LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 03-17-2009, 08:47 AM   #1
bcbotha
Member
 
Registered: Nov 2008
Location: South Africa
Distribution: Ubuntu, Windows
Posts: 149

Rep: Reputation: 16
antivirus for ubuntu


I know that most viruses are written for windows and therefore don't affect linux, however i'm dual booting ubuntu and vista. i want to know is there an antivirus i can install on ubuntu to search my windows partition and my linux partition to delete any windows viruses?
i know clamwin, avg and kaspersky apperntly have a linux download but how good are they? and where and how could i download them from?

thanks
 
Old 03-17-2009, 08:53 AM   #2
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Linux Mint
Posts: 8,511

Rep: Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884Reputation: 884
Take a look at
clamav
 
Old 03-17-2009, 08:54 AM   #3
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Code:
sudo apt-get install clamav
That command will download and install ClamAV for you.

It's an officially-supported package in the Ubuntu repositories.

Last edited by win32sux; 03-17-2009 at 08:55 AM.
 
Old 03-17-2009, 08:55 AM   #4
cloud9repo
Member
 
Registered: Oct 2008
Location: Middle TN
Posts: 134

Rep: Reputation: 19
clamav will scan all partitions if configured to do so, and it scans for Windows viruses.
In synaptic, select clamav (it'll select the others necessary), and I also get clamav-daemon and clamtk. The daemon runs in the background and provides real-time scanning. The clamtk package is the gui.

Here's the link for more info:

http://www.clamav.net/download/packages/packages-linux

which has instructions for Ubuntu.
 
Old 03-18-2009, 12:50 AM   #5
bcbotha
Member
 
Registered: Nov 2008
Location: South Africa
Distribution: Ubuntu, Windows
Posts: 149

Original Poster
Rep: Reputation: 16
how do i go about installing the clamav-daemon and clamtk?
what do you guys know about kaspersky and avg for linux? and how does clamav compare?
 
Old 03-18-2009, 02:49 AM   #6
Tuttle
Senior Member
 
Registered: Jul 2003
Location: Wellington, NZ
Distribution: mainly slackware
Posts: 1,289

Rep: Reputation: 52
Quote:
Originally Posted by bcbotha View Post
how do i go about installing the clamav-daemon and clamtk?
what do you guys know about kaspersky and avg for linux? and how does clamav compare?
It has a longer history of being a popular native Linux AV solution and it's open source
 
Old 03-18-2009, 03:29 AM   #7
bcbotha
Member
 
Registered: Nov 2008
Location: South Africa
Distribution: Ubuntu, Windows
Posts: 149

Original Poster
Rep: Reputation: 16
but in terms of its ability to detect the viruses and delete them, is it better than kaspersky and avg?
 
Old 03-18-2009, 04:57 AM   #8
Tuttle
Senior Member
 
Registered: Jul 2003
Location: Wellington, NZ
Distribution: mainly slackware
Posts: 1,289

Rep: Reputation: 52
not sure, I've never had a virus!
 
Old 03-18-2009, 05:11 AM   #9
bitpicker
Member
 
Registered: Jul 2003
Location: Germany
Distribution: Xubuntu, Ubuntu
Posts: 416
Blog Entries: 14

Rep: Reputation: 35
You're probably better off with the commercial scanners. ClamAV is mostly used to scan for virus attachments on e-mails, but it doesn't have heuristics or behaviour recognition (though on the other hand if Windows isn't running the viruses aren't active, which means there is no behaviour to analyze). ClamAV doesn't have nearly as wide a base of signatures as do the commercial ones.

There are numerous free (only as in beer) commercial virus scanners which run under Linux. F-Secure and Avira for instance even offer Linux live CDs to scan from the bootable medium itself. You don't have to bog down your Ubuntu with such a program, just boot the live CD.

The Avira CD is updated daily. You can find it here: http://www.avira.de/en/support/support_downloads.html

You want the Rescue System with the CD icon, that's an iso you can burn. There's a toggle button switching between the original German and an English version in the menu.

On some machines without a floppy drive this CD has problems getting over the fact that /dev/fd0 can't be found. If the info box seems to try forever to mount that drive, you can use the command line button to drop to a shell, and you can then use ps -A to find the offending mount process, then kill it with kill -9 and the process number. Then return to the menu and you can go on.

Robin
 
Old 03-18-2009, 05:35 AM   #10
bcbotha
Member
 
Registered: Nov 2008
Location: South Africa
Distribution: Ubuntu, Windows
Posts: 149

Original Poster
Rep: Reputation: 16
thanks robin im downloading it now. im gonna try it out and see what it's like and what happens.i might also try clamav for while.
 
Old 03-18-2009, 06:09 AM   #11
cloud9repo
Member
 
Registered: Oct 2008
Location: Middle TN
Posts: 134

Rep: Reputation: 19
Quote:
Originally Posted by bcbotha View Post
how do i go about installing the clamav-daemon and clamtk?
what do you guys know about kaspersky and avg for linux? and how does clamav compare?
In synaptic, just quick search for clamav. The daeman and tk packages are listed. Here's the package info on Ubuntu's site:

http://packages.ubuntu.com/search?ke...id&section=all

I've used other packages, but clamav tends to integrate better, for me. I've only detected viruses once, but I know they've been present at other times, and circumvented detection.
 
Old 03-18-2009, 08:01 AM   #12
Delphin
LQ Newbie
 
Registered: Feb 2009
Posts: 10

Rep: Reputation: 1
I also like ClamAV, it's free, and has the advantage that front ends are available for all major platforms Windows, Linux, OSX, BSD - you name it.

http://en.wikipedia.org/wiki/ClamAV

For a nice simple MS Windows GUI port using the ClamAV libs try :

http://www.clamwin.com/ (or the portable MS Windows version at portableapps.com)

The detection features in ClamAV have been upgraded in the more recent versions, but it is still basically a signature based scanner.

On Windows at least, the ClamWin program can be set to either only detect malware, or to also try to wipe the virus or move it to a special quarantine directory. In *nix environments this simple feature could easily be scripted with ClamAV, but such measures are not very effective in dealing with modern sophisticated malware.

A lot of the nasty malware out their in windows will use system locks to keep anti-virus programs from being able to do anything with the file.

I think that this is why some folks down check ClamWin and ClamAV, not so much because they won't detect something, but because they are not much help in removing them.

In Windoz, there are some really nasty bugs out there that, even after being deleted manually, just recreate themselves from another hidden randomly named instance somewhere else on your system.

So, the commercial anti-virus applications, focus much more on 'cleaning' because they know that most folks are really dumb about doing backups, and are desperate for a 'magic bullet' that will rescue them from the consequences of their carelessness.

In Linux, there is no reason that such really bad bugs could not also be created, nasty mutagenic polymorphic orginisms that are difficult to detect and damn near impossible to remove, but fortunatly the *nix community has not been the main target of commercial quality malware so far, because these attacks target mainly the desktop market (where Linux is only a tiny percentage).

The lack of sophisticated 'cleaning' in ClamWin and ClamAV doesn't bother me much, because I always have full hard drive backups available. So, when a virus proves difficult to remove (as is frequently the case in Windows XP), I just wipe the full hard drive partition and restore the system from the last clean backup (including the Master Boot Record).

I am careful about what applications I run, and have had pretty good luck avoiding malware myself, but one of my friends XP boxes gets infected about three times a month. I have finally shown him how to do the 'wipe and restore' trick, and now he never has a problem restoring his system.

Why fiddle around with 15 different anti-virus apps, trying to find that 'magic bullet' that will finally remove a really nasty piece of spyware, when wiping and restoring the hard drive only takes a few minutes?

The thing I like MOST about both ClamWin and ClamAV, is that they are quick to set up and have a very very low system footprint.

For example on Windows, where the threat is greater, if you would feel safer also running another anti-virus, at least ClamWin won't fight with it.

In fact, in windows, you don't even have to install ClamWin to have it do a scan on the system. You can get a nice 100% portable version that will run from a USB Flash drive (portable ClamWin from portableapps.com)

Linux has a much better record as far as malware goes (stronger system, fewer attacks), and with Vista, Microsoft is trying to play catchup, and says they have improved security.

If so, something simple like ClamAV on the *nix side, and ClamWin on the Windows side, may be all that you need.

- Delphin

Last edited by Delphin; 03-18-2009 at 08:41 PM. Reason: Edited to clerify comments related to ClamAV vs. the ClamWin Windowz version
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to install avg antivirus on Ubuntu dagobert39 Linux - Newbie 3 01-18-2009 03:40 PM
Do I Need Antivirus for Ubuntu? taurusx5 Linux - Software 2 04-29-2008 12:05 AM
LXer: Antivirus Programs For Ubuntu LXer Syndicated Linux News 0 11-17-2007 10:20 AM
Antivirus For Ubuntu Server daredevilcsl Ubuntu 5 07-31-2007 10:06 AM
Ubuntu and xp + firewall + antivirus Cthulhoo Ubuntu 1 03-05-2006 09:39 PM


All times are GMT -5. The time now is 09:14 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration