Having very-rarely read "blog" entries, in all these oh-so many years now, I probably would instead just put out a general thread-response entry. Of which I have already written a great many.

(1) There is no single "command or package you might need." You are dealing with an opponent – most likely a "crime of opportunity" opponent who actually has no idea who you are and doesn't care. (Your opponent might in fact just be a computer program.)

If your presumed opponent must find you, then deny him "things to find," such as open SSH ports. OpenVPN (with tls-auth) can confront him with "a smooth, featureless wall" which affords him no opportunity to enter, or even to discern that an entrance exists. And yet, authorized users can pass through virtually without impediment. Each of them may enter only because they possess a unique, one-of-a-kind, individually authorized badge (digital certificate) which can be individually revoked at any time.

"There you go: 'a badge reader.'" Just like you routinely encounter at any-and-every office building anywhere."

(2) If your presumed opponent is trying to "slip you a Mickey [Finn]," the key realization is that whatever "Mickey" he might be able to "slip you" must subsequently execute with your own authorization and privileges. Therefore, observe the Principle of Least Privilege.

All of the user-ids that I use every day ... save one ... "can't do diddly-squat." Neither with "anyone else's files but their own," nor with "the system itself." Neither can they sudo their way into ... anything-at-all.

(3) Finally ... "secure, continuous, protected, backups." Just like Apple implemented with their venerable Time Machine. Information is constantly being swept onto a protected directory on an external drive. You are never without a copy of it.

So, putting aside the philosophy and in summary of all the above and the many linked threads, and their linked threads, what is the best free anti-v/m software(s) to run on my desktop computer please? (Linux Mint 17.3 Rosa Cinnamon).

Thanks.

If I wanted secure...
I wouldn't start with Mint and try to make it secure. It is a mainstream distro that has many features that a home user would want.

I'd start with a secure distro and as stated above, start at JEOS or minimal then add only the products that I needed to run. I'd enforce best practices like apparmor, SELinux, and tips on how to harden it.

Along with commercial/clone type of business distro documentation, hundreds of sites offer ways to learn and use more secure means.
http://www.serverhardening.com/
http://its.virginia.edu/unixsys/sec/
Are examples but many exist. Books on the subject.

Tips pointed out in thread include "backup". What a behind saver that is by the way. Don't keep it connected either. Backups have to remain out of reach of hackers.

The first couple of responders gave you these recommendations:

- Sophos,
- ClamAV,
- RootKitHunter

Have you tried any of them?

As I had written above, Sophos has no GUI and thus I had no idea if it was doing anything at all, so I replaced it with ClamTk. ClamTk only scans when you order it to rather than running in the background. I would be pleased to hear if you can in fact make Clamtk run in the background and also stop the opening of bad emails, both standard for Windows anti-v/m.

I have not tried RootKitHunter but I understand there are many more hazards than just rootkits.

Are Sophos and Clam the only real choices in Linux?

Thanks.

There are MANY choices in the Linux world, but also some confusion. RootKitHunter is good, but it is not an antivirus application. I use ClamAV for Antivirus.

RootKitHunter specifically detects one NAST"Y kind of malware that virus protection may never detect. It can warn you if your system is compromised, or in the process of being compromised. It does this by reporting files or links that have changed from what they system reports that they SHOULD be in size or CHC sum. The initial report is almost meaningless on a clean system, but the difference form one report to the next can be VERY important.

While ClamAV is an on-demand scanner, it can be triggered to scan all incoming email and attachments in your email engine, configured to test downloads in your browser, and automated in other ways. The output may be rather large at times, but it gives you detail and a very clear message on any "hits" and can quarantine infected files.

I have not used SOPHOS for AV, so I cannot comment on that.

Generally nearly all REPOS have ClamAV packages and SOME kind of RootKit detection package. They rarely have many others, and there are commecial ($$$) options for those who need them. I think spending money for AV in the Linux world is largely wasted money unless you are in a high-risk situation, but that is a personal choice matter.

2 members found this post helpful.

If the app not having a GUI, is a deal-breaker for you, you may have to settle for something that may not check your emails, provide on-access protection, etc. As said above, there ARE a lot of choices out there but, ALL of these choices have their own pro's and con's.

As long as the antivirus app is providing on-access protection/scanning, particularly in Linux, you should not have much to fear.

You can also write shell scripts (and cron jobs) for Sophos, and therefore don't have to be forever using the command-line, all the time.

You are not going to find a lot of AV apps, that have a GUI, provide on-access scanning, email checking, etc in terms of Linux. This is why I personally settled for Sophos.

If you are using chrome you can use this extension https://chrome.google.com/webstore/d...okmpjbcj?hl=es, clamav and sophos are fine if you have windows exe files on a samba or something like that.

Regards

This solution is just an add-on for Chrome and will not provide any on-access scanning (or email checking). Sophos also can detect Linux viruses as well as Windows viruses.

Getting away from Windows is one thing, but lose the mindset that comes with it too?
http://linux.oneandoneis2.org/LNW.htm

Scan the nut behind the keyboard.
Buy a router.
Add NoScript and an Add Blocker.
Don't run services you don't need.
Don't surf where your shouldn't.
Use your eyes for something beside adjusting the height of your monitors.
https://sites.google.com/site/easylinuxtipsproject/

Habitual,

The OP has clearly stated "Sorry, I do not believe that none are needed. Even the posting at the top of this forum section is evidence that they are required. Bad things can be transmitted by other things than just rogue programs.", in their question. If you do not believe AV software is necessary for Linux, that's fine, BUT it is STILL the OP's choice (which they have already MADE) and PC. I'm not trying to be rude, to you, as I can see you have some good knowledge of Linux, but it is once again up to the OP, as to what they would like to use.

1 members found this post helpful.

No worries. None of those actions were meant as an argument for or against A/V.

I can't help what the user does or doesn't believe.
And the point of the thread is meant to ....?
Clearly, (to me) it's to find on-demand A/V scan "just like Windows" (list of AV).

Peace.
I stepped in this one. My fault.

I have just found F-Prot, which has a free version for home users

http://www.f-prot.com/download/home_...d_fplinux.html

http://www.f-prot.com/products/home_use/linux/

http://www.f-prot.com/support/unix/unix_faq/23.html

Does anyone know if it has a GUI?

Am I right to think that a "workstation" is just another name for a desktop computer?

Thanks.

Yes, in answer to your first question, see: http://www.ubuntugeek.com/f-prot-ant...interface.html

Yes, again, for your second question.

Thanks. So in summary the free anti-v/ms for Linux with GUIs are:

ClamTk
FProt

The free one without a GUI:

Sophos

Do not know if RootKitHunter has a GUI or not. There might be other little-known ones, but the three above seem to be the current choice from better-known providers.

1) Am I correct to think that I could install both ClamTk and Fprot, since I assume they both only do on demand scans rather than running in the background, and could command then to do scans from time to time (not at the same time) as I used to with Window's SuperAntiSpyware and MalwareBytes?

2) Is there any way of scheduling them to do a scan periodically, or reminding me to run them?

Regarding ClamTk, I had set the scheduler to do a scan every day, but since the history shows that the last scan was done several days ago it appears that either it does not work or it does not catch up with overdue scans that are scheduled to occur at a time when the computer is turned off.

Thanks.