Any antivirus software with f12?

[Hlingler]

Quote:

If there is no known virus, why need to set up a firewall?

Because not all types of exploitation involve viruses: there are plenty of ways to "hack" an unprotected (by firewall) Linux machine.

Quote:

What's the default firewall I should run?

The one that appears by default when you start system-config-firewall.

V

[bob]

Reality check: One of the main reasons is that there's only 1-3% of the desktop computers running linux, so it's not cost-effective for the virus writers to bother with us. Also, the linux users tend to be a bit more tech-savvy then Joe Windows. Then too, our software is 'open source' so the code's available and could be checked for viruses a bit more easily, plus you'd have to give permissions to install anything as root.

All those things mean that virus writers will generally try other OS's (like the 95% who use Windows) before trying to attack linux.

Could it happen? Yes, certainly. Has it happened? Well, in very limited cases, but most attacks are directed against the servers since that's where the biggest bang for the buck is - large corporations.

In short, most of us don't bother with AV software unless we're concerned about forwarding suspect emails to our friends and family who may be using Windows.

[JN4OldSchool]

And don't forget that a virus needs root permission to install and do any damage. That is the reason Linux safeguards root like it does and why Fedora chose to prevent root GUI login, even if that prevention is just superficial. More experienced Linux users know not to run as root already and dislike these training wheels. But newcomers tend to want to log in as root to do everything.

[marlonmin]

All great replies!

Linux seems fascinating!

Thanks!

[Shunyata]

Hey, man - on demand scanning is still useful. I can recommend AntiVir http://www.free-av.de/de/download/download_servers.php - a German product (English language), which is free, easy to install and very secure (cmp. http://www.av-comparatives.org/). The other obvious option would be Bitdefender for Unices (though others exist, e.g. Avast), which demands registration, but is free as well. The comments that viruses for linux are rare are true, but on demand scanning won't hurt. Fedora is an excellent choice however since it's quite secure out of the box (ExecShield + SELinux) and thus prevented critical rootkit threats in the past. iptables, the default Linux firewall is great, but I'd disable SSH if you don't need it and most of the ICMP packets. If you ever need more than that, research shorewall and snort.

Best regards,
Shunyata

[marcrblevins]

I use clamav-milter package which checks for viruses in the e-mail service, basically prevents to spread viruses thru e-mails. Playing it safe for the rig and its users.

[tcpip4000]

Fedora by default has some iptables rules configured (firewall), check them out running:
sudo /etc/init.d/iptables status

I'll suggest you to install an antivirus if you are using a memory or hard disk in ntfs or fat format to translate file to a windows OS, otherwise is not necesary.

[Cuvou]

Here's an amusing story of somebody running a Windows virus on Linux via wine:

http://blog.opensourcenerd.com/i-can-haz-virus

He concludes that Linux is "safe" and he just has to killall wineserver and it's all gone. This isn't /entirely/ true though. The default wine profile maps your My Documents folder to your home directory (among other similar folders, My Pictures to your ~/Pictures folder, etc.) and finally, the Z: drive in Wine is your root directory.

If you ran, say, one of those ransomware viruses which goes through your hard drive and encrypts all your documents and holds the encryption key ransom, it would still be able to encrypt all your user files in /home and ruin your day.

Additionally, some Windows viruses specifically know about Wine, such as the cross-platform virus talked about here: http://www.linux.com/archive/articles/53698 Running the EXE with Wine will still make it search for Linux executables and infect them with the virus payload as well. One more reason not to run wine as root!

[jxxzz]

Quote:

Originally Posted by leigh123linux

Why do you need anti-virus?

Well who's going a scan my email for virus?

[leigh123linux]

Quote:

Originally Posted by jxxzz

Well who's going a scan my email for virus?

Why do you need to scan it for viruses? , 99.9% of viruses are for M$ or Mac.
I have never seen a Linux virus in the wild.

[Adunaic]

Hmmm... There is that one linux virus that messes up things from time to time. Its located between my laptop and chair....

[jpollard]

The firewall is built-in (google for iptables).

As far as disk defragmenting - it really isn't needed. Yes, disks can get fragmented,
but the highest level of fragmentation I've seen in the last 20 years has been about
5%. Since this is lower than the rotation rate (new files, old files deleted, replaced
files...) the fragmentation is below any required defragmentation.

All of the filesystems (except some experimental ones) automatically attempt to
minimize fragmentation. This has reduced the need to defragment to zero.

One reason Linux has so few existing viri is that the buggy code that would
support a virus is fixed before a virus can spread very far. The last virus that
had spread any notable amount was the "Lion" virus - which attacked a bug
in the domain name system. Once the bug was identified (and the virus made
that easy) it was fixed, and the update provided to anyone that wanted it.

This caused the virus to die out rather quickly. Since the bug was fixed, there
is no real reason for a "virus scanner" to look for it, since it can't do anything.
This applies to every Linux virus that has been known - since the bugs get
fixed, there is less reason to have a virus scanner.

The other reason there are so few attacks is that Linux partitions the system
in several ways - first, no applications are designed to require root. Those that
are given root have a specific reason for it - notably those that update system
configuration (passwd entries, network configuration, firewall configuration...)
A non-root user login has no special abilities - all system files are owned by the
root user, and even then, there is an additional protection available: SELinux
(not the only additional method, but it is the strongest).

SELinux has made it possible to remove even roots access to the system files.
This isn't frequently done, but it is possible. In such an environment the root
account is just another login. To be able to manipulate the system you first have
to the identified as a SELinux user. Even then, this "special" user can't do much
to the system directly (the user can disable SELinux - usually, but not always).
This user still doesn't have access to the system files as that still requires root.

The result is requiring multiple passwords before things can get affected.

WINE is not the most secure facility - this is because some windows applications
(notably those that require audio support) require some insecure access to the
hardware. This makes it possible for a windows virus to affect some files, most
notably, the users own files. In a few cases, it has been shown that the audio
vulnerability can be escalated into a root level problem... but then things are still
shielded (to a degree) by SELinux. Certain attributes of the user cannot be altered
so easily - possible, but it would take a custom attack (via wine directly targeting
Linux and not Windows)... Many systems do not grant wine access to this "page 0"
vulnerability.

[forkbomb]

Quote:

Originally Posted by leigh123linux

Why do you need to scan it for viruses? , 99.9% of viruses are for M$ or Mac.
I have never seen a Linux virus in the wild.

So that you don't inadvertently send an infected file to granny who's running Windows 2000 or something. Elitist as it may be, an experienced Linux user kinda has a responsibility to not just start sending all sorts of files that may or may not be infected to naive Windows users. Washing one's hands because one uses Linux is a cop-out.

Even if the security of Alice's operating system is ultimately Alice's responsibility, it'd still be... "not nice" for Bob to send Alice infected files.

Of course, AV is always duct tape even on Windows. The real solution is to not get files from sketchy places - don't download anything from sketchy sites, don't run random files sent to you by people you don't know, don't run every last executable you find on random .ru domains, yadda yadda yadda.

[leigh123linux]

Quote:

Originally Posted by forkbomb

So that you don't inadvertently send an infected file to granny who's running Windows 2000 or something. Elitist as it may be, an experienced Linux user kinda has a responsibility to not just start sending all sorts of files that may or may not be infected to naive Windows users. Washing one's hands because one uses Linux is a cop-out.

Even if the security of Alice's operating system is ultimately Alice's responsibility, it'd still be... "not nice" for Bob to send Alice infected files.

Of course, AV is always duct tape even on Windows. The real solution is to not get files from sketchy places - don't download anything from sketchy sites, don't run random files sent to you by people you don't know, don't run every last executable you find on random .ru domains, yadda yadda yadda.

I don't care about that , if they are dumb enough to use Windows it's their responsibility to make sure they have anti-virus.

[forkbomb]

Sigh. That's a ridiculous attitude. It's always struck me as blissfully anti-social. I always cringe whenever I hear a Linux user - however competent - use that "argument."

The fact that most people still use Windows is not stupidity but in most cases is ignorance. Ignorance is not always reprehensible. Even when the impetus to use Windows isn't ignorance, it's primarily vendor lock-in, inertia, and path dependency. There's a big difference between being stupid and just not not having sufficient reason to switch to an operating system one has never heard of in the first darn place.

Whatever the case may be, the fact that other people don't understand security does not absolve me of my responsibility to not create situations that might work to compromise the security of other people's machines.