New to Linux: Best antivirus and Security suite?
New-ish to Linux. I have a few questions but it's best if I dedicate each question to a single thread.
I understand Linux is more secure than Windows, but this is a must: What antivirus should I get?
I am also curious to know if I need a complete security suite as you do on Windows. Which firewall should I go for? I want something that is as user friendly as possibly. I am a bit tech savvy, just don't go balls in with a bunch of stuff about kernels and such.
I don't mind a terminal-based security suite/firewall/whatever-else-is-needed. Though I would prefer a gui.
I use Windows a lot and am also interested in protecting my Linux install from any and all threats. Also, any devices I use with Linux, I use with Windows, so you see how an antivirus is necessary.
Currently know of and know how to install:
Avast
ClamAV
Bitdefender (have managed to install it before on Mint Cinammon but the bugger always crashed after starting a scan).
Any other information in regards to security from malicious software as well as network-based attacks is appreciated.
Thanks!
Comments
-
Once again, before I get someone trying to convince me I don't need Linux, one of the reasons I want to use Linux is so that I can secure my Window PCs from any viruses. A type of malicious software on my Windows PC was what re-ignited the Linux in me. I managed to use Avast of all anti viruses on Linux to find a kill the bugger. ESET, Norton, ClamWin, SpyBot and Malwarebytes all remarkably failed on Windows in trying to find it. So yes, I do need antivirus!
For those who are unaware of what it did, every few seconds my Windows window would unclick and re-click. It was a pain in the behind for a few months. [Suffice it to say, it took a while for me to realise this wasn't a software or driver conflict].0 -
And I don't mind paying for an antivirus or security suite if it's worth it.0
-
Viruses and Malware for Windows are extremely common, in advertisements pushing nasty software that is practically malware, many file-sharing sites are full of infected programs, and there are malicious individuals who target security vulnerabilities to install Windows malware without your permission.
So few viruses and malwares suit Linux this greatly reduces your risk.
Anti-Virus and Anti-Malware progams are freely available to suit common linux versions.
Many linux users do install and operate Anti-Virus and Anti-Malware programs so as to identify, then fix or remove files which may later impact MS-Windows users who access those files, as part of their helping make internet safer for everyone.
From time to time do test others Hard Drives, USB's etc (MS-Windows partitions included) for Virus and Malware, often finding and removing same they did not know were there, while saving their data.
Exist some risks using HTML, Java, JavaScript, PDF (Portable Document Format), Perl, php, Ruby and SWF (Adobe Flash) as these are all frameworks or languages supported under Linux, so evil minds can use these to target Linux like they do Windows or sometimes Mac OS X.
A significant advantage for linux users is their underlying linux operating system remains more difficult, more expensive to attempt to exploit.
IMHO the most significant advantage for linux users is almost all of their underlying linux operating systems freely provide and update effective Anti-Virus and Anti-Malware programs :-)
Among my linux system's provided, kept up to date, programs I use are : clamav and rkhunterpaulparker@linux-7769:~> [b]zypper info clamav[/b] Loading repository data... Reading installed packages... Information for package clamav: ------------------------------- Repository: Main Repository (OSS) Name: clamav Version: 0.98.7-2.7 Arch: x86_64 Vendor: openSUSE Installed: Yes Status: up-to-date Installed Size: 13.4 MiB Summary: Antivirus Toolkit Description: ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats. paulparker@linux-7769:~> [b]zypper info rkhunter[/b] Loading repository data... Reading installed packages... Information for package rkhunter: --------------------------------- Repository: Main Repository (OSS) Name: rkhunter Version: 1.4.2-5.2 Arch: x86_64 Vendor: openSUSE Installed: Yes Status: up-to-date Installed Size: 1010.6 KiB Summary: Rootkit Hunter Scans for Rootkits, Backdoors, and Local Exploits Description: Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. This tool scans for rootkits, backdoors, and local exploits by running tests like: * Comparing MD5 hashes * Looking for default files used by rootkits * Checking for wrong file permissions for binaries * Looking for suspected strings in LKM and KLD modules * Looking for hidden files * Optionally scanning within plain text and binary files * Checking software versions * Testing applications paulparker@linux-7769:~>
Why do Viruses and Malware fail on Linux ?
In Linux systems the Permissions system is universal.
Permissions control three things you do with files: read, write, and execute.
Permissions also come in three levels: for the "root" user, for the individual "user" who is signed in, and for the public, everyone out in the world.
Permissions can also be specific for a single program or application.
Almost always in Linux software which may effect or impact the system as a whole requires root privileges to run.
Linux is Learning :-)
1 -
Antivirus on desktop Linux is not only superfluous, but also decreases your security: AV software itself is currently being attacked more and more.
Because it has by definition high permissions on the system and because it's often inadequately protected against hacking.... This makes AV software an ideal target for hackers.
Antivirus applications have been designed to read and open as many file types as possible. Because everything can contain a virus. Unlike ordinary applications, which can only read and open certain specific file types.
For example: word processors can usually only open document related files, and no mp3 music files. For media players the reverse is true.
Because antivirus can read and open everything, and actually does precisely that during a scan, its potential vulnerability (attack surface) is much bigger. And therefore also its attraction as target for people with malicious intentions. That's not just theory....
1 -
^^^ Copy and paste from https://sites.google.com/site/easylinuxtipsproject/security
0 -
@Alir said:
I understand Linux is more secure than Windows, but this is a must: What antivirus should I get?
I used Windows from 95 up to 2017 and I stopped using Anti-Virus in 2005. I never had any issues related to Viruses. It's far more important to be careful what sites you visit and what software you install.
That being said, if you use Linux you will probably install software only from the repository offered from your distribution, so in that case everything you use has been already filtered by the community. The only problem is when you install software from untrusted sources. If you need some sort of obscure software that you found online, better ask on the forum if that software is safe before installing it.
If you want to dig deeper into security, please take into consideration that a proper approach to security is different than what people think it is. Installing an Antivirus will probably cause your system to have MORE vulnerabilities. The common approach to keep a system secure is to keep the number of installed packages at a minimum. If you need to install a high number of apps, from sources that can't be trusted, there are lots of ways to isolate those applications so that they do not cause harm to your system. Here is a list of tools that help with software isolation on Linux-based operating systems:
- Virtualization (VirtualBox or KVM)
- Flatpak
- Snap
- Docker
- SELinux
- Apparmor
A similar system is used by Android, which became this year the most used operating system world-wide. On Android, SELinux is leveraged to limit the rights that each application has. From a user experience point of view, you probably know the "allow this application to see your photos" pop-up. Similar approaches can be found on iPhone and Mac.
Considering how well Linux is protected by default, only paranoid people (like me) go really deep into security to be sure everything is properly locked down. However, this requires a lot of research and development invested into Linux and it is worth it only if you plan to have a career in technology.
There also are some Linux distributions which focus on providing a secure environment for the user, but they also have an impact on user experience and comfort (example: Tails).
0 -
I don't know about ClamAV but between Bitdefender and Avast
I'll recommend Bitdefender, from the comparison I made, Bitdefender more:
*SECURITY
*FEATURES
*EASE OF USE
*SUPPORT
*PRICING
Comparison page resource:
https://www.safetydetective.com/comparison/avast-vs-bitdefender/0
Categories
- All Categories
- 51 LFX Mentorship
- 104 LFX Mentorship: Linux Kernel
- 576 Linux Foundation IT Professional Programs
- 304 Cloud Engineer IT Professional Program
- 125 Advanced Cloud Engineer IT Professional Program
- 53 DevOps Engineer IT Professional Program
- 61 Cloud Native Developer IT Professional Program
- 5 Express Training Courses
- 5 Express Courses - Discussion Forum
- 2K Training Courses
- 19 LFC110 Class Forum
- 7 LFC131 Class Forum
- 27 LFD102 Class Forum
- 157 LFD103 Class Forum
- 20 LFD121 Class Forum
- 1 LFD137 Class Forum
- 61 LFD201 Class Forum
- 1 LFD210 Class Forum
- LFD210-CN Class Forum
- 1 LFD213 Class Forum - Discontinued
- 128 LFD232 Class Forum
- LFD237 Class Forum
- 23 LFD254 Class Forum
- 611 LFD259 Class Forum
- 105 LFD272 Class Forum
- 1 LFD272-JP クラス フォーラム
- 1 LFD273 Class Forum
- 2 LFS145 Class Forum
- 24 LFS200 Class Forum
- 739 LFS201 Class Forum
- 1 LFS201-JP クラス フォーラム
- 11 LFS203 Class Forum
- 75 LFS207 Class Forum
- 300 LFS211 Class Forum
- 54 LFS216 Class Forum
- 47 LFS241 Class Forum
- 41 LFS242 Class Forum
- 37 LFS243 Class Forum
- 11 LFS244 Class Forum
- 36 LFS250 Class Forum
- 1 LFS250-JP クラス フォーラム
- LFS251 Class Forum
- 140 LFS253 Class Forum
- LFS254 Class Forum
- 1.1K LFS258 Class Forum
- 10 LFS258-JP クラス フォーラム
- 93 LFS260 Class Forum
- 132 LFS261 Class Forum
- 33 LFS262 Class Forum
- 80 LFS263 Class Forum
- 15 LFS264 Class Forum
- 11 LFS266 Class Forum
- 18 LFS267 Class Forum
- 17 LFS268 Class Forum
- 23 LFS269 Class Forum
- 203 LFS272 Class Forum
- 1 LFS272-JP クラス フォーラム
- LFS274 Class Forum
- LFS281 Class Forum
- 235 LFW211 Class Forum
- 172 LFW212 Class Forum
- 7 SKF100 Class Forum
- SKF200 Class Forum
- 902 Hardware
- 219 Drivers
- 74 I/O Devices
- 44 Monitors
- 115 Multimedia
- 209 Networking
- 101 Printers & Scanners
- 85 Storage
- 763 Linux Distributions
- 88 Debian
- 66 Fedora
- 15 Linux Mint
- 13 Mageia
- 24 openSUSE
- 142 Red Hat Enterprise
- 33 Slackware
- 13 SUSE Enterprise
- 357 Ubuntu
- 479 Linux System Administration
- 41 Cloud Computing
- 70 Command Line/Scripting
- Github systems admin projects
- 95 Linux Security
- 78 Network Management
- 108 System Management
- 49 Web Management
- 68 Mobile Computing
- 23 Android
- 30 Development
- 1.2K New to Linux
- 1.1K Getting Started with Linux
- 537 Off Topic
- 131 Introductions
- 217 Small Talk
- 21 Study Material
- 826 Programming and Development
- 278 Kernel Development
- 514 Software Development
- 928 Software
- 260 Applications
- 184 Command Line
- 3 Compiling/Installing
- 76 Games
- 316 Installation
- 62 All In Program
- 62 All In Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)