Linux Antivirus with real time protection + automatic update !

[User808]

Hi. I post this as independent thread after I recognized that many disappointed about clamav due to it's leak for real time protection.

Look fot this excellent program (LMD: Linux Malware Detect):

https://www.rfxn.com/projects/linux-malware-detect/

It is portable program with every thing you imagine about Internet security tool, being with real time protections features like in windows Internet security suites.

However, it leak GUI.

[User808]

Here is brief notes on how to use it:

http://www.tecmint.com/install-linux...os-and-fedora/

[flyingdutchman]

Snake oil?

Here is my virus scanner. I'm sure it works just as well that other one:
#! /bin/bash
echo "Scanning..."
sleep 1
echo "Thinking..."
sleep 3
echo "Deep inspection..."
sleep 5
echo "Checking..."
sleep 2
echo "Wait for it..."
sleep 1
echo "Drum roll..."
echo 1
echo "Zero viruses found!"
exit 0

[SomeDamFool]

I've used Linux since 2001 and exclusively since 2006, and I've never had a virus, trojan, or malware of any kind. Not even one. Ever. Not saying it couldn't happen, and I run clam av monthly, but it still never finds anything. If it does this forum will be the first to know.

[flyingdutchman]

Yup - the important thing is to only install packages from the repos, set SELinux to enforcing if you run a server and use looong passwords.

On almost every infected UNIX machine I ever had to fix, the inexperienced operator used a kewl four character password.

[jpenguin]

An OS is only as secure as the user, but Linux is way more secure than windows by default

Sent from my SM-G930R4 using Tapatalk

[lsatenstein]

I install a Fedora Remix on my system. I do that for reasons of laziness. (The Remix comes with a good choice of software from rpmfusion, and some non-opensource software). Included is clamav.

Here is what I believe. Fedora with Selinux enabled is a great anti-virus for Linux. As a reminder. Selinux is a "rights" manager. (does software xxx have the right to do yyy).

Because I receive around 120 emails (jokes from friends and blog messages), I have clamav installed. Clamav's role is to work with Linux's sendmail (which I do not use), to insure that a virus I might receive, is not forwarded. I use gmail, yahoo, and another obscure webmail system, I do not store emails on my Fedora system. Thanks to Linux, the Windows viruses fail fo do harm within Fedora because of rwx-rwx-rwx settings and because of Selinux.

Microsoft and Firefox are both reporting that the prominant anti-virus programs are interfering with Windows10 and Firefox's ability to work efficiently, better manage memory and virus's. They both state that if you are on Windows 10, only rely on Defender.

So, if you use a webmail system for emails, you are adequately protected. To protect your friends who know nothing of the benefits of Fedora, clamav will try to prevent their potential loss.

[bobx001]

As long as linux remains open source, which means PEER REVIEW , we have little to worry about.

The worry starts when we suddenly get a bunch of proprietary programs that cannot be vetted. That's when the Viruses will start.

[adventurer]

Here is what I believe. Fedora with Selinux enabled is a great anti-virus for Linux.

Leslie, I doubt that a bit. Yes, SELinux protects most system processes very well but it doesn't confine most applications.

For example, Firefox is not confined by SELinux in Fedora (but it is in Gentoo - so it's not a SELinux limitation but a design decision by the Fedora developers who are afraid this would break too much for many users). Hence, if malware is able to break out of Firefox it could probably not seriously harm your system (unless it could successfully gain root rights) but it could, e.g., delete/manipulate your data on your home partition. This also applies to most other user applications like LibreOffice, PDF viewers, image viewers, multimedia applications ... which aren't confined by SELinux, either.

So what I do and strongly suggest: Use Firejail to sandbox those applications. It provides a strong sandbox (based on namespaces and seccomp-bpf), is relatively easy to use and comes with ready-to-use profiles for many applications which usually work out of the box.

After its installation I recommend to execute

sudo firecfg

which creates symlinks in /usr/local/bin for all applications for which profiles are available (symlink invocation). The next time you start them they will be sandboxed by Firejail. You can also create new profiles or modify existing ones in ~/.config/firejail which take precedence over the ones in /etc/firejail.

I hasten to add that I don't think that Linux desktop users are particularly endangered species. Nevertheless, recent examples demonstrate that the Linux desktop is not as secure as it should/could be. Firejail is an easy and effective way to improve that situation.

[lsatenstein]

Leslie, I doubt that a bit. Yes, SELinux protects most system processes very well but it doesn't confine most applications.

For example, Firefox is not confined by SELinux in Fedora (but it is in Gentoo - so it's not a SELinux limitation but a design decision by the Fedora developers who are afraid this would break too much for many users). Hence, if malware is able to break out of Firefox it could probably not seriously harm your system (unless it could successfully gain root rights) but it could, e.g., delete/manipulate your data on your home partition. This also applies to most other user applications like LibreOffice, PDF viewers, image viewers, multimedia applications ... which aren't confined by SELinux, either.

So what I do and strongly suggest: Use Firejail to sandbox those applications. It provides a strong sandbox (based on namespaces and seccomp-bpf), is relatively easy to use and comes with ready-to-use profiles for many applications which usually work out of the box.

After its installation I recommend to execute

sudo firecfg

which creates symlinks in /usr/local/bin for all applications for which profiles are available (symlink invocation). The next time you start them they will be sandboxed by Firejail. You can also create new profiles or modify existing ones in ~/.config/firejail which take precedence over the ones in /etc/firejail.

I hasten to add that I don't think that Linux desktop users are particularly endangered species. Nevertheless, recent examples demonstrate that the Linux desktop is not as secure as it should/could be. Firejail is an easy and effective way to improve that situation.

Good recommendation. I was unaware of firejail and am looking at it in the second tab while I browse.
Thank you

[adventurer]

Good recommendation. I was unaware of firejail and am looking at it in the second tab while I browse.
Thank you

You're welcome I've been using Firejail for about one and a half years or so for many applications and am very happy with it. I think it makes the Linux desktop much more secure.

[End-User]

The only thing worse than finding a worm in your apple is finding half of a worm

[srakitnican]

Snake oil?

Here is my virus scanner. I'm sure it works just as well that other one:
#! /bin/bash
echo "Scanning..."
sleep 1
echo "Thinking..."
sleep 3
echo "Deep inspection..."
sleep 5
echo "Checking..."
sleep 2
echo "Wait for it..."
sleep 1
echo "Drum roll..."
echo 1
echo "Zero viruses found!"
exit 0

I have an improvement for your scanner!
echo "$(( ( RANDOM % 10 ) + 1 )) viruses found, fixing..."
sleep 1
echo "All good!"

[antikythera]

The only thing worse than finding a worm in your apple is finding half of a worm

they taste like chicken though and are a source of protein...