LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-21-2011, 12:51 PM   #1
cygpen
Member
 
Registered: Aug 2011
Posts: 50

Rep: Reputation: Disabled
Question Newbie - Concerned about Anti-virus protection



I am new to Ubuntu (I used Windows for years - until it 'died'. I
installed Ubuntu 11.04 over it via an installation CD).

I am confused and concerned about Anti-Virus protection. I tried to
install 'clamAV' via the Software Center and Synaptic Package Center.
However - it mustn't have as I cannot find it anywhere (to configure it).

I would much prefer an Anti-Virus that scans in real time. Is there
one available for personal-home use???? If not - which Anti-Virus
will allow me to configure it (schedule a time for it to scan etc.) -
and - how would I install it??

This is the 1st of my many posts to this forum. Thank you for any
and all help.
 
Old 08-21-2011, 03:56 PM   #2
camorri
LQ Guru
 
Registered: Nov 2002
Location: Somewhere inside 9.9 million sq. km. Canada
Distribution: Slackware 14.1, 14.2
Posts: 5,090

Rep: Reputation: 483Reputation: 483Reputation: 483Reputation: 483Reputation: 483
Along with loosing windoze ( boo hoo ) you need to loose the thought to have an anti-virus program.

The only reason I can think of to have Clam-av installed is to scan a windowze partition, or scan e-mail files for a virus.

There are linux virus's around, however, due to the design of linux, they can not execute and do their harm unless the user ( you ) allow it. You have to make the virus program executable. Any file downloaded to a linux system is stored as non-executable. Keep in mind there are way fewer linux viruses around.

I have been running linux for about 8 years, and have yet to see a linux virus on any system I have. If you search this forum, you will find many new users asking the same thing. The answer is you do not need one.

Now if you will sleep better at night, Calm-av should install. A long time ago I did use it. If I can remember, there is a gui that is separate for it. I think clam-av is run in a terminal. Open a terminal ( command line ) and type clam-av and see what happens. You can also look in Synaptic for calm-av and read the description. That should tell you if it is command line or not.

See this link -->http://en.wikipedia.org/wiki/Clam_AntiVirus

The gui for clam-av is called KlamAV. Have a look with syaptic for it.

Last edited by camorri; 08-21-2011 at 04:02 PM. Reason: added info and a link.
 
Old 08-21-2011, 04:12 PM   #3
Konphine
Member
 
Registered: Jul 2011
Location: Phoenix, New York
Distribution: Slackware 13.37
Posts: 376

Rep: Reputation: 11
Hello there, and welcome to LinuxQuestions.org!

There aren't that many Linux viruses around, and those that do exist usually target a specific distribution, so it's harder to get a virus in that sense. Although since Ubuntu is common, I do think it is a slightly larger target.

Anywho, (correct me if I'm wrong folks) I believe ClamAV only scans for viruses that can affect Windows. The real security threats to Linux are rootkits.

It sounds like you installed ClamAV from source, but I'm not 100% sure based on the description. What you want to do is find out where you put the ClamAV file. It's probably titled something like ClamAV.tar.gz or something of the sort.

Find it, and extract the files somewhere. You can extract it in a terminal after finding the location where you downloaded it:

Code:
tar -zxvf ClamAV.tar.gz
-z is unzip
-x is extract
-v is verbose
-f is file

You can find the official ClamAV download for Ubuntu here:
http://downloads.sourceforge.net/cla...-0.97.2.tar.gz

The INSTALL.txt or README.txt file gives you the basic and detailed instructions to install it which (for a good portion of installation-by-source programs) are:

Code:
./configure
make
make install
Type in one after the first command has been fully executed.
=========================================================================
However, as I've stated the real threats are rootkits, which can be scanned for by using these 2 programs:

rkhunter
chkrootkit

rkhunter's Official Page: http://rootkit.nl/projects/rootkit_hunter.html
chkrootkit's Official Page: http://www.chkrootkit.org/
 
Old 08-21-2011, 04:17 PM   #4
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,527

Rep: Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898
In addition, you could consider to run rkhunter or chkrootkit
http://www.rootkit.nl/projects/rootkit_hunter.html
http://www.chkrootkit.org/

Kind regards
 
Old 08-21-2011, 07:19 PM   #5
cygpen
Member
 
Registered: Aug 2011
Posts: 50

Original Poster
Rep: Reputation: Disabled
Thank you all for replying so quickly. Thanks to you I was able to get the anti-virus, as well as the
rootkit protection. Regarding rkhunter - how would I select an option when in the terminal (I would want
the default settings)??
I know I will be posting frequently to this great forum.
 
Old 08-21-2011, 10:56 PM   #6
Konphine
Member
 
Registered: Jul 2011
Location: Phoenix, New York
Distribution: Slackware 13.37
Posts: 376

Rep: Reputation: 11
Code:
rkhunter --help
That code can help you get started to scan with rkhunter.
 
Old 08-22-2011, 09:44 AM   #7
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778
If you are going to install and use tools like rkhunter you need to thoroughly read and understand the documentation. These tools will give you false positives. You will need to review the warnings you get and once you confirm that they are indeed false, configure the tool to ignore them. Generally speaking, unless you are running server processes and have open ports (in Linux ports are closed by default) and get your software from the standard repositories, your chances of picking up malware are very small.

It has been while since I have been there, but the security section on Ubuntuforums.org had some really good articles for security for users new to Ubuntu, especially for those coming from a Windows environment.
 
Old 08-22-2011, 11:31 AM   #8
jdkaye
LQ Guru
 
Registered: Dec 2008
Location: Westgate-on-Sea, Kent, UK
Distribution: Debian Testing Amd64
Posts: 5,464

Rep: Reputation: Disabled
Try
Code:
aptitude search clamav
if you see clamav as well as a bunch of other packages on lines beginning with "i" then it's installed.
Code:
i   clamav                                     - anti-virus utility for Unix - command-line interface 
i   clamav-base                                - anti-virus utility for Unix - base package           
i   clamav-daemon                              - anti-virus utility for Unix - scanner daemon
I would agree with Noway2 and Camorri. The likelihood of you getting a virus is virtually nil. Unless you have very very special needs, it is really not necessary to use one.
ciao,
jdk
 
Old 08-22-2011, 11:52 AM   #9
cygpen
Member
 
Registered: Aug 2011
Posts: 50

Original Poster
Rep: Reputation: Disabled
Again thank you all for your help - it was most helpful.
 
Old 08-22-2011, 12:05 PM   #10
netnix99
Member
 
Registered: Jun 2011
Distribution: redhat, CentOS, OpenBSD
Posts: 298

Rep: Reputation: 98
...I agree with the posts above, but if you must (and you don't mind paying) McAfee and Symantec both have a version of their Anti-Virus for Linux and Unix. I actually have instances where I run both, but in the last 3 years, they have not found a virus on any of the systems. It is a huge waste of resources. If you configure the Symantec to scan in real time, you might as well go make a sammich and watch tv, cause you won't get anything productive done on the PC.....
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
NEWBIE..Install USB Devices / Anti Virus..? paulb100 Linux - Newbie 9 05-08-2006 10:57 AM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 03:35 PM
is there any anti-virus protection tools for Linux gexiaofei Linux - Software 4 07-26-2003 07:33 AM


All times are GMT -5. The time now is 04:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration