linux question

  timerep 10:26 07 Apr 2008

Hi in a moment of madness and frustration with windows vista I am trying out linux primarily on an old toshiba laptop that struggles with xp.Is it true that you dont need anti virus or anti spware with linux? perhaps someone could enlighten me.

  Ditch999 11:52 07 Apr 2008

No that is not true. There are nasties that work on Linux. Make sure any software you load is designed for Linux (and good for you trying it!)

  Miké 12:31 07 Apr 2008

I would install Avast click here and run it occasionally, bearing in mind than Linux can read and write to ntfs partitions (most distributions) as well as fat32.

  ex-wirecutter 16:22 07 Apr 2008

I have just started using Linux myself and asked the
same question , I went on the Ubuntu forum site and the general opinion is that you don't need anti virus
Some say you need a firewall and one is included in the package , but others say even this is not needed.
There is a comment on one of the posts regarding Avast , saying you sometimes have a bit of a problem running it in Linux.

  DieSse 16:37 07 Apr 2008

You'll almost certainly find Clam AV in the repository. Much easier to install a program from the repositories.

The case is you're much less likely to have a virus issue with Linux - but it's not impossible.

  octal 19:01 07 Apr 2008

No you don't need anti virus, because of the way Linux works there's only one way to get a virus on Linux and that is by you the user putting it on there. I've got an article about it somewhere on my machine, if I can find it I'll post it.

  octal 19:17 07 Apr 2008

This may be of interest:


In Linux everything is a FILE. Even devices are expressed as files. To exist in Linux an app (such as a virus) or a device must be present on the storage device as a FILE. A USB device file is distinguished from a joystick device file by two magic numbers, the Major number and the Minor number. Enough about them. To exist on Linux, applications must be files too. To be executable the FILE must be either an ELF binary FILE or a special shell script file and they must have their execute permission bit set. In order to execute the ELF binary or the shell script file the user must have permission to do so.

1st, Attachments to emails must first be saved by the user. There is no email feature that automatically does that. That makes them a file.

2nd, now saved as a file, the attachment must be marked as an executable by the user. There is no email feature that can do that.

3rd, to run the user must specially execute the file. There is no email feature that can do that.

Notice a trend? It takes the USER'S COMPLETE COOPERATION to infect a Linux box!

Even then, the executable only has the permission the user has. The only damage that can be done is to the user's home account. Neither root nor other users are bothered. (That's why you NEVER want to run Linux as root.) If you keep nothing important in your home account you can hot-key a shell, su to root, and recreate your account, sans virus and all.

However, be advised that some viruses and Trojans come with password crackers and a dictionary of common passwords. If you use weak passwords the malware can break into root, after you do the 3 steps listed above. IF you don't actively help the virus or Trojan you have nothing to worry about.

Some people claim that the Linux footprint is too small to entice crackers to write viruses for it. Such is not the case. FOSS accounts for 70% of all Internet traffic, yet essentially all of the problems arise from that 30% that is run on Windows based PCs. The only way a Linux box can be hijacked is manually, one box at a time. Even then it is too difficult for the average script kiddie to do, and it is too risky for most crackers to do, since detection is more than likely. Crackers that run massive bot farms are finding that an insecure Linux box makes an excellent controller for 10,000 or so Windows zombies because the Linux box, even the one they break into, are immune from the viruses that so easily infect a Windows box. The cracker usually enhances the Linux box against other manual break-in attempts to protect "their investment". Since Linux handles loads very well, the Linux newbie rarely knows they've been hacked.

  Ditch999 20:28 07 Apr 2008

And to counter that octal: click here

and heres the important bit, quote:

One of the vulnerabilities of Linux is that many users do not think it is vulnerable to viruses. Tom Ferris a researcher with Mission Viejo, California-based Security Protocols said in 2006, "In people's minds, if it's non-Windows, it's secure, and that's not the case. They think nobody writes malware for Linux or [Mac] OS X. But that's not necessarily true...."[2]

Shane Coursen a senior technical consultant with Kaspersky Lab noted, "The growth in Linux malware is simply due to its increasing popularity, particularly as a desktop operating system...The use of an operating system is directly correlated to the interest by the malware writers to develop malware for that OS."[2]

  octal 20:54 07 Apr 2008

From that article "If an infected binary containing one of the viruses were run, the system would be infected. The infection level would depend on which user with what privileges ran the binary. A binary run under the root account would be able to infect the entire system."

I refer back to the article I posted, the user has to run the file, and the key is not to run as Root and use strong passwords for Root. Also if you install application outside of the repositories then you will be more vulnerable.

I have read the article and it is a bit light on how the malware is expected to be loaded on the computer without user help, it seems a bit light on that, the only way that malware could be loaded is through social engineering by coaxing the user to install the software.

One of the possible vulnerabilities are rootkits, but running rkhunter which takes just over a minute checks for those.

  Ditch999 21:04 07 Apr 2008

So its a bit like UAC on Vista then? But as you probably know people have a habit of clicking "Yes" and "Install" and "OK" even if they dont know what the question is and as for privilages, most people I know just run Windows with Administrator accounts with weak passwords (If any at all)
Timerep asked "Is it true that you dont need anti virus or anti spware with linux?" so I guess the answer is yes, even Windows does not need anti virus or anti spyware to function!

  octal 21:12 07 Apr 2008

That's true, you can't stop human nature can you, so I conceded even Linux would be vulnerable, you just can't fix stupid.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

OnePlus 5 review

Alice Saey's mesmerising animation for Dutch singer Mark Lotterman

iPad Pro 10.5in (2017) review

Comment booster votre iPhone ?