dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 10:16 am

especially for Pi 4 which turns out to be more and more approaching a Linux consumer-PC versatility:

what about anti-Virus and anti-Malware software for the Pi?

fruitoftheloom
Posts: 20493
Joined: Tue Mar 25, 2014 12:40 pm
Location: Delightful Dorset

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 10:32 am

dsyleixa123 wrote:
Wed Jun 26, 2019 10:16 am
especially for Pi 4 which turns out to be more and more approaching a Linux consumer-PC versatility:

what about anti-Virus and anti-Malware software for the Pi?

Not needed, there are very few exploits which can effect Debian ARMHF based Linux Distros....

....though CLi ClamAV is in the repositories:

https://packages.debian.org/buster/clamav

...ClamAV has a GUI front end ClamTK:

https://packages.debian.org/buster/clamtk
Retired disgracefully.....

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 10:38 am

thanks, but so what do you want to express - not needed at all, or what do you mean by mentioning CLi ClamAV a/o ClamTK?

fruitoftheloom
Posts: 20493
Joined: Tue Mar 25, 2014 12:40 pm
Location: Delightful Dorset

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 11:05 am

dsyleixa123 wrote:
Wed Jun 26, 2019 10:38 am
thanks, but so what do you want to express - not needed at all, or what do you mean by mentioning CLi ClamAV a/o ClamTK?

I have used Linux for over a decade and have never felt the need for Anti-Virus or Anti-Malware software, even when for a short time had a OSX Mac Mini.


Though I gave the option of ClamAV as many users coming from Windows are conditioned to run such software.
Retired disgracefully.....

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 11:18 am

the number of Linux users are increasing and so I have the suspicion that Linux PCs are becoming more and more a target for malware too, especially also to the Pi, don't you think?

Heater
Posts: 13119
Joined: Tue Jul 17, 2012 3:02 pm

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 11:33 am

What a strange question. Do you know of even one virus or piece of malware that has been a problem in the more than two decade history of Linux? What would this anti-virus and malware software look for?

Personally I think existing anti-virus offerings are a band-aid patch to a problem cause by the operating system that the host on.

As far as I can tell, existing malware detection programs that run on Linux are looking for exploits in Windows code that is passing through Linux systems.

I'm not going to say that Linux systems are immune to such malware or that it won't become a problem if Linux usage exapnds greatly. But just now I don't see the point. And even if such a problem occurs the fix is not traditional anti-virus software.

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 11:47 am

Heater wrote:
Wed Jun 26, 2019 11:33 am
What a strange question. Do you know of even one virus or piece of malware that has been a problem in the more than two decade history of Linux? What would this anti-virus and malware software look for?

Personally I think existing anti-virus offerings are a band-aid patch to a problem cause by the operating system that the host on.

As far as I can tell, existing malware detection programs that run on Linux are looking for exploits in Windows code that is passing through Linux systems.

I'm not going to say that Linux systems are immune to such malware or that it won't become a problem if Linux usage exapnds greatly. But just now I don't see the point. And even if such a problem occurs the fix is not traditional anti-virus software.
as to Linux-virus and MW safety and about "you felt no need": Is your statement wishful thinking or beautiful talk or certainty? 8)

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 23393
Joined: Sat Jul 30, 2011 7:41 pm

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 11:52 am

Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
"My grief counseller just died, luckily, he was so good, I didn't care."

Heater
Posts: 13119
Joined: Tue Jul 17, 2012 3:02 pm

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 11:56 am

dsyleixa123,
as to Linux-virus and MW safety: Is your statement wishful thinking or beautiful talk or certainty? 8)
It's a statement born out of using Linux almost exclusively since 1997. All the while keeping an eye on secrity news and alerts. In all that time I don't recal any malware becoming a problem on Linux.

I was asking you if you did know of any that I may have forgotten.

I suspect you are right though. In the future we might see a huge population of new Linux users blindly downloading binary executables from God know where, installing them from Snap packages or whatever, and thus inviting all kind of mayhem into their machines.

User avatar
rpdom
Posts: 15022
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 12:23 pm

The main risk on the Pi is not viruses, it is still people not changing the default password before exposing their Pi to the internet via ssh.

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 12:55 pm

rpdom wrote:
Wed Jun 26, 2019 12:23 pm
The main risk on the Pi is not viruses, it is still people not changing the default password before exposing their Pi to the internet via ssh.
and if they do, what is the risk, and how to fix that? (BTW, just to mention: just about some days ago I read about even a NASA network being hacked through a Raspberry Pi client).
But I agree about Linux noobs ( tbh, I am one too), downloading and expanding/installing files which are supposed to be safe, but actually are not... :-/
so how to fix that, too?

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 1:09 pm

jamesh wrote:
Wed Jun 26, 2019 11:52 am
https://en.wikipedia.org/wiki/Linux_malware
https://www.techadvisor.co.uk/feature/l ... s-3678945/

Lots of stuff at the end of a Google search.
yes as to
'Whatever the reason, Linux viruses are so rare that you don’t really need to worry about them at the moment.'
I actualy double that, as stated above:
don’t really need to worry about them at the moment
but when will this moment vanish? Perhaps/probably in a future which one will call "near"?

dickon
Posts: 386
Joined: Sun Dec 09, 2012 3:54 pm
Location: Home, just outside Reading

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 1:22 pm

The basic architecture renders Unix viruses difficult to engineer, and very difficult to do any significant damage. If you're sensible, take regular backups, and snapshot your filesystems on an hourly basis or so, you're more or less immune.

Mac OS X, which is another Unix-based OS, has far more desktop users, and virtually zero malware issues. Just don't worry about it, stay on top of your patches, and relax.

User avatar
rpdom
Posts: 15022
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 1:34 pm

dsyleixa123 wrote:
Wed Jun 26, 2019 12:55 pm
rpdom wrote:
Wed Jun 26, 2019 12:23 pm
The main risk on the Pi is not viruses, it is still people not changing the default password before exposing their Pi to the internet via ssh.
and if they do, what is the risk, and how to fix that? (BTW, just to mention: just about some days ago I read about even a NASA network being hacked through a Raspberry Pi client).
The risk is that someone or somebot will remotely log into the Pi as the default "pi" user, then use sudo to install all sorts of nasty software and put steps in place to attempt to prevent it being removed.

The way to prevent it, if you really must, or don't have a choice, expose your Pi directly to the internet, is to change the "pi" password to something obscure before enabling SSH. There are already warnings about this in place, but it still happens.

The "fix" for if it does happen is to turn off the Pi, remove the SD card and install a new copy of Raspbian on it. If you are really experienced in Linux you may be able to fix the changed files and get the system back as it should be, but tracking down what has been changed can be tricky.

It can take a matter of minutes from connecting your Pi to the internet with port forwarding on your router before some attacks are attempted. I see them all the time on my Pi server and also a couple of x86 VPS I run. Here's an example on one of the x86 servers.

Code: Select all

Jun 24 06:44:35 web sshd[23781]: Invalid user pi from 212.83.183.155 port 27981
Jun 24 06:44:35 web sshd[23781]: input_userauth_request: invalid user pi [preauth]

dickon
Posts: 386
Joined: Sun Dec 09, 2012 3:54 pm
Location: Home, just outside Reading

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 1:40 pm

It's probably worth installing the likes of rkhunter on an x86, and definitely worthwhile installing fail2ban or similar; rkhunter checks that system binaries haven't been changed, and fail2ban monitors logfiles for failed login attempts, then adds the offending IP addresses to an iptables blocklist for a while.

User avatar
Yukon Cornelius
Posts: 20
Joined: Tue Jul 03, 2018 7:24 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 1:55 pm

rpdom wrote:
Wed Jun 26, 2019 12:23 pm
The main risk on the Pi is not viruses, it is still people not changing the default password before exposing their Pi to the internet via ssh.
Agreed !

And as an extra step , I recommend getting off the default port as well ;
it makes remote connection a lot more secure .... SSH , VNC etc .

I avoid the commonly used ones .... eg 8080
But if I remember right , there's 64,000 to choose from .... :mrgreen:
Running Fail2Ban before and after changing will show the benefit .

As to folks wondering about malware affecting GNU/Linux systems , it's mainly due to misunderstandings
about fundamental differences in the way the OS works , compared to that "other" system .
And most people using Windows machines are completely unaware that the web-pages they are on
have been delivered to them by Linux servers !

So using anti-malware software on the server-side makes some sense , but on the client-side
it will just throw false positives at you.
( eg. see what happens if you run ClamAV on a system that has WINE installed ) .

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 23393
Joined: Sat Jul 30, 2011 7:41 pm

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 2:09 pm

There is some basic security advice here

https://www.raspberrypi.org/documentati ... ecurity.md
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
"My grief counseller just died, luckily, he was so good, I didn't care."

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 2:11 pm

@Yukon Cornelius:
I don't know what other people do, I personally don't ever use ssh or vnc.
My concerns are more about spywares/malwares than about locking my OS, and that they might be spread by viruses in downloaded files or in email attachements or whatever if now the number of Linux PCs will increase, e.g. even by Pi4 and many others additionally as common Linux consumer PCs.

@jamesh:
setting and changing all the passwords anew is really cumbersome... :?
and then looking at all those tons of console command lines.... :shock: :o :?

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 23393
Joined: Sat Jul 30, 2011 7:41 pm

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 2:29 pm

dsyleixa123 wrote:
Wed Jun 26, 2019 2:11 pm
@Yukon Cornelius:
I don't know what other people do, I personally don't ever use ssh or vnc.
My concerns are more about spywares/malwares than about locking my OS, and that they might be spread by viruses in downloaded files or in email attachements or whatever if now the number of Linux PCs will increase, e.g. even by Pi4 and many others additionally as common Linux consumer PCs.

@jamesh:
setting and changing all the passwords anew is really cumbersome... :?
and then looking at all those tons of console command lines.... :shock: :o :?
So you are not willing to spend 2 minutes changing passwords? Can you really be that concerned about security if you are not willing to spend any time on it? Being secure takes effort. It's less effort on Linux than Windows but still requires work.
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
"My grief counseller just died, luckily, he was so good, I didn't care."

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 3:20 pm

So you are not willing to spend 2 minutes changing passwords? Can you really be that concerned about security if you are not willing to spend any time on it? Being secure takes effort. It's less effort on Linux than Windows but still requires work.
apart from what I'll do or not - because it's so cumbersome I actually doubt that the vast majority of all other consumers would take those efforts too :?

jamesh
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 23393
Joined: Sat Jul 30, 2011 7:41 pm

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 3:43 pm

dsyleixa123 wrote:
Wed Jun 26, 2019 3:20 pm
So you are not willing to spend 2 minutes changing passwords? Can you really be that concerned about security if you are not willing to spend any time on it? Being secure takes effort. It's less effort on Linux than Windows but still requires work.
apart from what I'll do or not - because it's so cumbersome I actually doubt that the vast majority of all other consumers would take those efforts too :?
So...changing the password, which is a one line command line effort, is too cumbersome?

Run terminal, type passwd, enter new password, enter it again to make sure you typed it in right, Done.

Removing users and creating new one is not as simple, but still pretty easy.
Principal Software Engineer at Raspberry Pi (Trading) Ltd.
Contrary to popular belief, humorous signatures are allowed. Here's an example...
"My grief counseller just died, luckily, he was so good, I didn't care."

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 4:32 pm

the site you linked to doess not just suggest to change the user pwd but many awkward and weird things too.
But IIUC, so you say that just changing the user password will prevent from viruses, malware, and spyware completely and no antivir program will be necessary ever?
ok, if so, I'll do and stay curious ;)

gkaiseril
Posts: 637
Joined: Mon Aug 08, 2016 9:27 pm
Location: Chicago, IL

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 4:51 pm

You may also disable the root user.

Also using a non-sudo user is a good idea. But you have another user for administrative purposes
f u cn rd ths, u cn gt a gd jb n cmptr prgrmmng.

User avatar
rpdom
Posts: 15022
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 4:55 pm

dsyleixa123 wrote:
Wed Jun 26, 2019 4:32 pm
the site you linked to doess not just suggest to change the user pwd but many awkward and weird things too.
But IIUC, so you say that just changing the user password will prevent from viruses, malware, and spyware completely and no antivir program will be necessary ever?
ok, if so, I'll do and stay curious ;)
Changing the password will reduce the risk of your Pi getting taken over by more than 99%.

The risk of the user downloading something dodgy and installing it is ... up to the user.

dsyleixa123
Posts: 344
Joined: Mon Jun 11, 2018 11:22 am

Re: anti-Virus and anti-Malware software for the Pi?

Wed Jun 26, 2019 5:05 pm

rpdom wrote:
Wed Jun 26, 2019 4:55 pm
The risk of the user downloading something dodgy and installing it is ... up to the user.
but exactly that is the point!
On my PC using Avira Antivirus that caught and isolated infected files dozens of times, even from sources which seem reliable (e.g., the last couple of times files for game ROMs for my retropie!)
Same it's about looking at email attachments!

Return to “General discussion”