since yesterday we come doing a review of the types of computer security tools and options available for Linux. In this post we are going to answer one of the most widespread myths by answering the question:Do you really need antivirus on Linux?
Viruses are a widespread form of malware that hinders or prevents computer systems from functioning.s and thanks to its ability to self-replicate, spread quickly to other computers.
Do you really need antivirus on Linux?
The job of antivirus programs is to protect computer systems from viruses and other malicious software thate can affect the operating system, applications and important files. I use the term malware as malware generally deals not only with viruses but also with worms, ransomware, spyware and adware.
This type of program seeks not only to detect and alert malicious software but also to eliminate it monitoring the different activities of the computer to find known patterns of malware or unusual behavior.
Databases of already known malware are used to detect patterns In the case of behavior, any unjustified activity will be taken as an indication and the user will be informed.
According to the settings established by the user, when detecting a potentially suspicious program, the antivirus will choose one of the following alternatives:
- Quarantine (isolate) the infected file.
- Delete or try to repair the infected file.
- Ask the user to decide the course of action.
In addition to computer activities, the antivirus program monitors in real time the Internet sites we browse, the files we download and the attachments wewe received by email.
Because new malware appears every day it is important to keep it updated so that the database on which its operation is based is up to date.
Very good Diego. But do we need an antivirus on Linux or not?
Let me make an analogy with sex. If you have a stable partner who you know is not cheating on you and the possibility of pregnancy is not something that worries you, the possibility of catching a sexually transmitted disease without using a condom is very low, but it does not disappear completely.
Your partner can be infected with blood contaminated by a transfusion, a syringe or an accidental cut.
If you don't have stable partners and you tend to prefer to have sex with promiscuous people, it's like playing Russian roulette with all the bullets in the magazine.
Returning to the topic at hand, Using Linux is like having sex with a stable partner. Its carefully measured system of granting access privileges to different parts of the system is a barrier to malicious software destroying sensitive components.
However, unless you completely disconnect from the network and do not manually install anything new, you are not safe. that a file sent to you by email or an unauthorized update through an attack on the repositories of your Linux distribution, is the entry point of malicious software.
And, remember that Being part of a network you are jointly and severally responsible for the general security. Even if you are not affected by the virus, you can be the asymptomatic carrier that spreads it.
In general, when it comes to home systems, the decision depends on each user. Where an antivirus must be installed is on corporate servers. Above all, in the event that they are used to send or receive email or as a platform for sharing files.
In recent years, commercial antiviruses have been appearing (Gossips say that this was the cause and not the consequence of the increase in malware for Linux) However, there are also open source alternatives that you can find in the repositories and that we will discuss in the next article.
In the meantime, I would like to know. Do you use any antivirus on Linux?
One of the things I like Linux for and how well everything works is because I DO NOT use an antivirus and I don't think I will ever use it, that I won't be safe? Well, good to use a little common sense and be careful on the web.
The clamav that I really don't understand very well.
And what antivirus to use?... you should expand the article... because the fact that you should use an antivirus... in any operating system is clear... but which… do you recommend…. that needs to be added...
Hello Jaime, in Cuba there is an antivirus, Segurmatica, which has a version for linux that its performance on Windows is not so bad, I don't know how it would behave on Linux, apart from the fact that it has a license to use it, I think.
Read the last paragraph of the article, gentleman…
In my opinion they are not necessary and I also consider them obsolete software because they do not have the capacity to block most of the current threats whose attack vector is social engineering.
Greetings.
It never hurts to stay protected, however, the most famous and reviewed antivirus for linux clamav and its graphical interface clamtk leave a lot to be desired when it comes to making you feel professional security if you are a user who comes from Windows, systems like kaspersky if bad I don't remember, as a simple antivirus they allow you to directly monitor the Internet connection, and without doing anything at all, with the newly installed operating system it can block things that try to connect to the system. Having that same experience, that the user sees that the antivirus works in real time while connecting to the Internet is something that I have not been able to experience in Linux. However, although there are few real attacks on linux systems, clamav does not seem to be a suitable solution for users who want to use linux on a low-resource computer, clamav or at least in its clamtk version there is literally no better way to describe it than as a resource abuse for the simplest scanning and even abuses resources just by checking or updating the threat database. There must or at least should be a free solution that competes with the famous clamav and is more professional, or at least does not abuse system resources so much.
Well, in linux, unless you use the root account to visit pages and download files of dubious origin, it is practically impossible for you to load the system with a virus. I think the most important thing is to keep the system updated and follow a good user account policy (for example, I use a standard desktop user account for banking and other important issues, another standard user account for general browsing and a sudo account only to update and install programs).
Even though I'm a bit out of date when it comes to AV. I leave my opinion here.
I understand that of the AV for Linux, 99% look for Windows viruses, the most famous case: ClamAV.
Now, are there serious AV for Linux? yes they exist, some examples: CrowdStrike, and some endpoints: ESET, BitDefender, etc.
However, none of these last 3 mentioned are for domestic use, rather the opposite. That is to say: if the "domestic linux user" wanted to buy Crowdstrike (which is not cheap at all) he cannot. Because? Because that manufacturer is directed purely and exclusively for Companies.
So on the one hand there is no free or paid product and on the other hand, the statistics of domestic users (of linux) with virus problems is practically nil. We must settle for a good firewall, and things like chkrootkit or those styles. Always the best AV was the user himself.
Servers: world apart.
The article has a "captivating" title but with all due respect "talks a lot and says nothing." 50% quick explanation of what an AV is and how it works (more or less). 40% «analogy»…. 10% “I listen to your opinions.
It's not bad for me, but it's not good either.
Regards!
PS: Perhaps you are giving your opinion on something that an AI was sent to write; at this point I have no idea!
but do not recommend any friends !!!
That is the topic of the next article. I post it on Monday.
No, we do not need antivirus in Linux, private users, no, I have been using Linux solely and exclusively on my computers for more than 10 years, for everything, leisure, work, studies, etc. and I have never gotten a virus and when I used the scourge Windows in 10 years you had entered an endless number of viruses, no matter how good antivirus you had and you had to format the computer practically every year, so no, in Linux you absolutely do not need an antivirus at all.