Do you have any antivirus recomendations for Linux.

  • bushvin@pathfinder.social
    21·
    1 year ago

    I wouldn’t recommend using anti-virus software. It usually creates a lot more overhead, plus it usually mimics existing solutions already in linux. The only viruses I have ever caught using an anti-virus software on Linux are the test viruses to see if all is working fine.

    Anyway, here’s my 20+ enterprise experience recommendations with Linux :

    • enable secure boot: will disable launching non-signed kernel modules (prevent root kits)
    • enable firewall: and only allow ports you really need.
    • SELinux: it is getting better, and it will prevent processes to access resources out of their scope. It can be problematic if you don’t know it (and it is complex to understand). But if it doesn’t hinder you, don’t touch it. I do not know AppArmor, but it is supposed to be similar.
    • disable root over ssh: or only allow ssh keys, or disable ssh altogether if you do not need it.
    • avoid using root: make sure you have a personal account set up with sudo rights to root WITH password.
    • only use trusted software: package managers like apt and rpm tend to have built in functionality to check the state and status of your installed software. Use trusted software repositories only. Often recommended by the distro maintainers. Stay away from use this script scripts unless you can read them and determine if they’re the real thing.

    Adhering to these principles will get you a long way!

    edit: added section about software sources courtesy of @dragnucs@lemmy.ml

    • stravanasu@lemmy.sdf.orgEnglish
      0·
      1 year ago

      Thank you for the advice!

      Firewall on Linux is something I still don’t understand, and explanations found on Internet have always confused me. Do you happen to know some good tutorial to share? Or maybe one doesn’t need to do anything at all in distros like Ubuntu?

      Regarding ssh: you only mean incoming ssh, right?

      • hevov@discuss.tchncs.de
        1·
        1 year ago

        I don’t think you need to configure your firewall. Firewalls are usualy used to block incomming connectings. Usualy a Firewall that blocks all incomming connections is already active on your modem/router. Adding exception to the modem/router Firewall usualy happen through port forwords.

  • RoboRay@kbin.social
    1·
    1 year ago

    Do you have any antivirus recomendations for Linux.

    Install all applications from your package manager.

    Don’t run things as root.

    Don’t visit sketchy websites.

    Run an ad-blocker that isn’t owned by an advertising company.

  • 18107@aussie.zone
    0·
    1 year ago

    Avast! runs on Linux.

    Personally I prefer to just avoid clicking on dodgy links. In the last 5 years I haven’t found any viruses. YMMV

  • Mandy@beehaw.org
    0·
    1 year ago

    Use common sense and dont install random shady shit from the internet.

    Best antivrius in the world

    • ReakDuck@lemmy.ml
      0·
      1 year ago

      After happily not following your advise my entire life on Arch Linux… I got this weird Virus on my PC while game developing. This virus made my entire PC glitch and my friend also wondered what the fuck is going on. Weird and creepy music started and sounded like its telling me I am dumb. After unplugging my entire PC from electricity, the music was still there… and I cried.

      After waking up I asked myself how the fuck did I dream this and why this dream felt so real (like a lucid dream but I thought this is real life). I maybe dreamed this after having a discussion why I should get an IPhone. As a GrapheneOS user I explained myself, but restarted my thinking about Security. (But even without being a Security focused guy, an IPhone has not enough features like Sideloading Open Source apps)

  • rayon@lemm.ee
    0·
    1 year ago

    I don’t understand why we keep telling new users that it is useless to use an antivirus on Linux. For people with computer knowledge, sure. However more widespread Linux adoption will mean more casual users will start using it. Most of them don’t have the “common sense” that is often mentioned ; these users will eventually fall for scams that tell them to run programs attached in emails or random bash scripts from the internet. The possibility is small, but it’s not zero, so why not protect against it?

    • XTL@sopuli.xyz
      0·
      1 year ago

      Because snake oil is not helping, or a working substitute.

      Security is a process, not a solution.

        • bushvin@pathfinder.social
          0·
          1 year ago

          The problem with AV s/w in my experience, is that they do not work very well, and hinder the system’s functioning, because they provide duplicate behaviour of existing solutions and compete with them directly.

          In one instance I discovered McAfee to disable write access to /etc/{passwd,shadow,group} effectively disabling a user to change their password. While SELinux will properly handle that by limiting processes, instead of creating a process that would make sure those files aren’t modified by anyone.

          People need to understand Linux comes pre-equipped with all the necessary tools and bolts to protect their systems. They just don’t all live in the same GUI, because of the real complexity involved with malware…