Linux Users- Are you running antivirus?

Questions on how we spend our money and our time - consumer goods and services, home and vehicle, leisure and recreational activities
Post Reply
Topic Author
lostdog
Posts: 3348
Joined: Thu Feb 04, 2016 2:15 pm

Linux Users- Are you running antivirus?

Post by lostdog »

I run Lubuntu full time now. I'm tempted to install ClamAV.

Is antivirus software needed for Linux? If so, what antivirus software are you running?
mindboggling
Posts: 472
Joined: Sat Sep 06, 2014 6:35 pm
Location: Upstate NY

Re: Linux Users- Are you running antivirus?

Post by mindboggling »

I've been running linux exclusively at home for close to 15 years and I've never had a virus. I've never seen anti-virus software for linux. I once clicked on something that went to a ransomware screen and locked everything up, but a hard re-boot restored proper operation completely. Nice!
In broken mathematics, We estimate our prize, --Emily Dickinson
TawAllap
Posts: 1
Joined: Wed Jun 03, 2020 6:03 pm

Re: Linux Users- Are you running antivirus?

Post by TawAllap »

I’ve been running Linux distributions for the past 24 years and I’ve never used antivirus software on the desktop or server. As long as you’re downloading the software from the distributor’s package manager or from reputable software sources then you shouldn’t have any problems. Most of distributions now have built an access control to limit software capability in case of malicious software.

I hope that helps with your question.
Mr-et-Mrs-R
Posts: 61
Joined: Thu Dec 05, 2013 10:49 am

Re: Linux Users- Are you running antivirus?

Post by Mr-et-Mrs-R »

This feels more like a Slashdot or Reddit question.

Keep an AV thumb drive / boot disk around and as long as you're comfortable with the command line you'll be fine.
MathWizard
Posts: 4398
Joined: Tue Jul 26, 2011 1:35 pm

Re: Linux Users- Are you running antivirus?

Post by MathWizard »

No. I run lots of hundreds of Linux systems professionally.

AV software works by checking files for virus "signatures", which are just strings, or (regular expressions).

Viruses nowadays are polymorphic. This means that the virus signature is different with every infection

The best thing is to watch where you are browsing, not clicking on suspicious links

If you do not need remote logins, turn them off.
Use a firewall. I don't know Lubuntu, but in RedHat or CentOS 7this would be firewalld.

You can also run fail2ban which goes with firewalld, which will slow down any connection attempts,by denying connection attempts for say 30 minutes after 5 failed attempts within a short time.

Also, only install software from known reputable sources.

If you allow logins, use MultiFactor authentication,not just passwords, and disable remote root logins. Admins should login as a normal user, then elevate privileges by /bin/su or sudo.
Topic Author
lostdog
Posts: 3348
Joined: Thu Feb 04, 2016 2:15 pm

Re: Linux Users- Are you running antivirus?

Post by lostdog »

Thanks for the information everyone.

Loving Linux and continue to learn.
User avatar
unclescrooge
Posts: 5415
Joined: Thu Jun 07, 2012 7:00 pm

Re: Linux Users- Are you running antivirus?

Post by unclescrooge »

My 2015 MacBook runsacOS, a version of Unix. Never used an anti virus on that either.
User avatar
2pedals
Posts: 1257
Joined: Wed Dec 31, 2014 12:31 pm

Re: Linux Users- Are you running antivirus?

Post by 2pedals »

I did years ago but it never found a virus so I don't use one now. It might be a good idea though depending on how you are using your Linux computer. It is easy enough to install and uninstall.

https://linuxhint.com/install_clamav_ubuntu/
User avatar
JoMoney
Posts: 9898
Joined: Tue Jul 23, 2013 5:31 am

Re: Linux Users- Are you running antivirus?

Post by JoMoney »

I use a Chromebook... ChromeOS is Linux... I don't even think "AntiVirus" is available for it :wink: :?
"To achieve satisfactory investment results is easier than most people realize; to achieve superior results is harder than it looks." - Benjamin Graham
annu
Posts: 839
Joined: Mon Nov 04, 2019 7:55 pm

Re: Linux Users- Are you running antivirus?

Post by annu »

Do not user super user account, always enabled this level of security and with normal firewall rules you should be okay.
Also be carefull of what services you enable or have enabled. If you have ssh enabled for example, do not use default or easy passwords.
sabtastic
Posts: 173
Joined: Tue Dec 03, 2013 1:00 am

Re: Linux Users- Are you running antivirus?

Post by sabtastic »

No, and I never ran one on windows, either!!! :twisted: I've always said it is better to alter your behavior rather than rely on antivirus to save you.

ClamAV is prob the best your going to find. To be honest if you have to engage in risky behavior I'd get a second machine for your financials. Chromebooks are great for this.
anthonyphamy
Posts: 78
Joined: Sun Aug 05, 2018 8:59 pm

Re: Linux Users- Are you running antivirus?

Post by anthonyphamy »

Linux Mint 19.3 XFCE here, and nope.
edugrind
Posts: 6
Joined: Mon Sep 17, 2018 12:42 pm

Re: Linux Users- Are you running antivirus?

Post by edugrind »

lostdog wrote: Wed Jun 03, 2020 5:56 pm I run Lubuntu full time now. I'm tempted to install ClamAV.

Is antivirus software needed for Linux? If so, what antivirus software are you running?
As others have mentioned, it’s not typical to run anti-virus for a Linux workstation. So why does ClamAV exist?

It’s typically installed on servers. For example one might run it on a mail server to help prevent viruses from being transmitted to Windows email clients. Or on a file server to prevent Windows clients from passing viruses around to each other. A lot of the work that goes into ClamAV is actually to support detecting non-Linux malware. If you ever want to play around with Linux servers you may find it useful in that context. Sometimes I use it to scan drives of misbehaving Windows desktops.

I think it’s worth adding that one of the most important reasons it’s usually not needed is that UNIX software is largely distributed differently: it’s not downloaded from arbitrary websites, it’s packaged and distributed by the distro (Lubuntu). It’s pre-approved, so extra software to double check what’s downloaded isn’t as necessary. But it’s still important to make sure that software is kept up to date. And make backups.
Topic Author
lostdog
Posts: 3348
Joined: Thu Feb 04, 2016 2:15 pm

Re: Linux Users- Are you running antivirus?

Post by lostdog »

edugrind wrote: Thu Jun 04, 2020 6:44 am
lostdog wrote: Wed Jun 03, 2020 5:56 pm I run Lubuntu full time now. I'm tempted to install ClamAV.

Is antivirus software needed for Linux? If so, what antivirus software are you running?
As others have mentioned, it’s not typical to run anti-virus for a Linux workstation. So why does ClamAV exist?

It’s typically installed on servers. For example one might run it on a mail server to help prevent viruses from being transmitted to Windows email clients. Or on a file server to prevent Windows clients from passing viruses around to each other. A lot of the work that goes into ClamAV is actually to support detecting non-Linux malware. If you ever want to play around with Linux servers you may find it useful in that context. Sometimes I use it to scan drives of misbehaving Windows desktops.

I think it’s worth adding that one of the most important reasons it’s usually not needed is that UNIX software is largely distributed differently: it’s not downloaded from arbitrary websites, it’s packaged and distributed by the distro (Lubuntu). It’s pre-approved, so extra software to double check what’s downloaded isn’t as necessary. But it’s still important to make sure that software is kept up to date. And make backups.
Thank you. I installed VMware workstation player. I've been dabbling with Ubuntu server 20.04.

I used to administer Windows Servers. The Unbuntu server, since it's only CLI, is so much faster compared to Windows server. Especially boot time.

I suspect in the next 10 years, Microsoft will release their own flavor of Linux for the desktop and slowly transition from the NT kernel to the Linux kernel.
Topic Author
lostdog
Posts: 3348
Joined: Thu Feb 04, 2016 2:15 pm

Re: Linux Users- Are you running antivirus?

Post by lostdog »

JoMoney wrote: Wed Jun 03, 2020 11:58 pm I use a Chromebook... ChromeOS is Linux... I don't even think "AntiVirus" is available for it :wink: :?
You're correct. I think Google runs their own proprietary anti-malware/antivirus software as a deamon/service that you don't see. It updates on a regular basis.

My wife is on ChromeOS and loves the simplicity of it.

Unfortunately Google stopped updating her Chromebook after 6 years. The hardware is still fine. I'm contemplating running Linux on her machine. Chrome runs very fast on Linux and that's all she needs. Ubuntu will update in the background for her.
mmcmonster
Posts: 492
Joined: Sun Jan 12, 2014 1:18 pm

Re: Linux Users- Are you running antivirus?

Post by mmcmonster »

MathWizard wrote: Wed Jun 03, 2020 10:21 pm No. I run lots of hundreds of Linux systems professionally.

AV software works by checking files for virus "signatures", which are just strings, or (regular expressions).

Viruses nowadays are polymorphic. This means that the virus signature is different with every infection

The best thing is to watch where you are browsing, not clicking on suspicious links

If you do not need remote logins, turn them off.
Use a firewall. I don't know Lubuntu, but in RedHat or CentOS 7this would be firewalld.

You can also run fail2ban which goes with firewalld, which will slow down any connection attempts,by denying connection attempts for say 30 minutes after 5 failed attempts within a short time.

Also, only install software from known reputable sources.

If you allow logins, use MultiFactor authentication,not just passwords, and disable remote root logins. Admins should login as a normal user, then elevate privileges by /bin/su or sudo.
I wholeheartedly agree with using fail2ban.

The first thing I do is install fail2ban on my system. I then run the following command and add the following to /etc/fail2ban/jail.local

Code: Select all

awk '{ printf "# "; print; }' /etc/fail2ban/jail.conf | sudo tee /etc/fail2ban/jail.local

/etc/fail2ban/jail.local:
[sshd]
enabled = true
bantime  = 10h
port = 0:65535
findtime  = 10m
maxretry = 3
This will ban any IP address that fails a login attempt more than 3 times in 10 minute period. The ban is lifted after 10 hours.

To check for failed ssh attempts:

Code: Select all

grep sshd.\*Failed /var/log/auth.log
Other than fail2ban, I don't run anything remotely like antivirus software, and I go to some sketchy parts of the internet. 8-)

I would agree with the above posters about not downloading from sketchy repositories.

Been running Linux (first Ubuntu, then Linux Mint Cinnamon) for 16 years, and still love it. It just works and stays out of the way. The user interface with Cinnamon takes the best parts of Windows XP and 7 and doesn't change much from year to year.

Since I don't need antivirus programs constantly running in the background, I know that the computer is just busy doing what I want.

Enjoy the journey. While an operating system shouldn't make you happy or sad, I think overall that I'm happy not having to deal with the grief of Microsoft Windows over the past 15 years. (ie: forced reboots, deprecated hardware, telemetry, forced installation of updates, upgrade treadmill, antiviruses, etc.) Besides, most of what is needed now is on the web browser, and LibreOffice, Gimp, and Digikam fill my (personal) need for local software.
notinuse
Posts: 73
Joined: Sun May 29, 2011 7:11 pm

Re: Linux Users- Are you running antivirus?

Post by notinuse »

I've been using Linux for 22 years. I don't run antivirus software. Haven't had any problems.
bondsr4me
Posts: 1538
Joined: Fri Oct 18, 2013 7:08 am

Re: Linux Users- Are you running antivirus?

Post by bondsr4me »

I have a question for Linux users:

I have a 2015 macbookpro.
Can I run Linux from a USB boot?
What version of Linux would be best for MBP?
I am familiar with dual booting on macs.
At this time, I don't want to install Linux on my mac using bootcamp.
I would like to go the USB boot first.
Thanks.
Topic Author
lostdog
Posts: 3348
Joined: Thu Feb 04, 2016 2:15 pm

Re: Linux Users- Are you running antivirus?

Post by lostdog »

bondsr4me wrote: Thu Jun 04, 2020 8:06 am I have a question for Linux users:

I have a 2015 macbookpro.
Can I run Linux from a USB boot?
What version of Linux would be best for MBP?
I am familiar with dual booting on macs.
At this time, I don't want to install Linux on my mac using bootcamp.
I would like to go the USB boot first.
Thanks.
I think it's possible. If the USB port is at least 3.0 version.

I know for sure you'll be able to run Linux Live from the USB. Linux live runs from your RAM and cached memory. When you reboot, your session is gone.

Will Linux live work for you? Or do you want a full installation on the USB?

Pop OS looks to be the most user friendly of them all.

https://pop.system76.com/
bondsr4me
Posts: 1538
Joined: Fri Oct 18, 2013 7:08 am

Re: Linux Users- Are you running antivirus?

Post by bondsr4me »

at this point in time, I don't want to "install" Linux in my mac.

I would rather run it from the USB.
MathWizard
Posts: 4398
Joined: Tue Jul 26, 2011 1:35 pm

Re: Linux Users- Are you running antivirus?

Post by MathWizard »

lostdog wrote: Thu Jun 04, 2020 9:36 am
bondsr4me wrote: Thu Jun 04, 2020 8:06 am I have a question for Linux users:

I have a 2015 macbookpro.
Can I run Linux from a USB boot?
What version of Linux would be best for MBP?
I am familiar with dual booting on macs.
At this time, I don't want to install Linux on my mac using bootcamp.
I would like to go the USB boot first.
Thanks.
I think it's possible. If the USB port is at least 3.0 version.

I know for sure you'll be able to run Linux Live from the USB. Linux live runs from your RAM and cached memory. When you reboot, your session is gone.

Will Linux live work for you? Or do you want a full installation on the USB?

Pop OS looks to be the most user friendly of them all.

https://pop.system76.com/
I have a 2015 Mac Book Pro, I believe all the USB ports are 3.x . My 3.x USB drive will copy large files to the internal SSD
at 300 Mbytes/sec, far in excess of what USB 2 could do.

That said, you can run Linux from a USB 2. It is not as snappy as running from an internal SSD, but it was about as fast as running
from the 5400 RPM laptop drive in my old Dell laptop. I am getting spoiled with the internal SSDs in my laptop and desktop.
I'm even going to small SSDs for boot drives in my data center servers. you can get a 240 to 480 GB data center class SSD for about
as cheap as you can get an enterprise spinning disk.
bryanm
Posts: 334
Joined: Mon Aug 13, 2018 3:48 pm

Re: Linux Users- Are you running antivirus?

Post by bryanm »

Just be aware that running a typical distro from a USB stick is not recommended, as the number of writes can quickly wear down the life of the USB stick. "Live" distros are specially designed to minimize writes to the USB stick.
Post Reply