hey,new to linux hate viruses
 

Im new to the linux system got rid of my windows it was a P.O.S with all the viruses and everything i was wondering if someone could point me in the right direction to a good free antivirus program for my linux and/or give me any information on how to steer clear of virusesthanks any info. would be much appreciated

Sorry. I was going to bed and missed the

All I saw was sick of viruses and thought it was another install thread. So I deleted my reply.

Never Mind.

I don't know if it's just me but rokynji's link appears to point at a thread that is not related to viruses.

Anyway, SnakierGrizzly, welcome.

If you Google "linux need anti-virus", you'll find many articles on the subject. Please have a read and digest.

The upshot is that it is more difficult to be infected on a Linux system, but there are differing views as to whether precautions in the form of an anti-virus should be taken.

Personally, I run (fairly infrequently I should admit) rkhunter and chkrootkit on the command line to check for root kits (although beware the false positives).

I have also downloaded and installed Sophos Antivirus for Linux from https://www.sophos.com/en-us/product...for-linux.aspx and use it as an on-demand scanner. It not only checks for Linux malware, but also Windows malware so that I can ensure any files I pass on to Windows-using friends are clean.

Thanks
 

yeh i didnt find anything usefull in the other reply --thanks im downloading it right now i have another question if you dont mind

i clicked install and this popped up not too sure what to do with it........#!/bin/sh
BASEDIR=`dirname $0`
echo $BASEDIR | grep "^/" >/dev/null
if [ $? -ne 0 ] ; then
BASEDIR=`pwd`/$BASEDIR
fi
if [ "" = "$TMPDIR" ] ; then
TMPDIR=/tmp
fi
_mktemp=`which mktemp 2>/dev/null`
if [ -x "${_mktemp}" ] ; then
tmpdirTemplate="$TMPDIR/sophos_distribution_XXXXXXX"
SOPHOS_INSTALL_TMP=`${_mktemp} -d ${tmpdirTemplate}`
[ $? = 0 ] || { echo "Could not create temporary directory" 1>&2 ; exit 1 ; }
else
_od=`which od 2>/dev/null`
if [ -x "${_od}" ] ; then
_random=/dev/urandom
[ -f "${_random}" ] || _random=/dev/random
SOPHOS_INSTALL_TMP=$TMPDIR/sophos_distribution_`${_od} -An -N16 -tu2 "${_random}" | tr -d " \t\r\n"`.$$
else
SOPHOS_INSTALL_TMP=$TMPDIR/sophos_distribution_${RANDOM-0}.${RANDOM-0}.${RANDOM-0}.$$
fi

[ -d "${SOPHOS_INSTALL_TMP}" ] && { echo "Temporary directory already exists" 1>&2 ; exit 1 ; }
(umask 077 && mkdir ${SOPHOS_INSTALL_TMP}) || { echo "Could not create temporary directory" 1>&2 ; exit 1 ; }
fi
if [ ! -d "${SOPHOS_INSTALL_TMP}" ] ; then
echo "Could not create temporary directory" 1>&2
exit 1
fi

export SOPHOS_INSTALL_TMP
cd $SOPHOS_INSTALL_TMP
tar xf "$BASEDIR/sav.tar"
[ -f "$BASEDIR/uncdownload.tar" ] && tar xf "$BASEDIR/uncdownload.tar"
[ -f "$BASEDIR/talpa.tar" ] && tar xf "$BASEDIR/talpa.tar"
sophos-av/install.sh "$@"
RETCODE=$?
cd /
rm -rf $SOPHOS_INSTALL_TMP
exit $RETCODE

What you're seeing is a script that should be run.

The Sophos website has a couple of PDFs that tell you exactly how to install and run the anti-virus (there is no GUI, it is all done by command line). You should find them and download them.

My own installation notes are as follows (all in command line):

For info, ~ is shorthand for your home directory e.g. /home/snakier

Once installed, I have found the following commands useful (all sudo):

savscan / -archive -b -c --backtrack-protection --preserve-backtrack --examine-x-bit

- recursively scan computer inc. archives and Unix-defined executables, but not scanning the same thing twice if follows symlink. Confirm deletion/disinfection (-c), and sound bell (-b) if threat detected. N.B. first time scanned with -all -f -ns --show-file-details to fully scan all files on system and list them as going through (took 3 hours).

savscan /usr/mydirectory/myfile - scan file/directory (multiple files possible)

savscan -bs=/dev/sda4 - scan boot sector

savscan -bs - scan all boot sectors that Sophos recognises

savscan -mbr - scan MBR on all fixed physical drives

savscan path --stay-on-filesystem - don't scan across mount points

savscan -vv - list default types to scan

/opt/sophos-av/bin/savlog --today --utc - display log from today in UTC format

/opt/sophos-av/bin/savupdate - update

/opt/sophos-av/uninstall.sh - uninstall

hmm still not too surewhat all that means haha but ill mess around with it till i get it thanks man

one more question then ill leave you alone...whats the first thing i should put into the command prompt ...sorry im an idiot when it comes to this stuff

:) Don't worry, it's all a learning process. Just take each step at a time.

The startup PDF is at http://www.sophos.com/en-us/medialib...vl_9_sgeng.pdf

The configuration one at http://www.sophos.com/en-us/medialib...vl_9_cgeng.pdf

I think the first thing you should do is probably learn more about Linux - try a few online tutorials, get yourself a good Linux beginner's book etc.

Perhaps try http://linuxcommand.org/

The rest of the info required for the Sophos anti-virus product is all in my previous posts.

First of all, there is no such thing as a computer "virus." :tisk: Computer hardware is not a biological thing.

The proper term, I think, is "rogue program." Someone has written a deliberately harmful program and is attempting to install that program surreptitiously upon your computer.

To that end, it really doesn't matter what operating system you are running: what matters is how you run it. A rogue program generally depends on you, or some externally-accessible "daemon" or "service," running with too-elevated privileges or running in a state where elevated privileges can easily be obtained. For instance, can you successfully issue the sudo su command? Is your "regular login user" an "Administrator?" A member of the wheel group?

Microsoft designed Windows to have a very robust(!) security model, but they are obviously comfortably in-bed with people like Peter Norton and McAfee, such that they deliberately(!) sell "home editions" of their product in which security is very-compromised by default and the necessary policy-editing or user-editing tools are either absent or well-buried. Certainly, they do not discuss security.

Rogue software will follow you around, no matter what OS you run, if by your actions and preparations you allow it to.

@sundialsvcs:

The term "computer virus" has been accepted and used for many many years, referring initially to a program's ability to replicate and spread like a biological virus, and then latterly, erroneously, as a general term to refer to all malware.

There have been a large number of computer viruses created over the years which have caused a lot of damage, as you are no doubt aware.

I prefer the general term malware myself to designate all the programs written with malicious results in mind, because of the ever-increasing mix of insertion and propagation technologies involved.

@SnakierGrizzly

After thinking about my reply above, I hope you didn't get the wrong end of the stick.

The Sophos Antivirus application doesn't have a GUI, it's command line only. It's for that reason that I recommend you learn more about the command line (which is inextricably linked to Linux itself). If not, I can only foresee you having problems installing and running the application. It won't take much time and effort to learn the basics, and you'll feel far more comfortable using the command line if you do.

The starting point, as I mentioned earlier, is to download the zipped (.tgz) installer, move it to your home folder, and then, using the cd command, navigate to that folder. Then, using the command line, you run the commands that I have listed in that same post (accepting all defaults for the second command except the two exceptions listed).

If you do give it a go, let us know how you get on.

Even though I haven't gotten viruses on my linux system, I will once in awhile do a system scan with clamav (for malware/viruses ) and rkhunter ( for rootkits ).

Also, it's good to have security for your web browser to prevent bad sites from executing malicious code. Below are two popular browser plugins:

NoScript and Ghostery.