[SOLVED] Is antivirus software on a home Linux install necessary
Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If an antivirus makes sense, depends to some degree on the way that your system is used and the way that other systems, more susceptible to attract viruses and malware. are connected to it; occasionally or often.
I am not aware of any closed-source commercial antivirus being “better” in a way yet to be described than what you can get for free. The question may be more complicated than I am able to deduce right now, but then, you would be asked to provide even more details about your intentions and on your current situation... Someone will shoot me, if I say rubbish.
Quote:
If no, are there any run-on-demand malware/virus checkers?
I want to know, too.
Last edited by Michael Uplawski; 11-14-2019 at 10:25 AM.
I think most Linux users use clamav if they use antivirus at all. I was always told that you don't need it unless you have Windows machines on your network or share files (for example by email) with Windows users.
Several reputable AV providers offer free AV for Linux (at least for home use, depending on the provider), including Comodo, Sophos, and AVG. I normally run an AV because this is one area where having both a belt and suspenders may not be redundant.
I made a promise to myself long ago, long before I started using Linux, never to have a public-facing computer without an AV.
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824
Rep:
i use sophos antivirus. and if someone says that linux doesnt need antivirus they are wrong IMO.
if you use dual boot system as i do its good to be able to scan windows with linux antivirus program.
some ransomware uses javascript and browser exploits and therefore having antivirus checking your http/s traffic is a good thing.
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824
Rep:
Quote:
Originally Posted by LionHeartIV
Sophos, okay, interesting.
I don't have a dual-boot system, just Linux, still think it's a good idea?
well, once my browser were infected with malware and those viruses loaded NSFW adverts, pop-up's and stuff like that and i were using linux, so i would say yes to anti-virus.
Generally speaking the advice that antivirus is not required on Linux still applies. On Linux the bigger threats are attacks against services and server processes. Make sure your home router has up-to-date firmware and isn't known to be vulnerable, make sure services you don't need aren't running and services you do need are secured. You may want a software firewall on your Linux box, especially if it's a laptop and you're always connecting to public wifi.
If you do want to run antivirus software (on any OS!), I'd say you should have it doing on-access scanning. On-demand is no good, any malware that does infect your system can hide itself or sabotage the AV before it runs its next scan.
ClamAV is viable but it needs some work to get it doing its job well. Third-party signatures are essential for good detection rates and it might take some fiddling to get on-access scanning working.
EDIT PS: Personally I would only bother installing antivirus on a Linux desktop if it's for compliance/regulatory requirements.
Distribution: Currently: OpenMandriva. Previously: openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,881
Rep:
It's important to understand that a "virus" is still a program, like any other program on your machine is a "program". The only difference with viruses is that, they are normally designed to do malicious things to your system. A virus can be written for any operating system available. The difference is the "risk" you are at, which is decided by a number of factors. Like for example, your usage habits, malware developers willingness to target the particular system you're using, etc.
It entirely depends on the risk you are at. Windows has the most desktop market share, which therefore makes it an attractive target for malware developers, because of the sheer number of targets. Also, the types of users, and specifically, people who don't have a lot of technical knowledge. So it's therefore more likely that those people will have less than secure usage habits. Linux on the other hand, as said above it's the server and embedded markets where Linux based systems have the most risk, and more precisely, what malware developers target more often than not as far as Linux based viruses are concerned. But if you aren't following best security practices, like following the "principle of least privilege", then no operating system or anti-virus software in the world can "protect" you against your own stupidity - so you should practice safe usage habits first and foremost. And not solely rely on "a program" to "protect" you from your own stupidity - that would be a mistake.
All of that said, yes there is such as thing as Linux based malware, and it's only on the rise, not the decrease. FWIW, I use Sophos AV myself, and I've never had any problem with it, and also, from the rankings of anti-virus programs I've seen, Sophos AV is right up there as far as detection rates are concerned. But it's never found any viruses on my Linux system before. Sophos AV also checks for Windows viruses too, as well as Linux based viruses. I wouldn't waste my time with ClamAV personally though...
The only difference with viruses is that, they are normally designed to do malicious things to your system.
AND contaminate other executables on your system, which is because of user privileges (cq lack OF) harder to do on Linux systems.
There is other malware for Linux (like rootkits) but mostly they are not detected by anti-virus scanners.
Distribution: Arch Linux && OpenBSD 7.4 && Pop!_OS && Kali && Qubes-Os
Posts: 824
Rep:
Quote:
Originally Posted by jsbjsb001
But it's never found any viruses on my Linux system before. Sophos AV also checks for Windows viruses too, as well as Linux based viruses. I wouldn't waste my time with ClamAV personally though...
i haven't found any virii either, i just maybe 1-2 week ago installed sophos. only positives have been eicar files.
when i realized that my Firefox browser were infected i just nuked it from orbit, deleted configs/settings from /home/user folder and uninstalled/reinstalled Firefox which fixed it,that were maybe 3-5 years ago
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.