Is Virus protection really needed in Linux

vansch76 · 11-17-2007, 11:23 AM

Hi

I was wondering if I need a virus scanner in Linux? I have read posts
on both sides of the issue.

thanks
Vanessa

Brian1 · 11-17-2007, 11:28 AM

There are few Linux virus but rare to have anything to happen. Now that can change anyday at anytime. You never know. it is better to be safe that sorry. I keep clamav installed mostly for scanning and repairing of Window based OS machines.

Brian

reddazz · 11-17-2007, 11:29 AM

If you are running a mail server or sharing files with people who use Windows, then it maybe a good idea to have antivirus. If not, then its pointless in my opinion because most virus checkers, look for Windows viruses.

Tomtherab · 11-17-2007, 11:38 AM

I don't believe there are any linux viruses in the wild.

If they were in the wild, they would only be a mild concern to those who run around as root all day, in which case a virus is the least of their worries.

AceofSpades19 · 11-17-2007, 03:57 PM

I doubt there will be day when all of sudden there is 50,000 viruses for linux. There is no need right now, unless you are using a mail server, or sharing files with windows machines.

Slokunshialgo · 11-17-2007, 04:06 PM

If Linux goes the way of Mac (taking a solid Unix core, and making it overly simple for users to use), then yeah, there will likely be viruses. But as it stands, the only thing a virus can affect is the user's home directory if they make it executable, then run it, or the system if they run it as root.

But when it comes to other computers, servers should have it, as should gateway machines for a network (Direct connection to the internet, allowing filtering before it hits the router), as there may be Windows machines on there that can be affected, and it's easier to have one scanner going for all traffic, than to have multiple scanners for every computer.

vansch76 · 11-17-2007, 05:48 PM

Thanks for the info. I guess Ill hold off on a virus scanner for my linux laptop.
I do run a virus scanner on my windows hard drive. I dont use windows much anymore.

thanks again
Vanessa

ieatsplaydoh · 11-17-2007, 06:10 PM

Yes, there are "viruses" in linux. Rootkits. They really aren't very common unless you abuse your system and install a bunch of 3rd party RPMs and DEBs. Its not a pain to check for rootkits, so just get rkhunter, which would be in the software repository for your distro.

http://www.rootkit.nl/

jschiwal · 11-17-2007, 06:26 PM

There are a couple root kit hunters that you can use. Rkhunter and chkrootkit. While virus type programs aren't a big concern for Linux, being hacked is. These programs will scan your system for evidence of tampering. You could get some false positives. So Google is your friend in investigating the results.

The single best thing you can do whether you use Linux or Windows is to use a NAT router. By the nature of how it works, non-solicited connection attempts are dropped because the router has no way of knowing where it should go. Make sure not to use UPnP on the router.

If you run a service, there are usually steps in securing them. For example, mysql has a very large manual. There is a chapter on steps you absolutely need to follow to add passwords for the initial accounts. For ssh, you can disable SSH protocol 1, use "AllowUsers" or "AllowGroups" to determine who has permission to connect. Some people use a different port for SSH. So it is important to read the manuals & README files that are installed with any type of service you install. Also be sure to keep up with applying security updates.