LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-03-2011, 07:54 AM   #1
alan_ri
Senior Member
 
Registered: Dec 2007
Location: Croatia
Distribution: Debian GNU/Linux
Posts: 1,733
Blog Entries: 5

Rep: Reputation: 127Reputation: 127
ESET NOD32 Antivirus 4 for Linux


Well it looks like Linux is popular, each day more, organizations are looking for security but no more only for Winblows, example;
http://delimiter.com.au/2011/05/02/t...ux-anti-virus/

So it seems that ESET has taken this seriously, they have antivirus desktop and business editions for Linux with support;
http://www.eset.com/home/products/an...x/?productdd=1

If someone is using this antivirus I would like to hear about it. And a question, would you use this software on your machine?
 
Old 05-03-2011, 08:12 AM   #2
X.Cyclop
Member
 
Registered: Jun 2006
Location: Tlv
Distribution: Arch!
Posts: 120

Rep: Reputation: 21
It's unnecessary. I have been using GNU/Linux (Ubuntu, openSuse and now Gentoo) for ~5 years and NEVER installed an antivirus.
 
Old 05-03-2011, 08:17 AM   #3
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779
I haven't heard of eset before this post. Their website doesn't give a lot of information on how the product performs and what it does or looks for in a Linux environment. Rather it has a small click-able picture in the lower right corner of the home products page. I would want to know more about these things before making any sort of decision. For example, does it focus on Linux oriented mal-ware or does it just scan your files for Windows signatures? In my humble opinion, the biggest advantage to running any sort of virus/spyware scanner on Linux is to prevent infection from spreading to a Windows host rather than for protection of the Linux system itself.

As far as would I use it, well, they want $40 / year for their product. Without a solid understanding of the features, advantages, and benefits compared to the competing free product offerings, why would I spend money on it?
 
Old 05-03-2011, 08:32 AM   #4
alan_ri
Senior Member
 
Registered: Dec 2007
Location: Croatia
Distribution: Debian GNU/Linux
Posts: 1,733
Blog Entries: 5

Original Poster
Rep: Reputation: 127Reputation: 127
@X.Cyclop
Yeah, I don't use any antivirus software and haven't seen any virus on my Linux machines in the last 7 years or so since I'm using it, but as I said Linux is more and more popular each day, that means on the desktop too and things might change about amount of malware, spyware or what not is targeting Linux, so for a newbie for example, ESET might be the solution.

@Noway2
Well ESET is really popular and high rated security software in the Winblows universe.
Here's the award page with other links that might interest you;
http://www.eset.com/us/press-center/awards

And it's clear that they are offering protection for Linux but if you're on the network with Winblows and/or Mac machines they'll protect them too, so they say. And what that protection looks like in Linux, well I don't know, that's what I asked too.

Last edited by alan_ri; 05-03-2011 at 08:49 AM.
 
Old 05-03-2011, 08:33 AM   #5
Arcane
Member
 
Registered: May 2006
Location: Latvia, Europe
Distribution: random
Posts: 303

Rep: Reputation: 250Reputation: 250Reputation: 250
Dunno how it performs on Linux but on Windows it is worth it's price tag - has great comments from many advanced people and i also used it some time ago on Windows as trial. There is still trial for Win in homepage so should be for Linux aswell. But why buy if there is ClamAV?
 
Old 05-03-2011, 08:34 AM   #6
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
I've never used AV on any of the Linux machines I've admin'd. IMO, its not needed. I did work at a place that mandated that every security device should have AV installed...then they started wondering why their IDS devices were dropping packets. The sensors were already at the ragged edge of performance due to them sniffing large amounts of traffic. Adding AV clients to the systems pushed them over the edge. AV definitely doesn't belong on dedicated servers, IMO. And I don't think Linux desktops need AV either. I've been using Linux desktop and server configurations since 1997. I've yet to see a real need for AV on Linux hosts.

Posts like this show up every few months. Run it if you want, but I've yet to see any substantiated reason to use AV on a Linux environment (other than as a mail server solution to filter inbound/outbound mail...probably more for an environment with Windows endpoint machines).
 
Old 05-03-2011, 04:59 PM   #7
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,370
Blog Entries: 55

Rep: Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555Reputation: 3555
One reason almost never mentioned is that for it to pour money into (research) and sustain business with it must be economically viable for a company. Given the main problems IMO with commercial signature-based detection are the 0) Linux platform architecture itself not providing much of a foothold for easy injection or propagation of threats compared to other platforms, 1) the types of threats facing the Linux platform not being as diverse and fast-evolving as they are for other platforms and 2) the economy depending on and sustaining those threats not as much being targeted on (ab)using Linux compared to the other OS you could conclude these are reasons why not many Linux users run AV (unless being forced to care for lesser OSes ;-p) and why not many AV vendors see Linux as a booming market. (I personally run several AV products but my motives in no way equal those of the average user.) And as far as experience with ESET products was concerned (see my old web log posts about AV detection) I have had no problems with their product (running on the other OS), it's performance or support.
 
1 members found this post helpful.
Old 05-03-2011, 07:25 PM   #8
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,331

Rep: Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546Reputation: 2546
since my first install of "Fedora 4" 6+ years ago ClamAV has NEVER found anything on Linux .( except for the test files in the clam build folder)
It DID find things on Windows XP 32 bit that Norton missed


Now RKhunter and chrootkit also have never found anything
 
Old 05-04-2011, 10:30 AM   #9
nomb
Member
 
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675

Rep: Reputation: 58
There are a lot of companies that have AV for linux. McAfee, Symantec, etc.

I run AV for two reasons:

I run AV on my linux boxes; however not for them. If I pass a file to someone who is running windows, I don't want to rely on their AV (which may already be compromised) to detect if the file I'm sharing contains a virus of some sort.

Just another layer.

The second reason I actually am going to leave off.

Last edited by nomb; 05-04-2011 at 10:33 AM.
 
Old 05-04-2011, 11:30 AM   #10
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779Reputation: 779
I run anti-virus on my personal servers and use it to scan the email that they handle it, but not on my personal PCs. The purpose isn't because I am so much concerned about my machines themselves catching something, it is that I consider part of being responsible mail server operator that I not pass something on to Windows machines. At work, where I manage one Linux server that is connected to a cluster of Windows based machines, I run a full anti-virus scan on a weekly basis in a cron-job. Again, not because I am concerned about that machine being infected, but rather to help detect and prevent the spread of malware to the Windows based hosts.
 
Old 04-16-2018, 08:18 AM   #11
Sarena
LQ Newbie
 
Registered: Apr 2018
Posts: 1

Rep: Reputation: Disabled
I understand Eset NOD32 Antivirus performance better on Linux compare to others but fact of the matter is that antivirus on desktop Linux is not only superfluous but also *decreases* your security: AV software itself is currently being attacked more and more.

Because it has by definition high permissions on the system and because it's often inadequately protected against hacking.... This makes AV software an ideal target for hackers.

Antivirus applications have been designed to read and open as many file types as possible. Because everything can contain a virus. Unlike ordinary applications, which can only read and open certain specific file types.

For example: word processors can usually only open document related files and no mp3 music files. For media players the reverse is true.

Because antivirus can read and open everything, and actually does precisely that during a scan, its potential vulnerability (attack surface) is much bigger. And therefore also its attraction as the target for people with malicious intentions. That's not just theory....

Last edited by Sarena; 04-17-2018 at 02:44 AM.
 
Old 04-16-2018, 09:10 AM   #12
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164Reputation: 3164
Furthermore, it is actually not true that "everything can contain a virus." The term, virus, is a biological term that applies only to biology, not computers.

In biology, a virus is a scrap of RNA that can insert itself into the DNA of a cell and cause that cell to reproduce massive amounts of the viral DNA before the cell dies. Biological organisms must mount continuous, pro-active defenses to detect and to thwart this process, which they do by killing the cells.

In computer parlance, this is rogue software that is executed without your knowledge or consent. It necessarily runs with your privileges, and that's why "your privileges" should be the least necessary to do "your" job. You should never use an account that is capable of sudo su. (Just as, with Windows, you should never be an "Administrator.") And, you should always run backup software that protects the backup archives from modification.

The very concept of "computer anti-virus software" is fundamentally flawed, and the idea is a dangerous one. In the name of "protecting yourself" against a threat that you cannot even identify, you run pervasive software that, in the end, cannot really detect anything.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Antivirus survey: Do you run an antivirus program on linux? atom Linux - General 29 09-03-2009 03:22 PM
[Help Me] Eset file security on Slackware FireGarden Slackware 4 05-12-2009 01:14 PM
LXer: ESET Launches New Products for Linux and FreeBSD LXer Syndicated Linux News 0 12-04-2007 08:50 AM
nod32 startup problem after adding a linux install (dual boot with xp) vlatko Linux - Newbie 2 07-13-2006 01:04 PM
Antivirus for Lunix similar Norton Antivirus for Windows Chivozertsev Linux - Software 1 03-31-2005 07:56 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:16 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration