I am a Linux newbie, having just ditched XP Pro last week. I've managed to get FC2 to do everything my Windoze system did and more, and I've had a lot of fun doing it. :)

My system is used purely for home desktop purposes. I am running on a cable modem, behind a router, with the FC2 firewall on and all incoming services disabled. My question is, do I still need to worry about viruses? If so, can you recommend a good Linux antivirus package? Free would be ideal, but I'll pay for good software any day.

I've spent the last few years developing a progressively intense paranoia about viruses and worms and trojans and such. I switched to Linux after having THREE spyware programs install themselves on my XP box through IE6 without a single prompt in a single day. But I don't know how careful I need to be under Linux.

Thanks for your suggestions!

As far as I know there are no 'wild' viruses which attack Linux systems. There are exploits and such that can compromise your system--so use trusted repositories for your rpms. That being said, you still might have viruses and if you send a Windows user a file, they could get it. Personaly, I don't use any virus protection and I share files with Windows boxes all the time--just doing my part to take over the world. ;)

I might be wrong about all this (except for the taking over the world part), maybe a more experienced user can chime in here. foolish, are you there?

99.99% of the viruses reported in the media are targetted towards the most common (most security holes per kilobyte) OS: Windows. A Windows virus will (typically) not be able to do a dang thing to a Linux box. Some of the odd cases where it might work would be in the various flavors of Wine, but I don't know if that counts. However, no system is totally secure, especially where there are human beings involved. You still have to take some precautions, but you typically don't have to worry about something tunnelling in through your firewall and taking over your machine. It'll need to come from inside your machine - usually with regards to something you did.

Thus Rule #1: Do not do anything as "root" unless you absolutely have to - then get out!

even though www.grisoft.com has a virus program for linux i never heard anyone on any other forum about using virus software....

when the virus are known to the computing world one of the system not affected is LINUX if you read it well it will be listed which OS it affects and you know the answer to that.....hint? M$ :D

Antivirus software for Linux is used mostly for detecting windows viruses on your Linux box.
To prevent you from spreading windows viruses to other people on internet.
Windows virus can't hurt you on your Linux box... it's useless :)

Great--thanks for the feedback! I guess I'll work without AV for a while. However, as fun and simple as Fedora was to install, I expect that before too long there will be a lot more people running Linux. And once there are more targets out there, I assume the virus writers will start to take note and write accordingly. I guess we can enjoy the honeymoon while it lasts. :)

I dont think an anti-virus is nessesary.
Things you should do:
1. Update your system often.
2. Set up a good firewall rules.
3. Shutdown services you don't need.
4. Do not give the root password to anyone, do not login directly as root and only switch to root when you have to and then get out.
5. Do not install RPMs from strange places, also recommended that you first try to install the software you want via the package managers (APT,YUM,UP2DATE).
6. If you are a bit paranoid you can make a new partition from backup proposes, just remember not to auto-mount it.

Viruses are not too big a worry on Linux... I've been running Linux for over 7 years now and haven't ever had a virus problem.

On my servers I run AVG for mail scanning and such just because there are MS Windows machines on my networks.

What you need to worry about though is worms and crackers. There are known exploits for certain services like FTP and such that you must assume will hit you at some time. That is why it is best to put up a good firewall and close off all un-neccessary services. If you must run external services like ftp (I don't use it anymore as ssh provides better service for file transfer) then use xinetd as a wrapper for the service. Xinetd has some interesting security features like detecting multiple login attemps within a specified time and will temporarily cut off the service, thus frustrating any cracking attempts.

So bottom line is minimize remote services and consider wrapping them with ssh and certainly Xinetd.

PS... glad you like Linux... you won't be disappointed with your switch! ;)

I use antivirus only to insure I don't send viri to others...
Clamav, F-Prot and Bitdefender all are free linux versions the last time I checked..
I use CLamav but rarely use it unless I suspect something...I have received 3 viri in email but they could do nothing to my FC2 ...and I simply deleted them...

BUT if we are using our system with all(WWW,FTP,SSH and TELNET) services or ports turned on then, IS there any possibility of hacking IF yes then what measures should we take to prevent it, then which firewall should be most compatible with FC2 and should be more effective?

If you have all those services turned on then YES there is a very distinct possibility of compromise by crackers. Probably not anything with viruses though.

My first recomendation is to TURN OFF TELNET! Telnet is really showing it's age. Use SSH instead. It's encrypted and much more secure than TELNET. If you must turn on TELNET then make sure you run it as an xinet service.

Make sure you are running a firewall, Fedora comes with iptables which is excellent. But a firewall is not a panecea. Use an intrusion detection system such as SNORT to monitor what sorts of activities are happening on your open ports. You will be shocked at how much nasty traffice you will see. FTP and TELNET are notorious for being cracked if you don't keep up with updates. Turn those services off unless you absolutely must use them. Again consider SSH for your FTP and TELNET needs.

The main thing is to keep up with your updates!

Telnet is neither installed nor turned on by default anymore. I like that!

This is all very intersting, however can someone tell me just what services I need to run on my system (Fedora Core 2). All I need is emaill and internet use.
The different types of services talked about here has confused me somewhat.
Thanks.

Use an intrusion detection system such as SNORT to monitor what sorts of activities are happening on your open ports. You will be shocked at how much nasty traffice you will see. FTP and TELNET are notorious for being cracked if you don't keep up with updates.




please tell me how to install SNORT? which website has it's download?

do I have to type yum install snort to install it or is there some other way?

I've been using Linux for about four years now. No virus problems here.
So, I'd say that at this time, don't worry about anti-virus software.

However, I'd be interested in seeing if Linux becomes more of a target
as its popularity grows.

As long as there is a car in your neighborhood, parked on the street with the windows rolled down and the keys in the ignition... you're pretty much guarranteed that is the car that will be broken into.

So the way I figure it...

As long as there is one Windows computer out there... I think were pretty much safe.

As long as we all keep our windows and doors locked! :D

As long as there is a car in your neighborhood, parked on the street with the windows rolled down and the keys in the ignition... you're pretty much guarranteed that is the car that will be broken into.

So the way I figure it...

As long as there is one Windows computer out there... I think were pretty much safe.

As long as we all keep our windows and doors locked! :D


by box is windows free..........:D

by box is windows free
My house is Windows free. Although I do have plenty of windows - all closed right now because of the heat...

My house is windows free zone. They use windows boxes for joy rides that causes the rest of us excess traffic and we have to pay the police to catch them.

kick bill out your house! kill microsoft.

kick bill out your house! kill microsoft.

dont we all....but we all started somewhere

again, that very interesting...why is it that no one starts on linux. they either are an ex-unix, ex-win, or and ex-mac user. do native linux users exists?

i have to say that in some school not locate in america the native system is linux....this applies to country not having all the resources like we do here....

like we say ONLY IN AMERICA ;)

so does that mean if you have resources you don't know how to use them, and those that have not what they need tend to know how to use what they have better.

exactly that is how it is.....

Snort's here (http://www.snort.org/dl/binaries/linux/). I recommend getting the src rpm then running rpmbuild --rebuild snort*src* on it. Then install the rpm it puts in /usr/src/redhat/RPMS/i386. This way compiles it for you yet you have an rpm.

even though www.grisoft.com has a virus program for linux i never heard anyone on any other forum about using virus software....

Lots of other free antivirus solutions out there. For example,
clamav - completely free
f-prot - free for personal use
mc-afee, Kaspersky - commercial

Antivirus solutions are regularly used on linux fileservers that serve windows clients... and on e-mail servers .... these being the commonest two scenarios that I can think of.

yes i knew about those already i was just using grisoft.com because that is the version i use in my xp part....because its free.