|
Patch reliability is unclear, but widespread attacks make patching prudent. Go ahead and patch, but watch out for potential problems. |
Running Mint Mate 19.2 since MS abandoned W7. Since starting with Mint the advice has been that anti-malware was not really needed for Linux. Today Linux has grown to present a larger target, recently highlighted in the forum newsletter.
What if anything are members doing re anti-malware?
perhaps check this site for the best AV apps to use on Linux:
https://bestantiviruspro.org/best-antivirus-for-linux/
Even though that review is recent, some info is wrong/out of date.
Sophos doesn’t seem to do Linux anymore, Comodo still does but it no longer supports it’s product. Might be others, too.
Edit: Maybe it’s ESET that doesn’t support their product, Also, Avast has a sort of dodgy reputation.
Pebcak is the most common form of infection/unauthorised access.
Slowpoke47, As you don’t have/use nor want Windoze,
have a good read at this..updated Jan 2022
https://easylinuxtipsproject.blogspot.com/p/security.html
You have veam backups so, that’s a steadfast recovery.
Edit: Maybe it’s ESET that doesn’t support their product,
I’m glad to report that I’ve been using ESET NOD32 Antivirus for four years now on my Kubuntu machine, and am very satisfied with it.
Last summer, ESET announced that they will be retiring this particular product this coming August, but they recommend that Linux users switch to ESET PROTECT Essential On-Prem, which includes the newer product ESET Endpoint Antivirus for Linux.
The replacement product only comes in a minimum quantity of 5 PCs, as far as I can tell, for a minimum cost of ~$165.00 per year (and it was in that ballpark for UK pounds too; not sure what it is for other countries). That’s a bit steep for a home user who may only need one copy (but as usual, it is assumed Linux users are business users).
Dell XPS 13/9310, i5-1135G7/16GB, KDE Neon 6.2
XPG Xenia 15, i7-9750H/32GB & GTX1660ti, Kubuntu 24.04
Acer Swift Go 14, i5-1335U/16GB, Kubuntu 24.04 (and Win 11)
I have Clam AV (actually Clam TK, the GUI version of Clam AV). Not really all that great IMHO. Its very slow scanning an entire drive. I use it mostly to scan individual or small sets of files.
After years of AV use on Windows, I have a hard time wrapping my brain around the idea of not having AV software on Linux. There seems to be a fair number of people who say Linux doesn’t need AV. Maybe they’re right but I always get a bit skeptical when I hear stuff like that; seems a bit overconfident to me.
Two posts in “Recent Topics” on this subject.
https://www.bleepingcomputer.com/news/security/linux-malware-sees-35-percent-growth-during-2021/
For desktop Linux keep to good “PEBCAK” practices (don’t install executables from unknown/unsigned sources, etc.), don’t run as “root” (use sudo instead) and have a firewall turned on.
If you are running a Linux server, then expertise is required, because you must allow connections inbound through the firewall, so there is always a risk of someone finding a way to exploit the system and take control. But not as big a risk for the personal Linux desktop user.
Realize that Windows malware does not run on native Linux. But you can still copy Windows malware files and share them, so scanning your user folders for malware is probably a good idea, especially if you share files with Windows users.
The biggest threats are probably the same user based issues seen on Windows, like phishing and installing anything that comes your way.
Escalation of privilege is difficult if your user session is not running as root. Rootkits are difficult to install without root access, or even physical access to the machine. So the Linux system is more resilient than Windows by design.
I believe that the key here is that for malware to enter a Linux system, it must be installed by someone with root access. It’s not likely to install all by itself. You would need to open the door to let it in.
I have never run an AV on Linux. So far, so good! 🙂
Windows 10 Pro 22H2
.
.
.
Have had no need for a vector footprint either. Over the years been using RKHunter & CHRootkit and haven’t encountered anything untoward. The firewall. however, is a different kettle o’ fish, blocking ports and IP’s, moreso IP addys on a bi-weekly basis.
I’m retired now, but I used Citrix for interacting with other Windows users on our network. Didn’t have any issues, and Citrix worked fine for me. I also use Clam, after having poor experiences with commercial AV’s.
JohnW’s comments are spot on. Most of the Linux “Malware” exploits require direct access to the device, so as long as you use encryption, keep things locked down (I disabled SSH), and follow PEBCAK, you should be good to go without anti virus.
The firewall. however, is a different kettle o’ fish, blocking ports and IP’s, moreso IP addys on a bi-weekly basis.
Is the default Mint firewall adequate?
Default is off. Turn it on, and you get by default:
But if you are attached to a private network, the network routers will do the heavy lifting of keeping the outside world at bay via NAT.
A software firewall, such as provided by Mint, will handle adversaries on your local network. Local should not be a big issue unless you are using a public hotspot such as in a hotel, airport, or Starbucks…
Windows 10 Pro 22H2
We’re on a LAN, service provided by Verizon. Should we be using firewalls?
If you are on a private LAN, where the Verizon router is using NAT (i.e. your local IP address looks something like 192.168.x.x) you should be OK.
In that typical scenario the router is using the public IP address for the WAN side, and translating traffic to your private LAN IP address. The only inbound traffic that it should allow is for connections that you have initiated (i.e. HTTP requests, etc.). Unsolicited traffic should be denied. If any doubts, contact your provider for details.
You can also test this with GRC “ShieldsUp”, that will probe your WAN address for open ports. https://www.grc.com/shieldsup
A software firewall such as that provided by Mint can provide extra assurance that no traffic gets into your PC uninvited. Each end user device on the LAN would need it’s own software firewall. A router firewall can protect your entire LAN. 🙂
Windows 10 Pro 22H2
Donations from Plus members keep this site going. You can identify the people who support AskWoody by the Plus badge on their avatars.
AskWoody Plus members not only get access to all of the contents of this site -- including Susan Bradley's frequently updated Patch Watch listing -- they also receive weekly AskWoody Plus Newsletters (formerly Windows Secrets Newsletter) and AskWoody Plus Alerts, emails when there are important breaking developments.
