HI...
Is there any "free" antivirus software for Mandrake or Linux? If so, can someone let me know where I can get it?
Thanks. javascript:smilie('')

linux has a neglible amount of virus, protection is very seldom needed. this ain't windows....

I would respectfully like to say that "negligible" is in the eye of the beholder. In this case, I am the beholder.
Thanks anyway.

i mean that it is negligible to the point that the software does not exist as it is simply not an issue.

Linux country is divided on the AV SW topic. Moderate factions saying Linux is invulnerable to virus attacks so it ain't no use having any, and the separatistas, those that have to live with (having to provide connectivity for) vulnerable or shoddy networked OSes, the paranoid and those knowing history will repeat itself.

Moderate factions long time ago have dug in stating privilege separation, absence of In The Wild viruses and discrepancies in handling between Linux/UNIX distibutions will cause any Linux virus outbreak to fail.

Separatista snipers try to take out moderate faction strongholds with classic pincer movements saying they should widen their POV looking at other incursions like the past trojan, rootkit and worm campaigns, risk due to increasing popularity of the platform as a whole, the fact Linux often provides services for vulnerable platforms and source poisoning as well.

Intelligence reports uncovered hostile incursions into moderate factions' territory have successfully been supported by vendors like Central Command, Sophos, Mcafee, Kaspersky, H+BEDV, Trend Micro, Frisk, RAV and Clam with help from at least Amavis, Spam Assassin, Renattach, Ripmime, Milter and Inflex.

As mercenary on the separatista side I agree we should not look at the past but to the future and always expect the unexpected. It's not just a scanner you need because you will not want your view to be narrowed to only look for viruses.
- Use (demand) source verification tru GPG or minimally md5sums (Sendmail/Tcpdump/OpenSSH),
- Watch system integrity (Aide, Samhain, Tripwire or any package mgr that can do verification: save those databases off-site),
- Harden your systems by not installing not needed SW, denying access where not needed and using tools like Bastille-linux, tips from Astaro, deny LD_PRELOAD's etc etc,
- Add intrusion detection like Snort (no comments needed I hope),
- Patch kernel to protect looking at/writing to crucial /proc and /dev entries and/or use ACL's (see Silvio Cesare's site, Grsecurity, LIDS)
- Watch general/distro security bulletins and don't delay taking action (Slapper, Li0n etc),
- Keep an eye on outgoing traffic (mail, irc, fw),
*If you're still not satisfied you've covered it all you could arm yourself with knowledge on forensics stuff like disassembly and honeypots.

If you want SW, Google the net for Central Command, Sophos, Mcafee, Kaspersky, H+BEDV, Trend Micro, Frisk, RAV, Clam, Amavis, Spam Assassin, Renattach, Ripmime, Milter or Inflex.
- Linux AV SW ain't free. //moderator note: please don't refer to SW as "free" (that is, between quotes). IMNSHO this means you're asking for warez, pirated software, rips or whatever you call it.
- AV SW is as good as it's signatures/heuristics. Some vendors don't update their Linux sig db's very well, or field SW with lacking capabilities. I've tested some (admittedly a long time ago) on my virus/trojan/LRK/malware libs. Bad (IMHO): Frisk's F-Prot (sigs), Clam (sigs), H+BEDV (libc version). Good (IMNSHO): Mcafee's uvscan (best) and RAV (2nd). Please do test yourself to form an opinion based on facts.
- AFAIK only RAV has a version free for personal use.
- AFAIK only KAV (Kaspersky) has a realtime scanner daemon. I'm in limbo about it's compatibility with recent kernels tho.

Other links to check out:
LAVP/Mini-FAQ Linux/Unix AV SW,
NIST (list of AV vendors),
Clam.

HTH

Antivir got a free version,too.Can be equipped with a scanner demon.But it's only free as in beer not as in open source and you have to register to get it to update the data base.That was the only halfway decent virus protection I managed to install.OAV is as per it's developers in an early stage and should not used as the only means of virus protection.It is i.e. unable to detect polymorph viruses.
If you have a M$ partition on your box you should be worried about this stuff because there are virii out there that can wreck your bios and last time I checked Linux didn't work without a bios.
BTW - the only scanner that detected a trojan I keep around was kaspersky.

Thanks unSpawn and crashmeister. unSpawn your sociopolitical and ideological analysis of the Linux world is certainly helpful in understanding the issue of security and the complexity it represents--both in terms of ideology and in the effects of historical contexts. Certainly for a newbie to Linux (who has much to learn) you provide an interesting panorama which. I find to be of great heuristic value. crashmeister, you reflect the concerns I have. Having worked with Windows and DOS for 17 years, i know (and this is where I take a point made by unSpawn) the future is uncertain and the certain thing about it is that it will change most of what we think about it today. Your response is clear, helpful, and practical as well and I will make use of it. The thought occurs to me about how the Linux world could become like the Windows world: frought with viri, vulnerabilities, and vermin. I watched it happen to Windows. This is why I came to Linux, and I think that we must be vigilant that what we have in Linux is not overrun by the same causes.
Thank you both for your responses to my inquiry. I am going to print them and make them a part of my Linux help file.
All the best!

Hi, I did a fair bit of searching for AntiVirus products for linux and found quite a few good ones, but the best free ones have been F-Prot & AntiVir (f-prot is a command line scanner, AntiVir is a command line scanner too but there is a GUI front end for it from tkAntivir)

Both work well and are fully configurable for auto updates

Wolfie,
Thanks very much. I will follow up.

I very much disagree with F-prot. I did a quick check a time ago and it didn't look too good. Here's some old results. Plz note the scan was done on Aug 13th 2002 with updated sig db's for all scanners.

F-Prot:
./f-prot XPLT -ai -append -archive -dumb -list -packed -report=logfile.fprot.sec
Virus scanning report - 13. August 2002 21:19
F-PROT 3.12a. DEF's created 13. August 2002
Results of virus scanning:
Files: 130, Objects scanned: 682, Infected: 6, Suspicious: 4
F-prot found: Unix/Admworm.A, "security risk or a "backdoor" program", "a destructive program", VBS/GMW.D, W32/Myparty.A@mm

RAV:
ravav XPLT -ALL -HEUR ON -UNZIP -REPORT logfile.rav.sec
RAV Antivirus for Linux 8.3
Scan engine 8.7 for i386.
Last update: Mon Jul 29 17:08:03 2002
Scanning for 70308 malwares (viruses, trojans and worms).
Scan started on Tue Aug 13 21:16:12 2002
Objects scanned: 753. Infected: 36.
RAV found: Trojan/Linux.Rootkit.T0rn, Worm/Linux.Lion, SH/Admworm.A*, SH/Ramen*, VBS/GMW.D*, Trojan/Backdoor.AB, Trojan/Win32.WCRAT.12B, Trojan/Constructor.TrojanRunner.EliteWrap, JS/Winbomb.A*, Trojan/Backdoor.FB

Mcafee's uvscan:
uvscan --analyse --macro-heuristics --data-directory /var/lib/uvscan --recursive --atime-preserve --panalyse --secure 2>&1 > logfile.uvs.sec
51 lines. (uvscan does not do status/statistics)
Mcafee's uvscan found: Linux/Exploit-Bind trojan, Linux/Rpcmountd, Linux/Exploit-Statdx, UNIX/Exploit-Crontab trojan, Linux/Adm.worm virus, Linux/Ramen.worm virus, VBS/GMW.gen virus, BackDoor-AB.svr trojan, BackDoor-FI trojan, FreeBSD/RootKit trojan, JS/Winbomb trojan, VBS/GMW.gen virus, BackDoor-FB.svr.gen trojan, JS/Winbomb, W32/Myparty.uue, UNIX/Exploit-Progres.

Even tho the names differ you should be able to see that the stuff I had been running it against was known for a reasonable time and still F-prot won't detect as much as RAV, and RAV not as much as Mcafee's uvscan.

//edit: OK, I should note both RAV and Mcafee's uvscan are commercial packages, tho RAV for Linux comes for free when buying the w32 package. Still F-prot results do not look promising.

It seems as of now there is no free software that does a good job at detecting viruses in Linux.I use antivir which doesn't cost anything but is also an commercial product.Don't know how good it is though.
I think the problem with virus scanners in Linux is that they are mostly used by companies and ISP's to protect their M$ clients and they have no problem with paying for the software.
If you are really concerned about this you should have a look around.Almost every antivirus program is available as a Linux version - for $$ of course.

Try here: http://www.f-prot.com/index2.html
Free for personal use.

Thank you very much for this information. I just went to their website and downloaded the file. I appreciate your help.
Regards