decent free antivirus/malware/spyware scanner for Linux : which one to take?!


Recommended Posts

tarifa

Good day dear experts on Neowin, 

 

decent free antivirus/malware/spyware scanner for Linux : which one to take?!

 

Long story but need a decent free antivirus/malware/spyware scanner for MX - Linux 19-1. 


heard about: 
- ClamAV
- Sophos A/V and it doesn't work on MX-16.1 Linux. As for Comodo A/V, it won't install on MX-16.1 Linux. ( followed this  https://forum.mxlinux.org/viewtopic.php?f=108&t=42830&start=20 )

 

so after a long search with a bunch of information i am quite at the beginning: There so many different options - so many things to choose.  At the moment i do not i have an idea nor a glue which one to take - and which one is the best to choose: i have had a closer look and found - here a litte overview wit ha feature to feature comparison... taken from here: https://www.ubuntupit.com/best-linux-antivirus-top-10-reviewed-compared/

 

what do you say?

 

Quote

 

1. Sophos: In the AV-Test, Sophos is one of the best free antiviruses for Linux. It does not only support on-demand scanning but also provide real-time scanning feature. This particular Linux antivirus not only prevents Linux base malware but also works fine on all the major platforms like windows, android. It detects worms and trojans as well and helps to remove from the repository. But if you are kinda geeky Sophos provide you terminal coding facility to make it easier.

Features:
Free
Terminal base
Detect and remove threats
Works for worms, trojan, virus, and malware
Lightweight and easy to use and install
Cross-platform support
Block and remove non-Linux threats

 

2. Comodo: Comodo is another best antivirus software for Linux. It is well known for its unique architecture support and cross-platform feature. It also supports email scanning feature with additional anti-virus protection system which is not available on other application.
Comodo supports windows firewall feature with 32-bit and 64-bit architecture. Comodo Antivirus for Linux also supports all distros, so it widely uses among Linux users. The best of this software is it also works on server side like Red Hat Enterprise Linux Server, OpenSUSE, and SUSE Linux Enterprise Server.
Features:
Free
Easy to use and install
On-demand scanning with no false alert
Real-time protection
Antispam support
Supports cross-platform
Support server-side protection

 

3. ClamAV: This is the best and probably widely referred antivirus in Linux community. ClamAV is the open source and free to use. It is recognized as versatile antivirus to detect trojans, malware, and viruses. It also supports standard mail gateway scanning. It is easy to use and fast to run because it doesn’t have a native GUI and works through the terminal.

Features: 
Opensource
Free
Cross-platform works in Linux, Windows and Mac OS
Works from the terminal
Support on-access scanning for mailing service
POSIX compliant support
Portable


4. F-PROT
F-Prot is the well-renowned antivirus for Linux. This particular Linux antivirus can be used at home or industrial level. It supports 32 and 64bit software architecture as a Linux antivirus software. It scans over 2119958 known viruses and their other possible variants. This Linux antivirus software is portable and performs schedule scanning using cron technology.IT can detect different types of infections trojan even boot sectors.
Features:
Free and portable
Detects more than 21 million threats and their other variants
Can run on different software architecture
Scanning feature for internal drive and drivers
Scan for boot sector virus, macro, and trojan viruses

 

5. Chkrootkit
From the name, Chkrootkit, you can guess it really works on root and frankly speaking it is the best option for rootkit available in a Linux system. IT is lightweight and portable. You can quickly burn it to CD or USB. It contains multiple programs to support the users like.

Features:
Rootkit detection
Lightweight
Portable
Easy to use and fast
Run from terminal
Multiple error solver

 

6. Rootkit Hunter....

 

 

which one do you run - !?  I look forward to exchange ideas and experience

 

have a great day 

 

yours Tarifa 

 

 

  • Like 1
Link to post
Share on other sites
fusi0n

NOD32 works well on Linux. 

  • Like 1
  • Thanks 1
Link to post
Share on other sites
tarifa

Hello dear +fusiOn, 

 

Many thanks for the quick reply - great to hear from you - i will have a closer look at NOD32 

 

Have a great day 

regards Tarifa

Link to post
Share on other sites
Mindovermaster

You typically never need a virus checker. Since I moved to Linux, I never needed a anti-virus.

 

All I did was turn on the included firewall...

  • Like 1
Link to post
Share on other sites
fusi0n
1 hour ago, Mindovermaster said:

You typically never need a virus checker. Since I moved to Linux, I never needed a anti-virus.

 

All I did was turn on the included firewall...

How do you know you don't have a virus if you don't have a virus scanner? ;)

 

I think it's always best practices to have something running. There are several 0-Day drive by attacks that can get you infected and you'll never know it.  Malware has matured a lot and a lot of it is no longer trying to cause the end-user issues and be as silent as possible. I build all my packages from source and still run an anti-virus. This is just my option, but letting your guard down because you think you safe is a good way to get pwn3d. 

  • Like 1
Link to post
Share on other sites
Mindovermaster
11 minutes ago, fusi0n said:

How do you know you don't have a virus if you don't have a virus scanner? ;)

 

I think it's always best practices to have something running. There are several 0-Day drive by attacks that can get you infected and you'll never know it.  Malware has matured a lot and a lot of it is no longer trying to cause the end-user issues and be as silent as possible. I build all my packages from source and still run an anti-virus. This is just my option, but letting your guard down because you think you safe is a good way to get pwn3d. 

Well, nothing ever slowed my computer down to a snail. I never noticed any flukes. I keep my eye on SystemMonitor, and nothing ######y is running.

 

I'm not saying "there are no Linux viruses" I know there are several, BUT, Linux is faster to fixes than Windows. 

 

It is good practice, yes, but is really not needed. I reinstall my OS every ~6 months. So any virus that is present, goes bye-bye.

 

Edit: fu_nky is a swear word? New to me...

Link to post
Share on other sites
spacelordmaster

none. Linux doesn't need one

Link to post
Share on other sites
  • 2 weeks later...
ThaCrip

Many say you don't need a anti-virus for Linux. because I suspect the amount of viruses are so low they are pretty much a non-issue.

 

also, I would probably advise a person uses Firejail which is a sandbox program as this way if one happens to get hit with a 0-day, it's damage will probably be limited.

Link to post
Share on other sites
goretsky

Hello,


This is something I wrote a few years ago:

 

https://www.welivesecurity.com/2015/01/13/really-need-antivirus-software-linux-desktops/

 

While the numbers may no longer be current, it is still accurate in terms of overall prevalency.  Keep in mind, though, the situation on the IoT side has changed because of botnets like Mirai.

 

Regards,

 

Aryeh Goretsky

 

Link to post
Share on other sites
cork1958
On 3/28/2020 at 9:10 PM, spacelordmaster said:

none. Linux doesn't need one

Exactly! Haven't ever used one on my systems. Have scanned them just to check it out and see if anything was ever detected, but nothing has ever been found. 

 

Just don't install stupid stuff from untrusted sources.

  • Like 2
Link to post
Share on other sites
goretsky

Hello,


I just saw this yesterday, but it was out a few days before that:

 

https://blogs.blackberry.com/en/2020/04/decade-of-the-rats

 

Apparently, there's been a concerted attack against Linux systems that went unnoticed for about a decade.

 

Regards,

 

Aryeh Goretsky

 

Link to post
Share on other sites
ThaCrip
On 4/10/2020 at 5:59 AM, cork1958 said:

Just don't install stupid stuff from untrusted sources.

 

Yeah, just using Linux (desktop) alone keeps one risks minimal and paired with what you said should further lower the already low risk.

 

plus, to lower it even further... I figure one should run Firejail as if one happened to get hit with a drive-by download when browsing online it would likely be contained within the Firejail sandbox and Firejail has only a minimal interference with general usage of ones computer as by default when running ones browser on Linux (Firefox or Chrome) in Firejail it limits persistent save location to /home/*username*/Downloads folder, but other than that, if you download a file and want to run it, don't open it directly from the browser like one might normally do but use ones file manager to access the file as this way it will be outside of the sandbox and will function normally. but other than that, off the top of my head, all is good. but since I wanted a persistent save location on another hard drive I had to tweak things a bit. but most people who only have one hard drive, the defaults are good enough.

 

Firejail also seems to hide certain locations from the browser to... file:/// (put that into the Firefox browser and press enter on Linux) you will see the browser in it's default state can see quite a in there where as once you run it through Firejail, you will notice quite a bit more of the stuff is not visible. so if something shady did get by your Firefox browser for example, it's got more limited access to things etc. I don't know every little detail but it's safe to say one is that much more secure with Firejail than without it and since it does not really interfere with general use, I figure why not use it.

 

so while Linux is not immune, if things stay roughly how they are, which I suspect they will for the foreseeable future, simply because Linux does not have a large enough user base (only about 2% market share compared to Windows 88%), then Linux (desktop) is close enough to virus free. plus, I suspect the typical Linux user is a bit more tech savy than the common person which will probably make it even less appealing for the shady people out there as I suspect they like things to be as easy as possible. like minimal effort for maximum benefits.

 

another thing i suspect some overlook is avoid installing browser extensions you don't trust! ; as a general rule the less the better but having some is almost a must nowadays like for ad-blocking etc.

 

p.s. even Goretsky's article talking about Linux desktop is pretty much inline with what we said. personally I don't worry about most IoT devices since I won't even bother to use stuff like SmartTV's internet function etc, so even if there is some exploit in it, it's pretty much impossible for someone to exploit since it's not online. even my router should be solid given it's running a Tomato based firmware (currently using a Shibby build (which is from the year 2017) since it appears to be stable unlike newer FreshTomato firmware (which are quite recent) on my old router) which should be more secure in general vs manufacturers firmware and it's newer than all of the Heartbleed stuff so it's WiFi should be secure, or at least secure enough.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.