LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-16-2007, 02:39 AM   #1
cactusface
Member
 
Registered: Jun 2007
Location: Leicester. UK
Distribution: Simple-Mepis
Posts: 32

Rep: Reputation: 15
Post Anti-Virus


I have a friend who likes the idea of Linux, but is almost petrified by the idea of a virus attact,loosing all his info/data or crashing the system. (He's the same with his current windows setup?? and uses AV, spyware, anti hacking, etc)

I don't think its a problem... Any ideas or help?? any Good Anti-virus programs for linux?

Regards

Mel.

Last edited by cactusface; 07-16-2007 at 02:41 AM.
 
Old 07-16-2007, 02:44 AM   #2
AceofSpades19
Senior Member
 
Registered: Feb 2007
Location: Chilliwack,BC.Canada
Distribution: Slackware64 -current
Posts: 2,079

Rep: Reputation: 58
I don't know of anybody actually getting a linux virus but theres ClamAV, you can also get AVG and Avast for linux
 
Old 07-16-2007, 03:01 AM   #3
St.Jimmy
Member
 
Registered: Jun 2006
Location: Boaz,Alabama
Distribution: Ubuntu 10.10 / Windows 7 Pro 64-Bit / Snow Leopard 10.6.4 64-Bit
Posts: 152

Rep: Reputation: 30
Linux viruses, classically, are
few and far between
slow to propogate
and easy to kill.
Just don't run as root most of the time, and boot to knoppix and run chrootkit every once in a while.
 
Old 07-16-2007, 03:07 AM   #4
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,275

Rep: Reputation: 370Reputation: 370Reputation: 370Reputation: 370
Also, make back-ups regularly, either to another machine over the network or to CDs/DVDs (preferably both). Viruses/hackers aren't the only things that can destroy data ... hard drives do fail on occasion.
 
Old 07-16-2007, 11:00 AM   #5
JamesHall
Member
 
Registered: Feb 2006
Location: Oxford, UK
Distribution: openSUSE 13.1
Posts: 76

Rep: Reputation: 15
All of the above advice is very sound. Good security practice is the same regardless of which OS you're using, and there are some very good Linux AV products out there. Personally I've been using F-Prot for Linux for quite a while now:

http://www.f-prot.com/products/home_use/linux/

Free to download, but I strongly recommend you read the documentation under the 'Documentation for F-PROT Antivirus for Linux Workstations' link near the top of the page to make sure you have a nice easy install experience.

If your friend is that concerned about security, Linux is actually a great choice for him. As well as the lower risk of malware infection, Linux gives you much more control and transparency with regard to your system so you can actually see much more of what's going on 'under the hood' than you can with Windows.

I made the switch to Linux two years ago and I've never looked back - if you can get your friend over the first hurdle I'm sure he'll wish he'd done it years ago too. Good luck!
 
Old 07-16-2007, 04:37 PM   #6
jakykong
Member
 
Registered: Apr 2006
Location: Washington
Distribution: Debian Gnu/Linux Lenny on AMD64x2 (32-bit mode), an AMD Sempron 64 laptop, debian, 32bit
Posts: 101

Rep: Reputation: 15
Probably not the most sound advice, but personally, I've been running linux for several years and haven't ever seen anyone getting a virus (on a linux box).
I still keep clamAV around, and scan annually, but even so, neither have I ever been infected.

IMO, virus scanners in linux seem much more targetted at preventing propagation to windows computers than at cleaning up infections within linux.

You can reassure your friend that he's much more likely to lose data from hardware failures than from malicious software.
 
Old 07-16-2007, 04:47 PM   #7
Mustafa^Qasim
Member
 
Registered: Dec 2005
Location: Lahore, PK
Distribution: Fedora 14
Posts: 105

Rep: Reputation: 16
Linux Didn't need Antivirus for itself

Well! Linux box itself didn't need any antivirus. If you just keep your kernel patches update, not use root then you are completely free of virus. Antivirus on Linux are used just

a) your Linux box is a file server for Windows machine, so if someone put infected data on ur box then it will not infect ur LInux box but if someone else windows user copy that data then it can spread the virus.. so on Linux file server we use to clean infected files coming frm windows users to avoid the propagation of virus.

b)If you machine is a mail server of router then u can put an antivirus to scan the traffic to avoid virus propagation in ur network.

otherwise on a workstation i never heard of a virus attack.

Just put a well developing linux distro n keep its update and get relaxed..

Last edited by Mustafa^Qasim; 07-16-2007 at 04:49 PM. Reason: spell mistake
 
Old 07-16-2007, 05:39 PM   #8
jakykong
Member
 
Registered: Apr 2006
Location: Washington
Distribution: Debian Gnu/Linux Lenny on AMD64x2 (32-bit mode), an AMD Sempron 64 laptop, debian, 32bit
Posts: 101

Rep: Reputation: 15
Quote:
Originally Posted by Mustafa^Qasim
Well! Linux box itself didn't need any antivirus. If you just keep your kernel patches update, not use root then you are completely free of virus. Antivirus on Linux are used just
Quote:
Originally Posted by Mustafa^Qasim
Just put a well developing linux distro n keep its update and get relaxed..
Be careful.

Linux, like any other piece of software, is susceptible to bugs. They aren't always obvious, even to the programmer. With bugs comes the possibility of viruses. Networked computers are inherently insecure; we can help, but there's no way to plug every hole.

Granted, Linux is far less susceptible to such bugs due to it's development model. To date, I haven't heard of any viruses on linux. But, there is no theoretical reason that a virus couldn't be WRITTEN for linux, sometime in the future.

To have confidence in your safety is good (without it, you'd probably become paranoid). To have so much confidence that you ignore everything is dangerous.

Last edited by jakykong; 07-16-2007 at 05:43 PM.
 
Old 07-16-2007, 07:58 PM   #9
New2Linux2
Member
 
Registered: Jan 2004
Location: Arizona
Distribution: Debian
Posts: 153

Rep: Reputation: 43
Article published on 5/22/2000 (a bit out of date, but applicable to the subject at hand) by Gene Spafford has this to say:

Quote:
Analyze statistics from anti-virus researchers, companies, and on-line documents. You will find that there are currently about 60,000 recognized computer viruses (not worms, such as Melissa or ILOVEYOU, but traditional viruses). Of these (as of this week):

* slightly less than 52,000 are viruses for DOS/Window/NT platforms
o about 6000 of these are Word macro viruses
o about 150-200 of these are known to be widespread "in the wild"
o in 1999, approximately 650 new viruses were reported each month (more than 20 a day)
* 680 are for the Amiga
* A few hundred are for Javascript, Hypercard, Perl, and other scripting languages. Few of these can spread beyond a few machines without active support of the users
* 150 are for the Atari
* 31 are native to the Macintosh, and only two of them are known to exist anymore
* 2 or 3 are viruses native to OS/2
* About 5 are for Linux/Unix/etc, but none have been found in quantity "in the wild", nor would they be likely to spread very far if they were "loose"
* None are for BeOS, ErOS, or other small-population systems.

So, over 85% of all the known viruses are for Microsoft platforms (nearly all the self-propagating worms are as well). The rate of new reports -- especially for macro viruses -- means that pattern-based virus detectors can never be up-to-date and provide 100% protection. (Note: I'm not trying to draw grand conclusions here about the reasons for this skew, but simply point out where the overwhelming threat is.) Fast-spreading, self-propagating worms using Outlook move so quickly that they are likely to be upon us before an anti-virus vendor can even get a copy to analyze.
So 7 years ago, the odds of you getting a virus in linux were only one in twelve thousand and none of them were capable of doing any serious damage unless the user was logged in as root when the system was infected. I have not yet seen an updated set of numbers on this subject.
 
Old 07-16-2007, 09:59 PM   #10
St.Jimmy
Member
 
Registered: Jun 2006
Location: Boaz,Alabama
Distribution: Ubuntu 10.10 / Windows 7 Pro 64-Bit / Snow Leopard 10.6.4 64-Bit
Posts: 152

Rep: Reputation: 30
http://en.wikipedia.org/wiki/List_of...uses_and_worms

The fact that the article is marked as a stub should give you ease.
 
Old 07-16-2007, 11:54 PM   #11
jakykong
Member
 
Registered: Apr 2006
Location: Washington
Distribution: Debian Gnu/Linux Lenny on AMD64x2 (32-bit mode), an AMD Sempron 64 laptop, debian, 32bit
Posts: 101

Rep: Reputation: 15
Quote:
Originally Posted by St.Jimmy
http://en.wikipedia.org/wiki/List_of...uses_and_worms

The fact that the article is marked as a stub should give you ease.
I don't know about you, but if I were still new to linux and I were worried about viruses, my post being a 'stub' would worry me: nobody's paying attention to my problem

Quote:
Originally Posted by New2Linux2
So, 7 years ago, the odds of you getting a virus in linux were only one in twelve thousand and none of thm were capable of doing any serious damage unless the user was logged in as root when the system was infected. I have not yet seen an updated set of numbers on this subject.
I haven't seen any updated statistics either. It does seem to fit that very few trojan horse or script-based viruses would get spread around: most people use a distribution like debian or mandrake, where all the packages come from a central repository. Since that repository is typically 90% or more open-source, trojan horses wouldn't likely be posted.

However, other viruses seem reasonable. For example, I would say most web servers today are run with Apache or Tomcat (I don't hear about windows servers much any more, but I don't have statistics to back me), if someone were to write a virus that attacked the apache web server, it could do some significant damage.
Likely, a patch would be out in no time to solve the problem. However, it doesn't usually take very long for a well-written virus to do it's job. That is, however, exactly why a virus scanner for linux wouldn't be very effective (that doesn't mean don't get one. This is my opinion, not a professional statement or fact). There aren't enough 'stable' bugs to exploit. So, a virus has to do it's job quickly before a patch gets out to fix the bug it exploits.

I find the discussion interesting. I'd like to hear some more different opinions about viruses in linux.

Last edited by jakykong; 07-17-2007 at 12:08 AM.
 
Old 07-17-2007, 06:25 PM   #12
mcmillan
Member
 
Registered: Jul 2005
Distribution: Arch
Posts: 489

Rep: Reputation: 30
I agree with what people have been saying, but this statement bugged me for it's wrongness of statistics
Quote:
So 7 years ago, the odds of you getting a virus in linux were only one in twelve thousand
That's not the correct way to figure out the chances of getting a virus. That's the chance that a randomly chosen virus would be able to infect a linux system. I'm having trouble seeing a good way to actually quantitatively define the probability of getting a virus, but it would be more like seeing how much time is spent with a linux system uninfected versus an infected system. Whatever that probability is, it's probably even less than the 1 in 12 figure you gave.
 
Old 07-17-2007, 06:48 PM   #13
jakykong
Member
 
Registered: Apr 2006
Location: Washington
Distribution: Debian Gnu/Linux Lenny on AMD64x2 (32-bit mode), an AMD Sempron 64 laptop, debian, 32bit
Posts: 101

Rep: Reputation: 15
Quote:
Originally Posted by mcmillan
I agree with what people have been saying, but this statement bugged me for it's wrongness of statistics


That's not the correct way to figure out the chances of getting a virus. That's the chance that a randomly chosen virus would be able to infect a linux system. I'm having trouble seeing a good way to actually quantitatively define the probability of getting a virus, but it would be more like seeing how much time is spent with a linux system uninfected versus an infected system. Whatever that probability is, it's probably even less than the 1 in 12 figure you gave.

Better stated, if you come in contact with a virus, there is a 1 in 12,000 chance that that virus is capable of infecting your system (assuming you run linux)

Last edited by jakykong; 07-17-2007 at 06:50 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Microsoft Anti-Spyware Deleting Norton Anti-Virus LXer Syndicated Linux News 0 02-13-2006 05:31 AM
Anti Virus/ Anti Spam for Linux? Sp@rticus Linux - Software 3 11-18-2005 03:17 AM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 03:35 PM
Best Anti-spam and Anti-virus application? vittibaby Linux - Newbie 6 10-21-2003 08:21 AM
Creating an ultimate anti-virus and anti-spam email gateway markcc Linux - Networking 2 10-08-2003 04:10 AM


All times are GMT -5. The time now is 02:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration