Hi

Just wondering? when I had windoze I had programs to detect Malware, Adware, Spyware etc
Do I need similar programs for Linux and if so what's recommended?

Thanks

No. Isn't that great? You can go to all the attack sites you want, and get no malicious software. Be careful if you have a dual boot, though. That's when you have Windows and Linux on the same computer. Even though Linux is not affected by malware, it can still be a carrier for it, and that malware can make it over to your windows partition. It works the same way that illnesses do. If I'm immune, but you're not, I can still carry it and pass it on to you.

https://help.ubuntu.com/community/Linuxvirus

The only real use of any detection software of a linux system will be to protect your windows buddies.

Other than that, NO, totally not required.

Here is some more reading material about virus's and such in Linux.

http://ubuntutip.googlepages.com/security

OMG isn't Linux wonderful, why did I take so long to change?

Thanks for the replys and links

Hi

Just wondering? when I had windoze I had programs to detect Malware, Adware, Spyware etc
Do I need similar programs for Linux and if so what's recommended?

Thanks

Most of the malware out there will not have any impact on your computer. HOWEVER, spyware, tracking cookies, and the like can be present. The best way to stay safe is to act in a safe manner. Do not install programs from untrusted sites, update your computer regularly, and clear your Firefox browsing history regularly. There are plenty of addons for Firefox that will help you keep your private transactions private.

NoScript (http://noscript.net/)

Adblock Plus (https://addons.mozilla.org/firefox/addon/1865)

Better Privacy (https://addons.mozilla.org/en-US/firefox/addon/6623)

Ghostery (https://addons.mozilla.org/en-US/firefox/addon/9609)

noXSS (https://addons.mozilla.org/en-US/firefox/addon/9136)

TabPermissions (https://addons.mozilla.org/en-US/firefox/addon/4757)

There are more, but I don't have them installed on this computer. If you would like more, there is this page: http://mashable.com/2007/07/25/firefox-security/

And this one:

https://addons.mozilla.org/en-US/firefox/browse/type:1/cat:12

Or I can just post some more when I get home if you like. :D

However, if you install a program, or run a script with root power (i.e. sudo), you are basically giving the computer into the hands of the person who wrote the program or script. Be careful whom you trust with it. :)

NoScript (http://noscript.net/)

Adblock Plus (https://addons.mozilla.org/firefox/addon/1865)

Better Privacy (https://addons.mozilla.org/en-US/firefox/addon/6623)

Ghostery (https://addons.mozilla.org/en-US/firefox/addon/9609)

noXSS (https://addons.mozilla.org/en-US/firefox/addon/9136)

TabPermissions (https://addons.mozilla.org/en-US/firefox/addon/4757)

There are more, but I don't have them installed on this computer. If you would like more, there is this page: http://mashable.com/2007/07/25/firefox-security/

And this one:

https://addons.mozilla.org/en-US/firefox/browse/type:1/cat:12

Surely that's a little OTT, I mean NoScript already protects against Cross Site Scripting attacks. And it takes the easy away from browsing -- unless you only visit the same sites over and over.
Turn off third party cookies, install better privacy (good recommendation for removing third-party flash cookies which of course your browser will do nothing about) and throw in noXSS. A good compromise I think.

RKhunter is always advisable. It'll check for root kits etc.

To install:

sudo apt-get install rkhunter

Then check for any updates:

sudo rkhunter --update

Then to run a check:

sudo rkhunter -c -sk

Surely that's a little OTT, I mean NoScript already protects against Cross Site Scripting attacks. And it takes the easy away from browsing -- unless you only visit the same sites over and over.
Turn off third party cookies, install better privacy (good recommendation for removing third-party flash cookies which of course your browser will do nothing about) and throw in noXSS. A good compromise I think.

Well, some people find me paranoid. But these are the people who run Windows without a Firewall, anti-virus, or router and have to reinstall every three months. So I really can't say how paranoid I truly am. :)

Well, some people find me paranoid. But these are the people who run Windows without a Firewall, anti-virus, or router and have to reinstall every three months. So I really can't say how paranoid I truly am. :)

I wasn't criticizing; I set up encryption and signing all my family's email with GPG -- but then again, that's not for security per se, mostly just because I can.

Hi

I installed rkhunter using synaptic do I just run it from the terminal or is there a GUI and if there is where is it?

Thanks

RKhunter is always advisable.

Perhaps you would explain why? I think it is totally unnecessary.

Perhaps you would explain why? I think it is totally unnecessary.

I also question the necessity of rkhunter. Is there really a problem with root kits on Linux? I don't often hear of Linux boxes being rooted.

I also question the necessity of rkhunter. Is there really a problem with root kits on Linux? I don't often hear of Linux boxes being rooted.

There are Linux botnets, so running rkhunter would be a good idea.

rk hunter necessary?

since when ? :popcorn:

So now that I've installed, updated, and run rkhunter, how do I look at '/var/log/rkhunter.log' so I can see what the "WARNINGS" it showed me are?

When I go to open the file, it tells me I don't have permission, and '/var/log/rkhunter.old.log' doesn't have a program to open it with...

So now that I've installed, updated, and run rkhunter, how do I look at '/var/log/rkhunter.log' so I can see what the "WARNINGS" it showed me are?

When I go to open the file, it tells me I don't have permission, and '/var/log/rkhunter.old.log' doesn't have a program to open it with...
They look like false positives to me, but if you want to see the output of those files in the terminal window, just run this in the terminal:
sudo cat /var/log/rkhunter.log
Or if you want to open it in the text editor:
gksudo gedit /var/log/rkhunter.log

As was already stated, rootkit scanners are next to worthless. First of all, a rootkit is not used for compromising the machine but instead is used for covering the tracks of an attack. Therefore, if an attacker has rooted your system (he has to already have root to install a rootkit) then you have much bigger problems than worrying about finding the rootkit itself. Even if you did find it, it does no good; you would need to format and reinstall because the attacker could have modified so many things in the kernel that it would be next to impossible to ever be sure the machine was clean.

Short answer: No you don't need rootkit scanners.

Hi

I installed rkhunter using synaptic do I just run it from the terminal or is there a GUI and if there is where is it?

Thanks

Yes it's run from terminal. Follow the commands I posted in my earlier post.

Yes it's run from terminal. Follow the commands I posted in my earlier post.

Thanks for that.

Hi

Just wondering? when I had windoze I had programs to detect Malware, Adware, Spyware etc
Do I need similar programs for Linux and if so what's recommended?

Thanks

This is all you need for malware protection (http://www.bitdefender.com/PRODUCT-80-en--BitDefender-Antivirus-Scanner-for-Unices.html) on GNU/Linux based systems. If your really rich / important or just simply paranoid lock down your firewall in-conjunction with Bit Defender.

This is all you need for malware protection (http://www.bitdefender.com/PRODUCT-80-en--BitDefender-Antivirus-Scanner-for-Unices.html) on GNU/Linux based systems. If your really rich / important or just simply paranoid lock down your firewall in-conjunction with Bit Defender.

Totally worthless is BitDefender (and ClamAV). No need for either on a desktop box.

I have ClamAV installed and have a cron job set up to run clamscan once a week. This helps to protect any Windows boxes that I share files with. Even though those Winboxen have anti-virus installed, a little defense in depth never hurt anyone. And as Linux gains popularity it will inevitably become a larger target for malware authors. IMHO from a security perspective, the worst thing anyone can do is assume they don't need any protection, no matter what operating system they use.

Can ClamAV make a minimal protection in a network?
I'm considering a migrating from windows xp pro to ubuntu, and since is a comercial use, can't use bitdefender (for *nix) and other like it.

nevermind.

virus scanner in ubuntu

gimme a break :D

thats liek teaching a dog now to BBQ

wtf is the point of that :popcorn:

I'm not 100% sure what you're asking exactly. ClamAV does offer a layer of protection in that you can use it to scan your filesystem for any infected files. Like I said before, I prefer to schedule a cron job to both update the virus definitions (freshclam) and scan my /home directory for any infections (clamscan).

AFAIK ClamAV can't clean the infections from files, but you can supply an option to have it delete the infected file. I just have my scans output only the infected files to a log in my home directory. Then all I have to do is review the log and decide what to do with any infections it reports.

Something like this command will scan your home directory and all subfolders in it, then output only the infected files to the file VirusScan.log:

clamscan -i -r /home/youruserid > /home/youruserid/VirusScan.log

If you will never be moving files from your Linux box to a Windows box, you won't have to worry too much about viruses. In fact, I'm not even sure that there are currently any Linux viruses beyond proof of concept. I just think it's a little insane to think that Linux is completely impervious to virus threats. It's like saying that you'll never have to buy an umbrella just because it isn't raining today.

Hi

Just wondering? when I had windoze I had programs to detect Malware, Adware, Spyware etc
Do I need similar programs for Linux and if so what's recommended?

Thanks
So long as you don't go running around the interwebs on a root account, or other such nonsense, your not likely to have problems with Malware etc.. in GNU/Linux Distributions.

There is no such thing as zero risk, but I know from my own experience, I have never had any problems with Malware etc.. on my GNU/Linux machines. I know where to get AV for Linux, good ones to, but I only ever use them when I'm downloading files that I will later be transferring to a windows machine, I never bother scanning my Linux machine.

All that said, I'm personally not a big fan of ClamAV, nothing wrong with it, I just prefer Avast! myself. Heres 3 links to some Linux AV, I have used Avast and AVG in the past when scanning files for transfer to a Windows machine; I have not used Kasperksy, but I have heard excellent reviews from others who have.


Avast! Linux Home Edition (http://www.avast.com/eng/avast-for-linux-workstation.html)
AVG Anti-Virus Free Edition 8.5 for Linux (http://free.avg.com/download?prd=afl)
Kaspersky Anti-Virus for Linux Workstation (http://www.kaspersky.com/anti-virus_linux_workstation)

GLAHF