Sunday, May 07, 2006

Linux need Antivirus or not

Beginner's Questions - Do I need antivirus protection when I use Linux?

In the sense that you would run an additional program on your Linux system
to help protect your system against viruses, no. There are very few viruses
that affect Linux systems. The design of Linux and the commonly used
applications make viruses for Linux much harder to write. The most common
ways for viruses to spread are designed out of a Linux environment.

It is still possible for a Linux system to be "owned" by an attacker, they
just use security holes to attack your computer, rather than trying to get
you to execute a program for them. I had it happen to me several years ago.
I was running a program that had a design flaw that could be remotely
exploited, and I didn't know it. When such flaws are discovered in Linux
programs, they are fixed as soon as possible, but there is no such thing as
a "perfect" system. Any sufficiently complex system has flaws, and Linux is
sufficiently complex :-).

"Security is a process, not a product" is a common saying in the security
community. Some things you can do to improve security on your Linux system:

Stay caught up on security related patches for your Linux system. All of the
Linux distributions that I am familiar with offer a way to automatically be
notified when new security patches are available for your system. You should
install such security patches as soon as they are available. The time from
the publication of a security flaw to first exploit is a matter of hours in
some cases.
Use good passwords (composed of mixed case and symbols, not just lower case
letters, no dictionary words).
Turn off any processes that you don't need. How do you know if you need a
process? That takes quite a bit of research, but most Linux distributions
start out with as few processes running as they can, and require you to take
extra steps to turn on additional processes when you need them.
Use a firewall, either as a separate box between your computer(s) and the
internet or running on your computer(s). Linux has very good firewall
capabilities (look for documentation on "iptables" for current versions of
the Linux kernel). The goal of a firewall is to block most attempted attacks
before they even get to the processes running on your computer.
There are several security-related howto's at The Linux Documentation

Ironically, many people who use Linux systems as file servers for Microsoft
Windows systems run a virus checker on their Linux systems. However, the
virus checker is looking for viruses that affect Microsoft Windows systems,
not Linux viruses.

Check out some AntiVirus software -

Get MARRIED the SMART Way! Join!

No comments: