LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Virus protection - Ubuntu 20.04 (https://www.linuxquestions.org/questions/linux-newbie-8/virus-protection-ubuntu-20-04-a-4175680376/)

alex4buba 08-14-2020 03:43 AM

Virus protection - Ubuntu 20.04
 
I get the impresion that I don't need it, BUT?

How come?
Are there any packages used by people in the group?

Would like to hear from them

Thank you
Alex

hazel 08-14-2020 06:09 AM

You don't need antivirus if all the machines on your network run Linux and you don't regularly exchange files with Windows users. Remember these viruses are written to run in a Windows environment, but a Linux machine can still act as a carrier. However, if you do decide you want to use an antivirus, the commonest one for Linux is clamAV.

agillator 08-14-2020 06:27 AM

Let me expand on what Hazel has said. I am not some expert, just a user of some years.

First, the design of Linux and other Unix-like systems limits the damage malware can do without the almost cooperation of the user, i.e. sheer laziness or stupidity. So part of the impetus of the scoundrel is missing.

Second, the design of Windows makes it so much easier to create serious havoc that the impetus for Windows is greater.

Third, so much more of the computing world runs Windows than runs Linux the return for effort spent is far less for Linux than for Windows.

However, this doesn't mean that writing malware for Linux is impossible - just difficult and hopefully not particularly profitable. I have heard that there are in fact a couple of pieces of malware in the wild that attack Linux. I have not seen them personally nor have I spoken to someone who has. Maybe urban legend, maybe not. But obviously not something anyone worries about. In my opinion a Linux user is apt to know more about his/her computer, environment, and generally be aware of what is going on than others.

So that is the background for Hazel's comments.

hazel 08-14-2020 06:34 AM

Quote:

Originally Posted by agillator (Post 6155777)
Third, so much more of the computing world runs Windows than runs Linux the return for effort spent is far less for Linux than for Windows.

I would dispute that. Most desktop and laptop systems run Windows, but practically all servers run Linux. And surely the kind of scum who write viruses would rather crash a major company server (if they could) than some pimply teenager's laptop.

The fact that you seldom hear of such a thing is testimony to the other points that agillator raised. Unix systems are largely immune to malware by virtue of good design.

agillator 08-14-2020 07:00 AM

I must concede that point, Hazel. I must admit I was thinking primarily of desktops and laptops, not servers. However how many corporate laptops and desktops run Windows compared to Linux? It is still an extremely lucrative field for viruses and other malware. Look at the ransomware epidemic which is certainly not attacking some teenager's laptop or some corporate or municipal server. Granted ransomware is not a virus, per se, but is still pretty serious malware.

alex4buba 08-14-2020 07:32 AM

Hello friends,

I am very happy to see the feedback here. My personal case is as follows:

1) I am a retired webdesigner, working on my own at home
2) Obuntu is installed in a dual-bbot alongsie Windows 10 partition
3) I am still booting into Windows once weekly to run a LifSize video conference, this service is NOT working vary well under Linux.
4) My wife and I have 4 Android devices (2 mobile phones + 2 Tablets) and we access our email accounts.
5) Our current desktop has a unified inbox on Evolution, so the only chance of infection is maybe through the email system

So, it sounds like I do not need to think too much about an Anti-Virus for the Intel-NUC desktop I am using, or am I wrong?

Thank you all for your time

Cheers
Alex

Hermani 08-14-2020 05:28 PM

From what I know, there is not much Linux malware, however to keep things tidy you could scan your system once in a while. I recently ran ClamAV on my home server and it found 225 threats, all old Windows Trojans in e-mail attachments. Since I had never touched those files with a Windows system, it never has become an issue and was never picked up before. However I rather have clean files on my system! I have had a major problem once before and I don't want any of that again.

As far as I know de facto standard for antivirus is ClamAV. It is open source. You can find installation instructions at https://www.clamav.net/.

alex4buba 08-14-2020 06:49 PM

Quote:

Originally Posted by Hermani (Post 6155951)
From what I know, there is not much Linux malware, however to keep things tidy you could scan your system once in a while. I recently ran ClamAV on my home server and it found 225 threats, all old Windows Trojans in e-mail attachments. Since I had never touched those files with a Windows system, it never has become an issue and was never picked up before. However I rather have clean files on my system! I have had a major problem once before and I don't want any of that again.

As far as I know de facto standard for antivirus is ClamAV. It is open source. You can find installation instructions at https://www.clamav.net/.

Is it possible to set it to an automated backup schedule? In my previous "Life" with Windows, I had it setup to run every few hours in the background. I don't trust myself to remember to activate it manually

I tried installing it, but I can't find a .DEB installation file, just a .tar.gz and I have no idea about how to MAKE it... Is there anywhere a .deb installation file for it?

Thanks
Alex

John VV 08-14-2020 11:30 PM

clam should be in the os's repos
run

Code:

apt search clamav
--- if there then install it ---

apt-get clamav


alex4buba 08-15-2020 12:47 AM

Quote:

Originally Posted by John VV (Post 6156018)
clam should be in the os's repos
run

Code:

apt search clamav
--- if there then install it ---

apt-get clamav


OK, here is what I get

alex@alex-NUC8i7HNK:~$ sudo apt-get install clamav
Reading package lists... Done
Building dependency tree
Reading state information... Done
clamav is already the newest version (0.102.4+dfsg-0ubuntu0.20.04.1).
The following packages were automatically installed and are no longer required:
libdouble-conversion3 libfprint-2-tod1 libllvm9 libpcre2-16-0 libqt5core5a
libqt5dbus5 libqt5gui5 libqt5network5 libqt5svg5 libqt5widgets5
libxcb-xinerama0 libxcb-xinput0 python3-click python3-colorama
qt5-gtk-platformtheme qttranslations5-l10n
Use 'sudo apt autoremove' to remove them.
0 to upgrade, 0 to newly install, 0 to remove and 6 not to upgrade.

So, I tried to invoke it in Terminal:

alex@alex-NUC8i7HNK:~$ clamav
clamav: command not found

So, if it is already there, how do I invoke it? I can't find it in installed programs, or when I try to search in "Activities"

Thanks
Alex

Jan K. 08-15-2020 01:07 PM

https://www.clamav.net/documents/scanning#clamscan

alex4buba 08-15-2020 03:49 PM

Quote:

Originally Posted by Jan K. (Post 6156210)

Hello JanK

I am new to Linux, after 30 years with Windows. I followed the link you provided and it goes all over my head... I will describe what I am after

1) I want the process be automated, with the need for me to run it
2) When I drop into Terminal, this is my prompt - alex@alex-NUC8i7HNK:~$
3) When the scan happens, I am thinking that all the folders / files need to be scanned, or is this crazy?
4) I have no idea where things on my storage device are placed...

So, if you can be so kind, please write for me detailed instructions and I will follow

Thanks again
Alex

Hermani 08-15-2020 04:42 PM

Quote:

Originally Posted by alex4buba (Post 6156259)
I am new to Linux, after 30 years with Windows. I followed the link you provided and it goes all over my head... I will describe what I am after

Hi Alex4Buba,

You're on the right track, because you (already) installed ClamAV.

If you need something to be done in Linux on a regular basis, it is done by a so-called crontab command. This is a list in which you can tell the system what things to do every x amount of time. There are some desktop tools that can do the same however they mostly rely on crontab. And because crontab is found on every Linux installation and always works well, it is nice to use and rely on.

There is a system crontab list you can edit that works with superuser privileges, and every user on the system has its own crontab list to perform tasks with the privileges of that user.

For a tutorial on how to use crontab, take a look at one of the following (there are many more):
You can run commands in the crontab. However for me the best thing to do is to
  1. Make a shell script (this is like a Windows / MS-DOS batch file)
  2. Make an entry in the crontab pointing to the shell script
This way you can easily change, modify or extend the command. There are a lot of tutorials about how to write a shell script. The most simple script to run clamav would be something like this:

Code:

#!/bin/sh
clamscan -r /home >> /home/user/clamscanresults.log

The first line of code is necessary (I don't know why) and can also be !/bin/bash, if your system runs BASH as well.

The second line of code is the clamscan command you want to issue. The output that normally would be sent to the terminal is now routed to a file called "clamscanresults.log" (you can pick any name). Because I used >> any existing log file is appended, not replaced.

If you save this text file as eg "scancommand.sh" you have a shell script. PLEASE do not forget to enable execution for the shell script - you can do it through the file manager or by issuing a command like

Code:

chmod +x scancommand.sh
Next, you can modify the crontab. If you want to have all users in /home scanned, you might use the systemwide crontab. So you fire up the crontab editor using the following command

Code:

sudo crontab -e
Then you just have to put in the code for the timing of your shellscript and of course, the name and path of your script. If you wanted to edit your user's crontab you could use the following command

Code:

crontab -e
Hope I got you started!

alex4buba 08-15-2020 05:50 PM

Quote:

Originally Posted by Hermani (Post 6156271)
Hi Alex4Buba,

You're on the right track, because you (already) installed ClamAV.

If you need something to be done in Linux on a regular basis, it is done by a so-called crontab command. This is a list in which you can tell the system what things to do every x amount of time. There are some desktop tools that can do the same however they mostly rely on crontab. And because crontab is found on every Linux installation and always works well, it is nice to use and rely on.

There is a system crontab list you can edit that works with superuser privileges, and every user on the system has its own crontab list to perform tasks with the privileges of that user.

For a tutorial on how to use crontab, take a look at one of the following (there are many more):
You can run commands in the crontab. However for me the best thing to do is to
  1. Make a shell script (this is like a Windows / MS-DOS batch file)
  2. Make an entry in the crontab pointing to the shell script
This way you can easily change, modify or extend the command. There are a lot of tutorials about how to write a shell script. The most simple script to run clamav would be something like this:

Code:

!/bin/sh
clamscan -r /home >> /home/user/clamscanresults.log

The first line of code is necessary (I don't know why) and can also be !/bin/bash, if your system runs BASH as well.

The second line of code is the clamscan command you want to issue. The output that normally would be sent to the terminal is now routed to a file called "clamscanresults.log" (you can pick any name). Because I used >> any existing log file is appended, not replaced.

If you save this text file as eg "scancommand.sh" you have a shell script. PLEASE do not forget to enable execution for the shell script - you can do it through the file manager or by issuing a command like

Code:

chmod +x scancommand.sh
Next, you can modify the crontab. If you want to have all users in /home scanned, you might use the systemwide crontab. So you fire up the crontab editor using the following command

Code:

sudo crontab -e
Then you just have to put in the code for the timing of your shellscript and of course, the name and path of your script. If you wanted to edit your user's crontab you could use the following command

Code:

crontab -e
Hope I got you started!

Hi Hermani,

This is very good, thanks for taking the time to instruct me, I have a long, long way to go....

I tried the first two commands, I get the following errors, so I must be missing something in my installation?
I am in Ubuntu 20.04 with GNOME GUI, so - where from here?

alex@alex-NUC8i7HNK:~$ !/bin/sh
bash: !/bin/sh: event not found
alex@alex-NUC8i7HNK:~$ !/bin/bash
bash: !/bin/bash: event not found
alex@alex-NUC8i7HNK:~$ clamscan -r /home >> /home/user/clamscanresults.log
bash: /home/user/clamscanresults.log: No such file or directory

Many thanks
Alex

sgosnell 08-15-2020 05:54 PM

A couple of things:

clamav must be run as root, so either log in as root or use sudo.

If you want to scan the entire drive, use
Code:

clamscan -r /
Scanning the entire disk will take a looooooonnnggg time, so set the cronjob to run while you're in bed sleeping, not while you're trying to do work on the computer.

You don't run !bin/bash in a terminal, you put it into a text file as the first line. Linux runs almost entirely on text files. Open your favorite text editor, put the suggested lines into it, and save the file. From a terminal I like nano, but there are others. I can't remember what Gnome uses for a text editor, but it should be easy enough to find.


All times are GMT -5. The time now is 09:28 PM.