Antivirus products for Linux compared

[Jack]

Content source

http://betanews.com/2015/05/27/antivirus-products-for-linux-compared/

Though Linux is often seen as being immune to malware it's still important to have protection, partly because Linux malware does exist, even if it’s rare, and partly to prevent the passing on of viruses to more vulnerable operating systems like Windows and Android.

Independent testing organization AV-Comparatives has been looking at the leading Linux anti-malware offerings to gauge their ease of installation, features and more.


Linux has only around a 1.5 percent share of the desktop market so there are relatively few antivirus programs aimed at home users. Also Linux software is usually installed via community-maintained repositories that make it harder to distribute malware.

The report doesn't rank the tested programs but does deliver an individual verdict on each. Singled out for praise are BitDefender Antivirus Scanner for Unices, which offers an easy to use graphical interface and good help facilities, ESET has a clear status display and good malware alerts, and eScan too is praised for ease of use though it provides only on-demand scanning and not real-time protection.

Kaspersky too is easy to manage and configure as is McAfee, both of which use a web console approach as does TrendMicro's Server Protect for Linux.

Others including Comodo Antivirus for Linux, and Dr. Web Anti-virus for Linux come in for criticism for needing use of the terminal for configuration, making them unsuitable for Linux novices. AVG Free Edition for Linux is criticized for being unable to run real-time protection without making the system inoperative.

Read more: http://betanews.com/2015/05/27/antivirus-products-for-linux-compared/

 

[LabZero]

An ex. is Turla Linux malware.

It is written in C and C++ and organized in such a way as to prevent as far as possible techniques for reverse engineering use to go back to the original source.

EPIC Turla is a malicious project aimed in particular to monitoring network traffic and violating the data interchange between users and between devices, once identified sensitive information they are stored and processed into packages that are sent to external servers with whom it communicate malware.

 

[Deleted member 178]

whatever OS u are using , you need a security software.

 

[MikeV]

whatever OS u are using , you need a security software.

Totally agree!!!
See video below for myths and facts about Linux:

 

[Amiga500]

Ive never used an antivrus on linux and dont think i ever will.I dont download many things and i have hardened my browser down.Only my firewall is enabled.

 

[SkyJP]

I think it's a particularly good idea, just to be safe, especially if you'll be transferring files via different devices that may transfer the infection.

 

[FireShootSK]

I m linux user and i using AV and on-demand scanners every system need protection i think. Of course for linux are few malwares but still exist.

 

[Amiga500]

i dont buy this at all.Why have another process running on the system which i feel i dont need.I dont connect or share files with other computers,i rarely download and install any software only things i "need" rather than "want".

 

[OokamiCreed]

Totally agree!!!
See video below for myths and facts about Linux:

Thanks for the video. Guy is actually enjoyable to listen to. (Love Mythbusters so that picture I found cool) No OS is invincible against attacks... Mac users thought they were fine but they get infected now to. lol Prevent it first, don't wait for it to infect you then try and prevent it. Common sense.

 

[illumination]

Yes, you should use an anti-virus on Linux, not only because there are "although rare" coded malware for linux and cross platform threats. It is also a responsibility for the end user to protect others and not spread malware which can be easily done using Linux. Windows coded malware may not run on your Linux machine, but can be transferred to another system where it can run.

 

[jamescv7]

You may run Linux without AV in such certain conditions:

A typical user should be done like this:

1) A browser which automatically updates to the latest version and browsing only for social networking sites alongside of using search engines and click from 1st up to 5th links as possible.

2) Doing simple task or small in related business type which there shouldn't be a problem, especially if the network connection is not active.

However...

Conscious user who are on a pre OCD or totally in a habit about security then you may use Linux AV at all cases.

The following situation like:

1) Scanning an infected USB, which Linux AV contains also Windows detection capabilities therefore it should be better.

2) When running Windows emulator based, then its totally you need especially if you want to test dangerous sample.

3) Lastly browsing where some sites which are very unknown may contains drive by download algorithm where files will be dropped without your user intervention.

Overall: You may still need an AV for such case, but for advance users/ experience then its already on their choice.

 

[Amiga500]

T

Yes, you should use an anti-virus on Linux, not only because there are "although rare" coded malware for linux and cross platform threats. It is also a responsibility for the end user to protect others and not spread malware which can be easily done using Linux. Windows coded malware may not run on your Linux machine, but can be transferred to another system where it can run.

This rather depends on how linux is being used.
I do not run linux as a server and i do not p2p or any other form of file sharing .So no an antivirus is not needed by users like me.These baseless replies are based on sweeping generalisations that we all use linux as a server.

 

[comfortablynumb15]

I don't think anyone thinks Linux is invincible anymore (Let's hope not at least), but ,if you compare default installs and "safe usage" of both Linux and Windows, no one with their facts and research straight is going to say that Linux is anywhere near as vulnerable as Windows. To say differently is just ignoring statistics and logic. I would never suggest running naked on anything connected to the Internet however. If Linux becomes "just as" vulnerable in the future, I'll bet Canonical will share the blame since they do the most experimenting with features and tweaks .

 

[Oxygen]

I don't use one for Linux, but it's basically required for Windows.

 

[Nico@FMA]

In general Linux does not suffer the numerous Windows vulnerabilities and neither does it suffer the many malware attacks like Windows does.
Yet running a CENT OS server myself i am well aware of potential dangers that Linux has (Which Windows does not have)
One of the biggest issues is root user configurations as most Linux users only understand Linux on a basic level, while setting it up properly does require a good amount of Linux understanding.
8 out of 10 hacked Linux boxes are directly traceable to the users actions, and while Linux does have a number of malware's that are made to infect Linux it all depend on how well you did configure it.
I personally know several people who have been running a Linux server for years and have been successfully evading everything harmful to Linux. But then again these guys understand Linux and have only enabled those options they need and disabled everything they do not need.
And those features enabled are bound to scenario type of configurations if A then B if B then Z.
Making the Linux box follow fixed routines in order to deliver the type of service it needs.

Most Linux users do not understand the principal that Linux does literally as you instruct it, ones you grasp this principal you can make a Linux server unbreakable to hackers, bots and other dangers however there is ONE exception to the rule and those are vulnerabilities that come with the "distro" you are using and while they usually get fixed pretty fast thanks to the HUGE Linux developers community keeping your LOS (Linux OS) updated and hard configured is absolutely the key. Also using protected accounts is key.
If a hacker gets root access you are going to be #####ed in ways that even Windows would not allow to happen.
However if you do it properly and configure things the right way, then it has been proven that 75% of all the hackers out there will skip your server as Linux (Well configured and maintained) is like a fortress.

Thats all i got to say about it.

 

[illumination]

T

This rather depends on how linux is being used.
I do not run linux as a server and i do not p2p or any other form of file sharing .So no an antivirus is not needed by users like me.These baseless replies are based on sweeping generalisations that we all use linux as a server.

This part

It is also a responsibility for the end user to protect others and not spread malware which can be easily done using Linux. Windows coded malware may not run on your Linux machine, but can be transferred to another system where it can run.

Was the main reason for my reply, and not baseless by any means.

 

[Nico@FMA]

I want to add one more thing, one of the biggest reasons a LOS needs antivirus is ironically not even for itself, because LOS servers are great in distributing malware to Windows boxes. This has been proven time after time after time.
Yet the true core of a LOS box lies in the fact as mentioned by @Jack in the fact that Distro's are so much better developed then Windows is.
Don't get me wrong Winblows is great yet from a developers point of view Linux is heaven. Its highly configurable options is maybe also its weakest point.
Windows is plug and play, Linux is Code and play and that's the biggest difference even tho today there are more and more distro's like for example unbuntu and mint that can replace windows completely en would run much faster then any windows version.
Yet the downside is that if you need applications like those on Windows you will have a hardtime getting some of them as software developers generally do not have much Linux alternatives.
Otherwise Linux would be able to own windows (In terms of servers it always owned Windows)

Just saying.

 

[bunchuu]

I use linux as secondary OS and I think linux user should install AV in their system. these is example of known malware for linux:
http://news.filehippo.com/2015/05/moose-malware-infecting-linux-based-devices/

 

[midzan21]

Only time when I used AV on Linux was back in days (2011/2012 time when I wroted my final documentation for high school), and I used it only for on-demand purposes (multiple USB drives from all around with bunch of crap and from users with some old AV). Nowdays, when I use Linuxes (Ubuntu and Debian to be precise) in VM I think that I don't need it.

 

[DoxThis]

Great thread I believe linux does it just as easy to exploit etc. Flash/Java exploits will be here always and usually effect all systems however I think linux won't grow that big its too hard IMHO to setup proprietary drivers for gaming which is why it wont ever be there IMHO. The only distro I know to have proprietary drivers easily setup is ubuntu which everyone bashes for being ##### anyway but I feel its decent not the best but its not windows yaknow