antivirus for linux

[bluesfloyd]

hi, guys

installed Linux mint (mate) what antivirus would you guys recommend I use , just to be really safe?

thanks for your time guys,
bluesfloyd,

 

[sjwest]

clamav works - better with clamav-unofficial-sigs

Apparently word /excel/ etc viruses dont work in libreoffice.

 

[Mnemonic]

To be honest, I wouldn't even bother installing anti-virus software on desktop Linux. Linux viruses are as rare as hens teeth, and those that do exist have a very difficult time propagating in the wild. The only time anti-virus software is useful on Linux is in the server space, where Linux servers handle Windows files (i.e. Samba shares, mail servers etc...).

A lot of malware is spread via email - mostly in the form of malicious executable code attached to an email. For this to work on Linux, you would have to first download the attachment, then explicitly give it executable permissions (chmod +x attachement_filename), then execute it as root. Another thing to watch for are these "phishing scams" - where an email looks like it comes from Facebook or Google (or wherever) and contains a link that takes you to a page that looks like the Facebook (or Google, or whatever) login page.

That's not to say you should be complacent. Always be careful about what you install - make sure it comes from a trusted source, and learn how to check package signatures. It's also useful to learn a few basic Linux commands link netstat (sudo netstat -plnt - this will show you what ports are open and what programs are using those ports), lsof (lsof -i tcp:22 -P -R will show you who's using port 22), tcpdump (tcpdump -q will show "quiet" output, you soon learn how to spot suspicious activity) etc etc etc...

There's lot of "Linux hardening" tutorials out there, but I've found that a simple clean install of most distros works really well and is very safe and secure (so long as you choose a reasonably complex password).

 

[rapiddescent]

nowadays, most email clients such as evolution and kontact integrate directly with clamav/klamav and will sort out any bad attachments before you see them. You can also modify clam to have the foxholes extension if you're totally paranoid.