Ubuntu.

c om

Official Documentation

Community Help Wiki

Community

Support

Partners

Contribute

Login to edit

Search

Antivirus
This article applies to all Ubuntu versions

Why do I need anti-virus software?

Isn't Linux virus-free?
For the most part, Linux is engineered in a fashion that makes it hard for viruses to run
(click here for more info). However, there are many reasons you might want a virus
scanner on your Linux PC:
1. you are required to have a virus scanner installed by the terms of use of the
company you work for or are doing business with

Contents
1. Why do I need anti-virus software?
2. Open Source Antivirus
3. Free (gratis) version of proprietary Antivirus
4. Possible reasons linux is less prone to malware
1. Root User vs normal usage
2. Market Share Myth
3. Package Managers
5. Other Links

2. to scan a Windows drive in your PC

3. to scan a Windows-based network attached server or hard drive
4. to scan Windows machines over a network
5. to protect a Windows virtual machine from within the virtual machine
6. to scan files you are going to send to other people
7. to scan e-mail you are going to forward to other people
8. some Windows viruses can run with Wine.
9. Linux virus infections are theoretically possible.

Other Security Issues

A Firewall is more important as it should prevent infections and prevent other types of attacks. SSH is also an important issue so it's worth having a

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

look at the main page on Security.

Open Source Antivirus

1. ClamAV Antivirus

Free (gratis) version of proprietary Antivirus

1. Comodo Anti-Virus for Linux. 32 and 64-bit releases for 12.04 available.
2. Avast! Linux Home Edition. More information about Avast! at wikipedia and an install guide at UbuntuGeek. Avast's product key didn't work so
we contacted the company & are awaiting their response.
3. AVG Antivirus. AVG is popular in Windows. Like most antivirus programs it detects infected files but doesn't remove the infections. Unusually
though, it also doesn't move infected files to a quarantine folder. There is a more detailed page about Avg in Ubuntu.
4. Avira Antivirus. Requires Java to use the GUI. No new licenses are being granted after July 2013, and the Avira Linux product will be
terminated in June of 2016 for prior existing users.
5. BitDefender Antivirus. Limited time trial version for immediate download, but free personal-use license available by filling in a form. BitDefender
checks for Windows viruses. There is a community documentation page about it here.
6. Panda Antivirus. I didn't check this one but it appears to be old and no longer maintained. It used to have some unique & awesome features
(check here for the updated Panda Cloud Cleaner that is still very useful.)
7. F-PROT Antivirus for Workstations (home users). Free for personal use. GUI front-ends are available, but may require some manual work. e.g.
XFProt. I have not tried the GUI front-ends.
8. Wiki list

Possible reasons linux is less prone to malware

1. Programs are run as normal user, not Root User
2. More eyeballs on the code, nowhere for malware to hide
3. Vast diversity makes it difficult to reproduce flaws in a system
4. All software and drivers are frequently updated by Package Managers
5. Software is generally installed from vast Repositories not from unfamiliar websites
6. Developers/programmers are recognized as Rock Gods rather than treated with contempt
7. Elegant, secure code is admired & aspired to. Hasty kludges are an embarrassment

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

"A computer virus, like a biological virus, must have a reproduction rate that exceeds its death (eradication) rate in order to spread. Each of the
above obstacles significantly reduces the reproduction rate of the Linux virus. If the reproduction rate falls below the threshold necessary to replace
the existing population, the virus is doomed from the beginning -- even before news reports start to raise the awareness level of potential victims."
by Ray of http://librenix.com

Root User vs normal usage

"For a Linux binary virus to infect executables, those executables must be writeable by the user activating the virus. That is not likely to be the
case. Chances are, the programs are owned by root and the user is running from a non-privileged account. Further, the less experienced the user,
the lower the likelihood that he actually owns any executable programs. Therefore, the users who are the least savvy about such hazards are also
the ones with the least fertile home directories for viruses." by Ray of http://librenix.com

Market Share Myth

Some people say that linux suffers less from malware because it has less than 1% of the desktop market compared to Windows 90% & suggest
that if linux ever increases in popularity then it will suffer just as badly. This argument is deeply flawed & not just by the spurious statistics. Linux
dominates server markets(NB: this link dead). Why struggle to write a virus that might knock out a few thousand desktops when knocking out a
few thousand servers could knock out a continent? Yet it is the desktop machines that are commonly exploited.

Package Managers
With Windows when you want to try a new program you usually have to either pay a lot for it or else use a pirated version, a "cracked copy". With
pirated programs you can never be sure of what extra stuff has been added and may often end up getting malware or viruses. Even if you do get a
legit copy then you will be often be expected to search around the internet to download it from a site you have probably never seen before. It is quite
common for malware agencies to imitate such sites to get malware onto wide-eyed-end-users machines. Users get the blame for going to the
wrong sites but how are they supposed to know which are the legit sites without prior experience of that particular site?
With linux we use package managers such as Synaptic or Software Centre that share the same lists of already installed programs and also share
lists of approved sites (=repositories) to download programs/packages from. Programs generally have to go through some sort of approval process
before being allowed to sit in the repositories (=repos) & generally go through alpha & beta testing before being approved. Theoretically complaints
about a package could lead to it getting removed from the repos although generally they just get bug-fixed.
In Windows there is no built-in way of updating programs, drivers, codecs & other packages. Their update process is only about updates to the OS
itself (and notice they are almost always called "security updates" although it is often about Microsoft's security, not the users or the machine's
security). So, often when you open a program such as Adobe Reader a pop-up appears saying there is a new version or updates are available
(again notice how often they are "security updates").

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com

In linux the package managers update all the programs, kernel modules (these contain the drivers amongst other things), shared libraries, codecs,
add-ons and other packages. You can set how often & when (even down to the time-of-day) that this update process happens. Although it defaults
to asking your permission to download & install updates you can make it just go-ahead automatically. No constant pop-ups demanding you update
NOW. No demands to make the updates automatic. Most of the linux updates are about increasing functionality because writing packages with
vulnerabilities is unacceptable and so packages would be held back rather than included in releases or added to the repos. Even with the
timetabled 6 monthly release cycle of Ubuntu there are no major deadline requiring that badly written code gets rushed through.
So, once you update a linux system that means everything about the system is up-to-date. After a Windows update you are likely to still have
programs and drivers that have known existing exploited vulnerabilities even though "security patches" have been released.

Other Links
https://help.ubuntu.com/community/Linuxvirus
http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications
https://help.ubuntu.com/community/Antivirus/Avg
http://ubuntuforums.org/showthread.php?t=765421
http://www.virusbtn.com/index
http://www.debian-administration.org/article/SSH_with_authentication_key_instead_of_password
http://www.debian-administration.org/article/Keeping_SSH_access_secure
http://www.techradar.com/news/software/operating-systems/how-your-secure-your-linux-system-915651
https://help.ubuntu.com/community/Antivirus/Avg - Community page for AVG
https://help.ubuntu.com/community/BitDefender - Community page for BitDefender
https://help.ubuntu.com/community/Antivirus/Avira - Community page for Avira
CategorySecurity
Antiv irus (last edited 2014-05-04 20:22:41 by lorenzo567)

The material on this wiki is available under a free license, see Copyright / License for details
You can contribute to this wiki, see Wiki Guide for details

open in browser PRO version

Are you a developer? Try out the HTML to PDF API

pdfcrowd.com