Originally Posted by liquorUp
I know linux is not immune to viruses but is rare in linux.
Quite. Depending on whose classification you agree with you'll end up with about ten to twenty "true" viruses but even then most of them are proof of concepts. (The one I see commonly is the old Virus.Linux.RST.a
but I should emphasize I'm not an average Desktop Linux user.)
The main problem however is not in the realm of viruses, trojans, worms, keysniffers, other malware or rootkits but users lack of knowledge and common sense, fueled by misconceptions.
"Safe HEX", as frankbell already pointed out
- don't install / run software you don't need now.
- do update
software when updates are released.
- don't install / run software you can't trust or that's unsupported.
- don't accept or run any files on behalf of others.
- don't give access to your file system easily and don't run services you don't need.
- harden your file system and restrict access to accounts and services that need to be exposed.
- regularly verify the integrity of your file system, accounts and check system and service logs.
- ensure backups are made regularly.
- be mindful of your responsibilities towards other 'net users.
- don't run outdated user land software like web browsers, plugins, P2P software etc, etc.
- do run
. (When I say "need" I mean on-line banking, business and other such purposes. Most people don't even need Java. Java Games don't count, period.)
- be ever mindful of your surroundings. After all the 'net is just like the place where you live in that there's probably locations where you shouldn't venture for obvious reasons. Also greed / lures don't work differently simply because it's the Internet: there is no free money
This all should convey that running antivirus software is not the first aspect to address, it's only useful in a complementary role and only helpful if you share (regardless of the way) email, files, etc, with Operating Systems that are more prone to catching fire. (Or if, like me, you tend to work a lot with files of unknown or dubious origin and would like quick triage capabilities.) LMD does deserve a special mention: if you run a web or any other publicly accessible server then it's definitely suggested.