Do you have any antivirus recomendations for Linux.
Yes. Don’t.
Do you have any antivirus recomendations for Linux.
Install all applications from your package manager.
Don’t run things as root.
Don’t visit sketchy websites.
Run an ad-blocker that isn’t owned by an advertising company.
Can you get a virus just for visiting a sketchy website?
Also, some programs aren’t available via my package manager (I use Fedora) so I have to add 3rd party repos. Is there a general security guide for linux?
Thank you!
Nowadays it is almost impossible to get a virus just from visiting websites. As for security recommendations I would recommend never running applications as roo that 100% don’t need it, as for 3rd party repos I would always be a by mindful of the apps but generally there isn’t too much of a risk, of getting a virus.
There have been cases of malware exploiting scripts and even images being displayed, whether directly hosted on the site or via compromised ads.
Can you get a virus just for visiting a sketchy website?
Not with an uptodate browser. But there was malware in adverts on normal webpages. Even CIA recommends an adblocker.
Meanwhile at Google…
There are anti viruses that run on GNU/Linux like ClamAv and kaspersky but they actually do not target the machine they run on or at least they are not so useful. Their intention is to stop the spread of malware.
In general, you just need to install softwaref uaong the package manager from trusted sources that are usually the defaults of your distribution and not input your password when you are not expecting it.
When copying commands to the terminal, most terminals will warn you if you are copying a command that requires root privileges.
That said for the operating system, apply it to the browser as well by being eclectic on what extensions you install and voila. 99.99% guaranteed malware free.
Most antivirus software are just root level tools to harvest your data, that pretend to help
At first: In most cases you don’t need and don’t want one.
I wanted to get one as I have several old (over two decades and more) Windows game CDs that I’ve bought long before switching to Linux. Back in the days it was actually a thing that sometimes malware slipped into professionally pressed CDs (especially on discs that came with PC game magazines or cheap game collection boxes).
For this case (Windows software check before attempting to run with wine) I can recommend ClamAV. It is open source and available on probably every distribution. But there is no need to attempt having it running all the time. I just run scans from the terminal whenever needed.
Common sense. ClamAV exists, but I have no idea if it’s worth it
Unless you are in a cooperate environment or very careless with the stuff you download and commands you run you shouldn’t need one!
[This comment has been deleted by an automated system]
I’ve been running Linux for 20 years. Not once have I been in a situation that required an antivirus. The one time I’ve had a security breach it was not a virus but user error that left a door open. And even then, it was just ransomware, not a virus.
Currently I don’t like any of the common AV solutions, ClamAV is the best we have and has great signature based antivirus, with many excellent third party virus signatures (I even use it on windows). however ClamAV has no heuristic based capabilities which means it’s lacking quite a bit in that regard.
I really wish we had a decent hurestics based AV solution oriented to consumers but afaik none really exist that are any good.
-
Do not run a root account for regular stuff. This is a lot less common now since most distros require you to create a non-root account during install and a lot of the systems annoy you if you’re running as root, but you’d be surprised by the sheer number of people who use accounts with UID 0 daily. This may also be caused by “”“more experienced”“” friends/family setting it up that way to try cutting corners regarding access rights, but the bottom line is: don’t be that person. Use root when necessary only.
-
Get into the habit of not blindly running every command you see online or trying every trick you read/hear, at least not on your main system. Try to setup a VM (or multiple) for the purpose of trying stuff out or running something you’re not sure what the impact might be.
-
Keep your system updated, from kernel to userland.
-
Get into the habit of reading news regarding exploits, malware and the responses for them. You don’t need to become an infosec professional or even understand what they actually do. What is important is for you to learn what to avoid and when something really bad is discovered so you can update as soon as possible.
These 4 steps are arguably more important and create better results than any anti-virus could ever hope to do for you. They won’t ever get to 100% security, but then again, nothing will.
-
Common Sense Antivirus™ is breddy gucci.
Use common sense and dont install random shady shit from the internet.
Best antivrius in the world
After happily not following your advise my entire life on Arch Linux… I got this weird Virus on my PC while game developing. This virus made my entire PC glitch and my friend also wondered what the fuck is going on. Weird and creepy music started and sounded like its telling me I am dumb. After unplugging my entire PC from electricity, the music was still there… and I cried.
After waking up I asked myself how the fuck did I dream this and why this dream felt so real (like a lucid dream but I thought this is real life). I maybe dreamed this after having a discussion why I should get an IPhone. As a GrapheneOS user I explained myself, but restarted my thinking about Security. (But even without being a Security focused guy, an IPhone has not enough features like Sideloading Open Source apps)
what vim does to a motherfucker
Yes, no antivirus. You don’t need it. There are no viruses. Plus, the way Linux is setup it’s not easy for a virus to do alot of damage.
And if you’re dual booting with Windows and shared data?
Put the AV on Windows only. Linux cannot run any .exe files anyway so they are useless, unless you try run them under wine, but I wouldn’t recommend it.
I wouldn’t recommend using anti-virus software. It usually creates a lot more overhead, plus it usually mimics existing solutions already in linux. The only viruses I have ever caught using an anti-virus software on Linux are the test viruses to see if all is working fine.
Anyway, here’s my 20+ enterprise experience recommendations with Linux :
- enable secure boot: will disable launching non-signed kernel modules (prevent root kits)
- enable firewall: and only allow ports you really need.
- SELinux: it is getting better, and it will prevent processes to access resources out of their scope. It can be problematic if you don’t know it (and it is complex to understand). But if it doesn’t hinder you, don’t touch it. I do not know AppArmor, but it is supposed to be similar.
- disable root over ssh: or only allow ssh keys, or disable ssh altogether if you do not need it.
- avoid using root: make sure you have a personal account set up with sudo rights to root WITH password.
- only use trusted software: package managers like
apt
andrpm
tend to have built in functionality to check the state and status of your installed software. Use trusted software repositories only. Often recommended by the distro maintainers. Stay away from use this script scripts unless you can read them and determine if they’re the real thing.
Adhering to these principles will get you a long way!
edit: added section about software sources courtesy of @dragnucs@lemmy.ml
Thank you for the advice!
Firewall on Linux is something I still don’t understand, and explanations found on Internet have always confused me. Do you happen to know some good tutorial to share? Or maybe one doesn’t need to do anything at all in distros like Ubuntu?
Regarding ssh: you only mean incoming ssh, right?
@bushvin@pathfinder.social @toikpi@feddit.uk @hevov@discuss.tchncs.de @ChonkaLoo@lemmy.world @HotBoxghost2743@lemmy.ml @c1177johuk@lemmy.world (I’m surely forgetting someone, sorry)
Thank you ALL for the great advice and guides! I’m writing from behind a laptop firewall now, and don’t notice anything :) It was smoother than I expected. In the end I used UFW because it was already installed, but I’ll take a look at firewalld too in some days! I don’t have any incoming ssh connections (not a server), so I didn’t need to worry about that :)
Really great people here at Lemmy :)
I don’t think you need to configure your firewall. Firewalls are usualy used to block incomming connectings. Usualy a Firewall that blocks all incomming connections is already active on your modem/router. Adding exception to the modem/router Firewall usualy happen through port forwords.
The typical consumer Windows antivirus was designed to solve a different set of problems in a different environment and analysing files for signatures and behaviors against known threats was very valuable when so many people were running executables from unsafe sources intentionally or not. Even on Windows an antivirus has never been the best way to secure a machine. It was always the lowest common denominator solution that you put on everyone’s machine because it was better than nothing.
Linux has been well served for a long time by the division or privileges between root and users and signed trusted distro sources. The linux desktop is trending towards containerized flatpak applications running in seperate namespaces with additonal protection via seccomp. Try and understand the protections Linux provides and how to best take advantage of them first and only reach for an antivirus if you still think it is needed.