17-2013, 08:50 PM   #8
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 11,687
Blog Entries: 12

Rep: Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903Reputation: 2903
I use AVG. For a frontend of to iptables, I have been using Firestarter, but it's no longer under development.

The Arch Wiki has a good section on GUI frontends for iptables.
 
Old 11-18-2013, 05:17 AM   #9
Captain Pinkeye
Member
 
Registered: Oct 2012
Location: The Czech Republic
Posts: 280

Rep: Reputation: 97
I was little harsh there. But note that GNU/Linux doesn't need any antivirus by itself, you always install it because of the Windows. If you dualboot, it might be handy (though if you have one on Windows, it's kinda redundant), but would you add unnecessary bloat to your system because of people running unsafe OS?

My main concern is newcomers from Windows, who may install AV just because they had one on Windows and they might think it's normal to have it on any OS. No, you don't need it on Linux, it won't make your Linux system more secure.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Anti-spam anti-virus dovecot + postfix mail system xuta Linux - Server 7 06-08-2012 06:31 PM
LXer: Postfix Backup Mail Server Anti-Spam / Anti-Virus Configuration LXer Syndicated Linux News 0 05-05-2009 03:00 PM
LXer: Microsoft Anti-Spyware Deleting Norton Anti-Virus LXer Syndicated Linux News 0 02-13-2006 05:31 AM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 03:35 PM
Creating an ultimate anti-virus and anti-spam email gateway markcc Linux - Networking 2 10-08-2003 04:10 AM


All times are GMT -5. The time now is 11:09 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration