Is it safe to not have an Anti-Virus with a Linux distro?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Er, forgot to mention, I did have to run a mail server for a while and got attacked then. This was in the early late 1990s/early 2000s on dialup & a lousy ISP. They all 100% knew I was a windows box (because everything else is around here). They tried a succession of lame passwords and went away. So unless 'the dark side' can get at you, you should be good. I'm on webmail now.
When I was running (way back) an FTP site (not SFTP) for work, I'd see all kinds of hits from various parts of the world (mostly china ips). Part of the server software was ability to ban ips after so many username/password tries. Seemed to keep out all the badies for the years it was in service.
It is astonishing how the people who advice running without protection say that have never had a problem running that way, and everyone who says "some protection might be smart" can tell war stories. You get more proactive once you have been in the middle of a disaster.
Run without protection as long as you have no important data they might steal, nothing about losing the machine for a few days that would threaten you life, job, or sanity. Protection is in response to risk, and the people who best understand the risk are the ones with the war stories. The others do not know because they have not experienced it.
Asking up front, before you get into the pain and loss how to prevent it is SMART. Experience is a good teacher, but cruel! I advise looking into protections and deciding what to use based upon YOUR risks and YOUR usage, keeping in mind that there are a million script kiddies out there who love making trouble and stealing data to sell. Keep in mind also that all hardware WILL fail: and we cannot predict WHEN. SO I advise using what protections make sense for YOU. We cannot tell you what those are because we are not YOU. Backups make sense, as does a firewall at either the host or network level. You might also, if it is justified, look into some intrusion detection and Malware/AV protection. We cannot decide what protections you need, but we can tell you that there is an advantage in being smart!
Thing is, at home, in my case, I have no 'server' type services exposed to the internet (that I know of) on my Linux machines. A big difference than a work server that serves files to the world (ie. Welcoming the general public in to use your services). My internet exposure is the browser and email client on my Linux desktops/laptops. That's it. Pretty confident an anti-virus application isn't necessary in 'my' case. I use strong passwords too. The weak point in my mind is the apt/dnf update process as those files are just fed to you and you don't know what's in them. Really trusting the distro maintainers to keep bogus code out....
At home, for close to 30 years on Linux, I never used an AV and have never has an issue. In the windows sense, there are no real "viruses" on systems link Linux. You do have trojans and maybe people getting in through ssh or things like the recent xz backdoor.
As long as you do not surf the WEB as root, you should be OK. Also be very careful on what you download and install, you never know what random people put in them.
At work, we were forced to use AV on our Linux Workstations. I asked around and as I figured, AV on Linux was used to protect people on Windows. A Linux person could forward off an email with a Windows Virus to someone on Windows. So your mail server should probably examine emails for viruses.
Personally, as a home user, I think that having no online servers is a key to security. There's also /etc/hosts.allow & /etc/hosts.deny which can be configured to exclude what you choose. There's guys probably running nmap on every ipv4 IP to scan for open ports. If you're behind a router, they have to go to the bother of hacking that before they find out if you're vulnerable.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.