Florian Philipp wrote:
<snip>
FWIW, AntiVir, Bitdefender, and F-Prot run quite well on Linux, and each
has BOTH Linux and Windows Trojan and virus signatures. So you can
install these and scan your windows box, and then scan your Linux
box/downloads for malware (e.g. openoffice files, media files, etc.).
Add Dazuko, and you can get real-time scanning of your Linux box while
downloading/compiling software.
This is getting OT but I still want to ask:
Is it really necessary to run an anti-virus on linux? I just want to
hear some opinions on that topic because I thought security fixes for
your software are the way to go for fighting virae on linux.
Anti-Virus on Linux. No.
(presuming that you don't run as root, and have lots of unprivileged
users for individual applications.)
Anti-Malware on Linux. Yes.
(Malware gets to the box via spoofed or hacked software distribution or
creation sites; bad links or poisoned DNS caches; or via (e.g.) browser
memory attacks - at plugins or exploits)
The oldtimers will tell you that safe hex and perhaps integrity
monitoring (e.g. Samhain or tripwire) are all that's needed. But desktop
Linux with Browsing, IM, etc. is changing that, IMHO.
The three packages above have Linux Trojan and Rootkit signatures, as
well as Windows malware sigs. Easy enough to run an occasional scan of
the Linux box (or Windows partition); and to scan each Linux download
before reading, compiling, or passing on.
(Dazuko additionally allows realtime scans of compilation read/writes).
IMHO, Linux and MAC are the next frontier for malware, and -SADLY-
AntiMalware signature and heuristic techniques are one thing we can
learn about from Windows :-(
--
gentoo-user@lists.gentoo.org mailing list
