Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I haven't heard of eset before this post. Their website doesn't give a lot of information on how the product performs and what it does or looks for in a Linux environment. Rather it has a small click-able picture in the lower right corner of the home products page. I would want to know more about these things before making any sort of decision. For example, does it focus on Linux oriented mal-ware or does it just scan your files for Windows signatures? In my humble opinion, the biggest advantage to running any sort of virus/spyware scanner on Linux is to prevent infection from spreading to a Windows host rather than for protection of the Linux system itself.
As far as would I use it, well, they want $40 / year for their product. Without a solid understanding of the features, advantages, and benefits compared to the competing free product offerings, why would I spend money on it?
Yeah, I don't use any antivirus software and haven't seen any virus on my Linux machines in the last 7 years or so since I'm using it, but as I said Linux is more and more popular each day, that means on the desktop too and things might change about amount of malware, spyware or what not is targeting Linux, so for a newbie for example, ESET might be the solution.
And it's clear that they are offering protection for Linux but if you're on the network with Winblows and/or Mac machines they'll protect them too, so they say. And what that protection looks like in Linux, well I don't know, that's what I asked too.
Dunno how it performs on Linux but on Windows it is worth it's price tag - has great comments from many advanced people and i also used it some time ago on Windows as trial. There is still trial for Win in homepage so should be for Linux aswell. But why buy if there is ClamAV?
I've never used AV on any of the Linux machines I've admin'd. IMO, its not needed. I did work at a place that mandated that every security device should have AV installed...then they started wondering why their IDS devices were dropping packets. The sensors were already at the ragged edge of performance due to them sniffing large amounts of traffic. Adding AV clients to the systems pushed them over the edge. AV definitely doesn't belong on dedicated servers, IMO. And I don't think Linux desktops need AV either. I've been using Linux desktop and server configurations since 1997. I've yet to see a real need for AV on Linux hosts.
Posts like this show up every few months. Run it if you want, but I've yet to see any substantiated reason to use AV on a Linux environment (other than as a mail server solution to filter inbound/outbound mail...probably more for an environment with Windows endpoint machines).
One reason almost never mentioned is that for it to pour money into (research) and sustain business with it must be economically viable for a company. Given the main problems IMO with commercial signature-based detection are the 0) Linux platform architecture itself not providing much of a foothold for easy injection or propagation of threats compared to other platforms, 1) the types of threats facing the Linux platform not being as diverse and fast-evolving as they are for other platforms and 2) the economy depending on and sustaining those threats not as much being targeted on (ab)using Linux compared to the other OS you could conclude these are reasons why not many Linux users run AV (unless being forced to care for lesser OSes ;-p) and why not many AV vendors see Linux as a booming market. (I personally run several AV products but my motives in no way equal those of the average user.) And as far as experience with ESET products was concerned (see my old web log posts about AV detection) I have had no problems with their product (running on the other OS), it's performance or support.
since my first install of "Fedora 4" 6+ years ago ClamAV has NEVER found anything on Linux .( except for the test files in the clam build folder)
It DID find things on Windows XP 32 bit that Norton missed
Now RKhunter and chrootkit also have never found anything
There are a lot of companies that have AV for linux. McAfee, Symantec, etc.
I run AV for two reasons:
I run AV on my linux boxes; however not for them. If I pass a file to someone who is running windows, I don't want to rely on their AV (which may already be compromised) to detect if the file I'm sharing contains a virus of some sort.
Just another layer.
The second reason I actually am going to leave off.
I run anti-virus on my personal servers and use it to scan the email that they handle it, but not on my personal PCs. The purpose isn't because I am so much concerned about my machines themselves catching something, it is that I consider part of being responsible mail server operator that I not pass something on to Windows machines. At work, where I manage one Linux server that is connected to a cluster of Windows based machines, I run a full anti-virus scan on a weekly basis in a cron-job. Again, not because I am concerned about that machine being infected, but rather to help detect and prevent the spread of malware to the Windows based hosts.