Linux and Antivirus software

[Duneatreides]

Does Linux (any distro) need antivirus software? How about anti spyware, adware, malware ? I have been thinking about switching to Linux, and I am interested in SuSE 9.2 Pro. What are some opinions of SuSE?

[MrX]

beos has none of the above.

Mr X

[Orethrius]

Does Linux (any distro) need antivirus software? How about anti spyware, adware, malware ? I have been thinking about switching to Linux, and I am interested in SuSE 9.2 Pro. What are some opinions of SuSE?

This is quite a tricky question.  No, at the current time, Linux is not in HUGE need of anti-malware programs.  It has not enjoyed the publicity of Windows - and, as such, is compromised much less frequently.  On the other hand, it can never hurt to be prepared for the eventuality that somebody DOES exploit a root hole before it gets patched (which is also why it pays to stay up-to-date).

Linux has a few key programs available to help with this.  You can use cron (included with most distros) to schedule a chkrootkit job on your system, and it may pay-off to scan higher-profile systems with BitDefender Linux for virii once every week or sooner.

In reply to the last question, SuSE is a decent distribution, but hardly the absolute best.  That honour lies either with one of the BSDs or Debian, but nobody has decided for sure yet.  As far as I'm concerned, each user has to pick the distro that's right for them.  I have found satisfaction running Slack 10 with a Fluxbox frontend, others have found Fedora Core 3 - some of the RedHat users having elected to stay with the stable RedHat 9 - a straightforward system, and still others have switched to BSD, Be, and other alternative OSes.  The choice is yours.

Oh, and X, the lack of malware detection for an OS does not - and should not - indicate the lack of presence of malware for that system.  Just so you're awake when the next Sasser blasts Linux, Be, and Amiga too.  

[tux4me]

I am new to linux and could you explain how it is that linux does not get infected with spyware? out of habit being a windows user I am naturally paranoid while surfing the web even on linux windows can pick up several pieces of spyware just from one web surfing session and some are very hard to remove if not impossible this even happens when using a firefox browser so why does this not happen with linux????Is this the difference in the file system or with the firewall????

[Kintaro]

For a program to become executable on Linux, YOU have to make it that way. Windows however uses fileextensions like .exe .scr .com and others.

If your worried about cookies and junk you can set up a squid proxy with adzapper.

[Calum]

basically, under windows, the users have authorisation to run programs by default, that have access to system files. also add to this the effect of things like outlook hiding file extensions and executing attachments by default, and someone can send you a file called something like britneystits.jpg.exe and not only will it look like a picture file to you in outlook, but outlook will notice that it is an exe and will run it without even asking you. so because you have access to all the system fiif this exe wants to mess them up, yhave given it permission to simply by reading your email.

suffice it to say that none of this happens with a linux system, because outlook isn't available for it, but more importantly because a user only has access to their own $HOME (this is called "My Documents" in mswindows) so if they try and run an executable file, firstly they know they are doing it, and secondly they can't change any system files, because linux's filesystems fully support permissioning (unlike windows's filesystems)

the main problem i see with this model is that you need to change to the superuser to install stuff, like rpm files or installable binaries for things like realplayer and java virtual machine. of course the superuser (i think called "Administrator" in mswindows) does have access to those system files, and this of course *could* create problems if the packages were malicious. This sort of thing has been more or less quashed by things like GPG signatures, verifying the source of the file, and also various switches for package managers like rpm, installpkg and so on, which allow you to see what changes will be made before you install. This is one benefit of having a specified package format, where a package to be installed is run by a seperate program, unlike under windows, where the package itself is runnable, and is not visibly installed by an installer program, and so there are no commands which can be used to determine whether the install will mess up your PC or not.

answer your question?

[tux4me]

Thank You for clearing that up for me.Yes it is true windows does run everything as administrator by default.I have now switched 3 of my machines over to linux because I am tired of having to worry about this.I even got my daughter interested in using linux.I am running suse linux right now.Is there any distro that is better than than another for security?

[muzzy]

suffice it to say that none of this happens with a linux system, because outlook isn't available for it, but more importantly because a user only has access to their own $HOME (this is called "My Documents" in mswindows) so if they try and run an executable file, firstly they know they are doing it, and secondly they can't change any system files, because linux's filesystems fully support permissioning (unlike windows's filesystems)

FUD FUD FUD! NTFS supports ACLs, it's just the default windows configuration that's to blame. It can be configured to be pretty good, but most users aren't aware of this. Also, many apps expect the permissions to be fucked up, and won't work if they aren't...

I recall there was also a case with some mail app on linux that would run executable by merely doubleclicking the attachment. I definitely remember there was a big fuzz about it once. Luckily people knew what a bad idea it was since outlook had demonstrated it earlier.

This is one benefit of having a specified package format, where a package to be installed is run by a seperate program, unlike under windows, where the package itself is runnable, and is not visibly installed by an installer program, and so there are no commands which can be used to determine whether the install will mess up your PC or not.

Ever heard of MSI? It's the microsoft's installer system, and it comes with a happy happy package system. Many developers just don't use it, although they damn well should. If microsoft allowed for third party distributions of windows, I'm sure someone would set up a system similar to apt for downloading and verifying of windows packages.

What comes to messing the PC, most users don't have the ability to determine what's safe and what's not, and frankly most of them aren't interested in learning the necessary skills for that. Apps can still screw user's own stuff, even if the rest of the system stays protected. Don't you guys do anything with your computers or why aren't your own files the most valuable part of your personal systems?

[Aloone_Jonez]

I agree, if Windows fucks up I can just reinstall it and get my files back, as long as my works not gone I don't realy care so what I have to spend a couple of hours installing software, big wow!

[Kintaro]

Ahem, as I said, SELinux, every daemon running public on any of my systems are not running as root, I dont use sendmail I use postfix and QMAIL, all your retarded arguements are redundant, we fucking get it dude. You Can Make Windows Secure.

So why do you come to an Anti Microsoft forum to talk Pro Microsoft? There is no logic in that, you keep repeating yourself, with redundant things.

Linux is nothing, its just a fucking kernel, and how people choose to set that up: there are also different ways you can set Linux up, that is just as, and often a lot more secure then a Windows set up. We get it mate, we can set operating systems up differently. I still choose to use Linux and hate Microsoft because of all the unexplainable troubles it has caused me. I hate proprietary software in general.

[Kintaro]

Oh and earth to fag0ts, here is an GPL Virus Scanner.

http://www.clamav.net/

[Refalm]

This is a closed source anti-virus scanner for Linux.

AntiVir

[Aloone_Jonez]

By the way what's the chance of you loosing your work because a virus fucks the OS up whether it be Windows or Linux?

As I said earlier, fuck the OS it's my work I want to save. My time is more important than the OS or the computer I work on - it can't be bought back.

[muzzy]

So why do you come to an Anti Microsoft forum to talk Pro Microsoft? There is no logic in that, you keep repeating yourself, with redundant things.

Well, since you probably reduce everything what I say to "Pro Microsoft", it might seem repetitive. By same logic I could reduce everything you guys say to "Anti Microsoft", and it'd seem quite repetitive as well

Linux is nothing, its just a fucking kernel

Yet, people compare it to a complete Windows installation. If Linux kernel were to be compared to Windows NT Native kernel (i.e. the thing below the win32 executive subsystem), you'd notice windows kernel isn't that bad at all.

there are also different ways you can set Linux up, that is just as, and often a lot more secure then a Windows set up.

Unfortunately true. A lot of windows users don't know enough about the system to set it up properly, and since the config is braindead by default, the system will suck unless the user knows what to do.

I hate proprietary software in general.

A lot of time I hate proprietary software, too. I tried to ask Khaled to implement a feature in mirc I wanted and which really wouldn't been such a big thing (ability to remove icons from switchbar buttons). Well, he didn't want to, and didn't give me permission to do it myself. Why the heck not? I'm not supposed to do such changes to software I have paid for? According to EU intellectual property laws, however, fixing bugs yourself is ok. So, I just decide everything I don't like is a bug, and patch away. Can't wait to get sued someday for doing it.

[Kintaro]

Yes well, muzzy.net is powered by the following... (well the host it redirects to)

Starting nmap 3.70 ( http://www.insecure.org/nmap/ ) at 2005-03-17 17:59 EST
Insufficient responses for TCP sequencing (0), OS detection may be less accurate
Interesting ports on sbz-2.cs.helsinki.fi (128.214.9.64):
(The 1656 ports scanned but not shown below are in state: filtered)
PORT     STATE  SERVICE
21/tcp   open   ftp
80/tcp   open   http
443/tcp  open   https
8080/tcp closed http-proxy
Device type: general purpose|media device|broadband router
Running: Linux 2.4.X, Pace embedded, Panasonic embedded
OS details: Linux 2.4.6 - 2.4.21, Linux 2.4.19 - 2.4.20, Linux 2.4.21 (x86), Pace digital cable TV receiver, Panasonic IP Technology Broadband Networking Gateway, KX-HGW200

Nmap run completed -- 1 IP address (1 host up) scanned in 365.283 seconds