fordprefect
Posts: 3
Joined: Sat May 26, 2012 11:01 am

Antivirus - Yay or Nae?

Mon Jul 02, 2012 8:48 pm

Just wondered what everybody happened to think of running antivirus software on Linux, I've been an avid fan of Ubuntu for years and have only really bothered with Clam in order to scan files that I happened to be sharing with Windows users but was thinking of late about using one of the free pieces of antivirus software that also happens to be available for Windows, such as AVG or Avast, is such a measure needed these days when running Linux or am I being paranoid?

Cheers.

Nr90
Posts: 216
Joined: Sat Nov 26, 2011 12:39 pm

Re: Antivirus - Yay or Nae?

Tue Jul 03, 2012 11:01 am

There's only very little viruses for Linux in general, for ARM they are pretty much nonexistent.
I wouldn't use one.

User avatar
abishur
Posts: 4477
Joined: Thu Jul 28, 2011 4:10 am
Location: USA
Contact: Website

Re: Antivirus - Yay or Nae?

Tue Jul 03, 2012 4:00 pm

The only reason I *might* put anti-virus on there is if you're going to have your pi act as a file server to PCs running Windows
Dear forum: Play nice ;-)

User avatar
extravagoose
Posts: 59
Joined: Tue May 29, 2012 2:51 pm
Location: UK
Contact: Website

Re: Antivirus - Yay or Nae?

Fri Jul 06, 2012 10:49 pm

abishur wrote:The only reason I *might* put anti-virus on there is if you're going to have your pi act as a file server to PCs running Windows
:oops:

But then I suppose one could include the samba shares in a windows scan?
RPi 1: Hostname: Gimli, 500Gb USB HDD, ArchLinux | ARM.
Main Use: Bit of everything - but mainly web server, Network Storage and C programming.

RPi 2: Hostname tba, awaiting delivery.

User avatar
abishur
Posts: 4477
Joined: Thu Jul 28, 2011 4:10 am
Location: USA
Contact: Website

Re: Antivirus - Yay or Nae?

Fri Jul 06, 2012 11:59 pm

extravagoose wrote:
abishur wrote:The only reason I *might* put anti-virus on there is if you're going to have your pi act as a file server to PCs running Windows
:oops:

But then I suppose one could include the samba shares in a windows scan?
Indeed they could, I tend to trust a linux virus scan to identify and successfully remove viruses off a shared drive (and do it for a fraction of the processing power) than I do a windows machine. It's probably worth noting that I use my pi to act as a file server for windows PCs and I don't have virus protection on it. I'm just talking about the one scenario where I would imagine putting an anti-virus scanner on my pi ;-)
Dear forum: Play nice ;-)

User avatar
reiuyi
Posts: 165
Joined: Sun Oct 09, 2011 4:59 pm
Contact: Website

Re: Antivirus - Yay or Nae?

Mon Jul 09, 2012 2:08 pm

Where does one acquire viruses anyway?

I've never seen any at all. For all I know they might be a myth invented by anti-virus companies, anti-filesharing governmental branches and porno websites.

Do you really need to willingly open up an exe file from unknown obscure sources to acquire a virus? It is not like your computer can do anything on its own if you keep it updated.

User avatar
abishur
Posts: 4477
Joined: Thu Jul 28, 2011 4:10 am
Location: USA
Contact: Website

Re: Antivirus - Yay or Nae?

Mon Jul 09, 2012 2:11 pm

Actually, viruses aren't found only in exe files any more. You'd be amazed at what get's stuffed into pictures (particularly advertisements) on websites these days. It's entirely possible to get a virus by going to a "safe" website only to get a virus because the ad on that site was infected with a virus. Though is should be noted for the context of this thread, they tend to be of the Windows variety and wouldn't harm a linux box.
Dear forum: Play nice ;-)

HerSo
Posts: 29
Joined: Wed Jan 02, 2013 6:18 am
Location: Spain
Contact: Website

Re: Antivirus - Yay or Nae?

Wed May 07, 2014 2:11 am

Nr90 wrote:There's only very little viruses for Linux in general, for ARM they are pretty much nonexistent.
I wouldn't use one.
I think you're a bit wrong, so that there are no viruses for ARM does not hold, the virus have Android mobiles, Android is based on Ubuntu kernel (and this in turn in debian), viruses are programs that leverage errors in operating systems, although Android has virus turn can deduce that any OS can have them, but where do you think you are the dangers of rooting the mobil? precisely the applications that can get you a Trojan in it and the malware that people program against these, the virus not only belong to Windows, there are for all operating systems, since none of them are perfect, have vulnerabilities , that that linux machine or functional low ARM technology is false, if any whether or not such an enormous and way Windows :)

hunternet93
Posts: 336
Joined: Mon Dec 12, 2011 4:34 pm

Re: Antivirus - Yay or Nae?

Wed May 07, 2014 3:37 am

I've never been hit with a virus, but watch out for bots brute-forcing SSH passwords. A while back, I had an internet-facing server running SSH with a 6-character root password. I got a call one night from my ISP saying that my internet connection had been shut down because the server was sending thousands of spam emails. A bot brute-forced my SSH root password and installed a rootkit, I ended up having to reinstall from scratch.

As long as you use long, complex password, disable root SSH logins (now the default in Debian), and don't run programs from untrusted sources, you should be fine.

User avatar
chrisryall
Posts: 155
Joined: Wed Nov 27, 2013 11:45 am
Location: Wirral UK
Contact: Website

Re: Antivirus - Yay or Nae?

Wed May 07, 2014 9:45 am

A GIF attachment from a trusted (University) source caused me no end of trouble once, and actually replaced every GIF on my PC kit with itself. Hard to see what people get out of writing these things, and I do think exemplary sentences are appropriate as it causes millions of people grief. I'm a lot softer on hacking, provided it is non damaging, non criminal

User avatar
Jessie
Posts: 1754
Joined: Fri Nov 04, 2011 7:40 pm
Location: C/S CO USA

Re: Antivirus - Yay or Nae?

Wed May 07, 2014 5:41 pm

reiuyi wrote:Where does one acquire viruses anyway?

I've never seen any at all. For all I know they might be a myth invented by anti-virus companies, anti-filesharing governmental branches and porno websites.

Do you really need to willingly open up an exe file from unknown obscure sources to acquire a virus? It is not like your computer can do anything on its own if you keep it updated.
Pornography, 50% of peoples PCs I have fixed got viruses by downloading "free" porno. Trust me it is hard (embarrassing) to tell a friend or family member to knock it off. After I had that discussion with my father-in-law now I just tell them all to pay someone else to fix their computers or that next time they get a virus I'm just formatting and reinstalling.

User avatar
chrisryall
Posts: 155
Joined: Wed Nov 27, 2013 11:45 am
Location: Wirral UK
Contact: Website

Re: Antivirus - Yay or Nae?

Wed May 07, 2014 6:09 pm

.
:? Last anyone should wonder, AFAIR the GIF in question was the Perth University logo

Donnie89
Posts: 2
Joined: Tue Jul 15, 2014 4:05 pm

Re: Antivirus - Yay or Nae?

Tue Jul 15, 2014 4:13 pm

hi i've been using the p.i for a little while now but am still a bit of a novice. I have recently got the net in and my raspberry is going nuts. cant even type simple commands into the terminal, is it possible my raspbien is infected?! And what should i do? antivirus or reinstall raspbien from scratch? Any advice be greatly apprecciated,
many thanks,
Don

User avatar
mahjongg
Forum Moderator
Forum Moderator
Posts: 12339
Joined: Sun Mar 11, 2012 12:19 am
Location: South Holland, The Netherlands

Re: Antivirus - Yay or Nae?

Tue Jul 15, 2014 6:38 pm

Donnie89 wrote:hi i've been using the p.i for a little while now but am still a bit of a novice. I have recently got the net in and my raspberry is going nuts. cant even type simple commands into the terminal, is it possible my raspbien is infected?! And what should i do? antivirus or reinstall raspbien from scratch? Any advice be greatly apprecciated,
many thanks,
Don
Describe "nuts", :!: its far more likely that you managed to damage your raspbian setup yourself, or you have a power problem, than that you are "infected with a virus". The latter is almost impossible!

My advice, format your SD-card (fully, using the approved formatting tool) and install NOOBS on it.
But also check your power supply! On the new model B+ you could simply check if the "POWER OK" LED burns steadily without blinking, but on the model B, (which you have) the best way is to measure the voltage between the two testpoints TP1 and TP2, and make sure it never goes below 4.75V.

hunternet93
Posts: 336
Joined: Mon Dec 12, 2011 4:34 pm

Re: Antivirus - Yay or Nae?

Tue Jul 15, 2014 7:06 pm

Donnie89 wrote:hi i've been using the p.i for a little while now but am still a bit of a novice. I have recently got the net in and my raspberry is going nuts. cant even type simple commands into the terminal, is it possible my raspbien is infected?! And what should i do? antivirus or reinstall raspbien from scratch? Any advice be greatly apprecciated,
many thanks,
Don
A virus nearly impossible, unless you downloaded and installed one intentionally.

Also, please create a new post instead of continuing an old thread, you're more likely to be answered that way.

Donnie89
Posts: 2
Joined: Tue Jul 15, 2014 4:05 pm

Re: Antivirus - Yay or Nae?

Wed Jul 16, 2014 10:29 pm

ok thanx, defo didnt download it so must jst b corupt! thanx 4 advice new 2 dis, will do dat in future. cheers

mimi123
Posts: 583
Joined: Thu Aug 22, 2013 3:32 pm

Re: Antivirus - Yay or Nae?

Fri Jul 25, 2014 1:05 am

An virus or malware on Linux can only be installed by password cracking.

Who wants to install viruses voluntairly?

If there is one, :o .

User avatar
Richard-TX
Posts: 1549
Joined: Tue May 28, 2013 3:24 pm
Location: North Texas

Re: Antivirus - Yay or Nae?

Fri Jul 25, 2014 10:55 am

mimi123 wrote:An virus or malware on Linux can only be installed by password cracking.

Who wants to install viruses voluntairly?

If there is one, :o .
Password cracking isn't the only way to gain root access. An exploit can yield a root shell in a few seconds.. There was a security hole in CUPS some years back. I know of several hundred machines that were compromised (rootkit installed) at that time.
Richard
Doing Unix since 1985.
The 9-25-2013 image of Wheezy can be found at:
http://downloads.raspberrypi.org/raspbian/images/raspbian-2013-09-27/2013-09-25-wheezy-raspbian.zip

dylan87
Posts: 4
Joined: Mon Aug 04, 2014 9:20 am

Re: Antivirus - Yay or Nae?

Thu Aug 14, 2014 8:01 am

I'm using Ubuntu without antivirus software for years and never had any trouble so far. If you look at the market share of Linux http://www.statista.com/statistics/2726 ... ince-2009/ you can ask yourself who really would have an interest in attacking Linux computers. Well, and concerning files from Windows users I don't have any fear that some virus could come onto my computer 8-)

User avatar
florizel
Posts: 6
Joined: Thu Jul 10, 2014 8:46 am
Contact: Website

Re: Antivirus - Yay or Nae?

Fri Aug 15, 2014 9:01 am

Linux users don't have root privileges. What users is typically given is lower level account. Meaning virus cannot do damage in root access. It can only damage local file. So, it is more secure!

seitzdeb987
Posts: 15
Joined: Thu Aug 07, 2014 2:23 am

Re: Antivirus - Yay or Nae?

Fri Aug 15, 2014 10:03 am

How can we detect if there is a virus present in Linux if there is no Antivirus?

gkreidl
Posts: 6114
Joined: Thu Jan 26, 2012 1:07 pm
Location: Germany

Re: Antivirus - Yay or Nae?

Fri Aug 15, 2014 10:52 am

seitzdeb987 wrote:How can we detect if there is a virus present in Linux if there is no Antivirus?
Check the process list (ps -A).

BTW, Raspbian is only secure if you set sudo to require a password. The default setting is really bad.

Most attacks on linux systems aim at PHP packages running on servers.
Minimal Kiosk Browser (kweb)
Slim, fast webkit browser with support for audio+video+playlists+youtube+pdf+download
Optional fullscreen kiosk mode and command interface for embedded applications
Includes omxplayerGUI, an X front end for omxplayer

User avatar
jojopi
Posts: 3085
Joined: Tue Oct 11, 2011 8:38 pm

Re: Antivirus - Yay or Nae?

Fri Aug 15, 2014 11:19 am

gkreidl wrote:BTW, Raspbian is only secure if you set sudo to require a password. The default setting is really bad.
If you allow your user account to be compromised, it is trivial for the malicious code to escalate privilege next time you legitimately use either sudo or su. Requiring a password does not help at all.

In fact, there is no way to tell in advance whether sudo is configured to require a password, or is even configured. Since any failed attempt will be logged and may alert the administrator, it is far more sensible for malware to trap the next legitimate escalation rather than attempt one of its own.
seitzdeb987 wrote:How can we detect if there is a virus present in Linux if there is no Antivirus?
You may need to change your workflow. Do not download and execute random code, hoping that viruses will be detected in time (which is not guaranteed anyway). Get into the habit of installing software only from trustworthy sources.

rafcio
Posts: 1
Joined: Fri Mar 13, 2015 8:30 pm

Re: Antivirus - Yay or Nae?

Fri Mar 13, 2015 8:40 pm

hunternet93 wrote: A virus nearly impossible, unless you downloaded and installed one intentionally.
You are very wrong my friend,
I have a NAS / Linux 2.6.22.7 armv5tejl GNU/Linux
and just where infected with some ugly worm, I noticed by accident seeing wget logs

one of the scripts is as follows :
[script removed by moderator, don't post potentially nefarious scrips please!]

gkreidl
Posts: 6114
Joined: Thu Jan 26, 2012 1:07 pm
Location: Germany

Re: Antivirus - Yay or Nae?

Fri Mar 13, 2015 9:25 pm

rafcio wrote:
hunternet93 wrote: A virus nearly impossible, unless you downloaded and installed one intentionally.
You are very wrong my friend,
I have a NAS / Linux 2.6.22.7 armv5tejl GNU/Linux
and just where infected with some ugly worm, I noticed by accident seeing wget logs

one of the scripts is as follows :
[script removed by moderator, don't post potentially nefarious scrips please!]
And how did you get infected?
Minimal Kiosk Browser (kweb)
Slim, fast webkit browser with support for audio+video+playlists+youtube+pdf+download
Optional fullscreen kiosk mode and command interface for embedded applications
Includes omxplayerGUI, an X front end for omxplayer

Return to “Off topic discussion”