Unix was designed as a multi-user operating system, thus there was necessary security measures to combat the challenges of that environment. Additionally, because most of the components of the system were largely designed independent of the rest of the system and not integrated into the system they don't have hooks to the kernel that can as easily compromise the entire system. Even when the system is running a lot of network accessible processes that could potentially compromise the system they're frequently running by default as non-privileged users or chrooted into a specific area of the system limiting damage and preventing the box from being taken over.

Windows was designed as a single-user operating system, and until windows 95 there was no real security built in at all. Later systems with better security such as Vista and XP function as multi-user operating systems but still maintain a lot of compatibility with previous releases and frequently have bugs related to those releases. Additionally, because it was designed by a single corporation there are a lot of components that integrate themselves tightly into the kernel and provide additional hooks for exploits to latch onto. There are also a lot of default usability features enabled in windows by default with no real protection to prevent exploitation. Additionally most accessible network processes run with administrator level privileges which means any exploit found has the potential to completely subvert the entire system. Lets not forget the default user for XP is an administrator account and having to click "yes this is okay" every single time you want to start a lot of applications in vista causes people to turn off all the security protection completely.

I think the hands down best thing Microsoft could do is redesign windows from the ground up as a multi-user operating system and break all backwards compatibility completely. It would yield a faster operating system with less bloat, more stability, and increased security if they took all the lessons they've learned and implemented them correctly. Honestly, I think it's a matter of time before they do that.

An abundance of additional security tools to prevent what could be avoided by design does not indicate better security.

Exploits tend to target the lowest hanging fruit. That is presently and always has been Windows. Most bang for your buck.

Honestly, I don't get what most of you guys' problem with anti-viruses is. Sometimes it seems as if like installing one and using it were some sort of philosophical defeat for you. I've got ClamAV installed and I scan most of what I download before messing with it. I don't feel it's a "waste of CPU power", in fact I think it's the exact opposite. I believe I'm putting my CPU to good use by allowing it to help me detect malicious code before I feed it to my applications. I don't get why someone would want to spend so much time debating about whether an anti-virus for GNU/Linux is necessary or not. It's so easy to have one so why not just install it and get on with life? There's so much more important stuff to be concerned about.

Merged with the GNU/Linux Antivirus Megathread.

If linux was as much spread an used as windows, it would be equal vulnerable
writers from viruses will focus on it, and they will succeed.
More and more people start to use linux (see the aspire one hype), and have no clue.
You can make an OS as safe as possible, but you can't make it foolproof.

I disagree with that to some degree simply because you can be a fully functional user as a non-privileged account that can install software for your own use in Unix. Not so much (from a user perspective, although if you're technically competent you can) in windows. Thus in windows most people run as an administrative account, in *nix very few people remain logged into an administrative account, thus common threats like viruses in email and such are of limited impact comparatively speaking. Also the diversity of library and versions of programs across the different forms of linux makes writing a exploit that takes advantage of a buffer overflow or something similar while keeping it of reasonable size on many different variants with differing libraries and such difficult at best.

It's easier to write a virus for Solaris or RedHat or FreeBSD than it is for one that works on *BSD or Linux in general if you're trying to keep the size sane.

I find its a waste of my time to be constantly scanning files especially since I'm not running any ftp or mailservers, and I rarely ever encounter any malicous code, if at all. I don't spend my day looking for viruses to scan to protect everyone else.

Neither do I. I do it for myself. It only takes a couple seconds to scan downloaded files. Considering it's so quick and painless, I fail to understand how not doing it would be better. What exactly do you gain by not scanning stuff you download prior to using it? All I can think of is that perhaps certain people's false sense of security wouldn't get fed as much.

I only download files from places I trust, so why would I need to scan files?, I highly doubt sourceforge.net would have viruses on it. I don't download anything from shady porn sites or anything. When I download attachments from my email, google runs a virus scan on the files anyways, so its pretty pointless to run another virus scan on it.

Exactly. With all the focus in the Windows world and increasingly in the Apple world on viruses, it is difficult to get used to the fact that there are no viruses to find that targets Linux machines even on the most dodgy of web sites. Almost everything I have on my machine comes from the Gentoo repository (portage), and I trust that software 100%.

My hardware is a few years old, so I prefer to have all the power available to useful things like spinning my Compiz Fusion cube (usefulness is relative I guess..). I am sure I would read about it on the news section here on LQ if there actually was viruses around. So unless I was extremely unlucky and was the first Linux user to get a virus, I am very safe as it is.

Only security measure I have on my machine is a simple IPtables firewall.

Mons

Oh, well, that's the difference between or situations right there then. I don't only download files from places I trust. It would be great if I could, though. Unfortunately, school and work make that pretty much impossible for me. My main concern with files downloaded from miscelaneous locations is exploits (and trojans to a lesser extent). I do realize the virus threat to GNU/Linux is ridiculously low. Thankfully, ClamAV finds much more than just viruses.

Hello All,

I am running linux servers, what is the best Antivirus for them? .. or Do I need Antivirus for Linux systems?

please advise

thanks & regards
Winanjaya

Merged with the GNU/Linux Antivirus Megathread.

Most malware/spyware comes from commercial software, not Al Qaeda hackers working for the North Koreans, as the propaganda outlets (CNN and Fox News) would like people believe.

Plus, if a "hacker" creates malware they go to jail. If the trustworthy Sony Corp does it nothing happens to them. So clearly the latter presents the greater threat (to me anyways.)

http://www.eff.org/deeplinks/2005/11...y-bmgs-rootkit

I wouldn't call one commercial program, most commercial programs and not to mention I use mainly open source software

Ok i'm getting confused already. Most ppl say you do not need any anti virus programs, spyware or anything like that for linux but linux suse 11.2 comes with all these different type of antivirus programs??? Should i install one and which is the best?