Anti-Virus on Linux
Hello All! As many of you know, I still consider myself a new linux user. I have seen different threads on this subject, and would like some input from the knowledgeable community here. I saw over the weekend that McAfee ofers virus protection for linux, and has identified a worm from 2002, the slapper worm.
Hello All!
As many of you know, I still consider myself a new linux user. I have seen different threads on this subject, and would like some input from the knowledgeable community here. I saw over the weekend that McAfee ofers virus protection for linux, and has identified a worm from 2002, the slapper worm. Is this something that the linux community, and or distro developers have dealt with? I am running SuSe 9.3, is there a risk to my system, and or my privacy? Is this something I should re-take a look at and consider purchasing and installing on my system? Does anyone here believe that as the popularity of linux grows that the danger of malicious programs grows also, and is this kind of product the answer. One of the main reasons I switched to linux from M$ windows was security. Of course, now I know the other HUGE benefits of a linux system (well, some of them anyway). Any how, any thoughts or insights on this topic?
Thanks
Justbill
this is a link to McAfee site, about slapper worm http://vil.nai.com/vil/content/v_99693.htm#VirusChar .com
As many of you know, I still consider myself a new linux user. I have seen different threads on this subject, and would like some input from the knowledgeable community here. I saw over the weekend that McAfee ofers virus protection for linux, and has identified a worm from 2002, the slapper worm. Is this something that the linux community, and or distro developers have dealt with? I am running SuSe 9.3, is there a risk to my system, and or my privacy? Is this something I should re-take a look at and consider purchasing and installing on my system? Does anyone here believe that as the popularity of linux grows that the danger of malicious programs grows also, and is this kind of product the answer. One of the main reasons I switched to linux from M$ windows was security. Of course, now I know the other HUGE benefits of a linux system (well, some of them anyway). Any how, any thoughts or insights on this topic?
Thanks
Justbill
this is a link to McAfee site, about slapper worm http://vil.nai.com/vil/content/v_99693.htm#VirusChar .com
Participate on our website and join the conversation
This topic is archived. New comments cannot be posted and votes cannot be cast.
Responses to this topic
As far as I am aware, the virus would need root privialges in order to do anything, which is not likely unless you are silly enough to login as root.
I have linux and windows systems networked at my home so I use a virus scanner on my linux box, just for peace of mind. I use the f-prot antivirus for linux, it is free for home use.
I have linux and windows systems networked at my home so I use a virus scanner on my linux box, just for peace of mind. I use the f-prot antivirus for linux, it is free for home use.
Soooooooo,
I downloaded the RPM for f-prot, right clicked on the rpm icon in my home folder, and clicked Open with Yast, and, and, and, and,,,,,,,,,,,Nothin! And yes I did chmod a+x. What, pray tell am I doing wrong here? I had the same issue last week trying to install the game maelstrom. Whats up with that? This is the only thing I am unhappy with on this OS (SuSe9.3). Can't seem to install stuff easily
Justbill
I downloaded the RPM for f-prot, right clicked on the rpm icon in my home folder, and clicked Open with Yast, and, and, and, and,,,,,,,,,,,Nothin! And yes I did chmod a+x. What, pray tell am I doing wrong here? I had the same issue last week trying to install the game maelstrom. Whats up with that? This is the only thing I am unhappy with on this OS (SuSe9.3). Can't seem to install stuff easily
Justbill
Yes I noticed the date of the virus as well danleff, however I thought it probably would still be propigating in the wild some place, you never now.
I don't use apache or openssl, o i have no idea if it still a problem, i guess it wouldn't be though.
Justbill, f-prot doesnt have a GUI. If you installed it then it should be running in the background. You update the virus signature s via command prompt by typing in something like this, as root.
/usr/local/f-prot/tools/check-updates.pl
heres a link for help
http://www.f-prot.com/support/helpfiles/unix/workstation/man_updt.html
I don't use apache or openssl, o i have no idea if it still a problem, i guess it wouldn't be though.
Justbill, f-prot doesnt have a GUI. If you installed it then it should be running in the background. You update the virus signature s via command prompt by typing in something like this, as root.
/usr/local/f-prot/tools/check-updates.pl
heres a link for help
http://www.f-prot.com/support/helpfiles/unix/workstation/man_updt.html
Justbill, try the other selection when you 'click' on the .rpm that you downloaded. "use directory as source for yast" then password, when it then says source add 'O.K' then do 'install with yast' bit.
> clamav < and > antivir < are both good free antivirus scanners as well but command line to use, quiet easy thou. ( antivir needs danku installed first) check their sites out.
clamav > www.clamav.net <
antivir > www.antivir.de < (click the english flag)
Like mention above, Linux not a great problem with normal user, but always good to stop them spreading thru you to your friends out of courtesy.
.........
Regards,
Ian.
,,.....,,
~~~
"@|@"
^
*
________________________________________________
"...Intelligent people don't call people stupid!
-only stupid people, call other's stupid!..."
"...If you want something done well!
-leave it in the microwave overnight!..."
________________________________________________
> clamav < and > antivir < are both good free antivirus scanners as well but command line to use, quiet easy thou. ( antivir needs danku installed first) check their sites out.
clamav > www.clamav.net <
antivir > www.antivir.de < (click the english flag)
Like mention above, Linux not a great problem with normal user, but always good to stop them spreading thru you to your friends out of courtesy.
.........
Regards,
Ian.
,,.....,,
~~~
"@|@"
^
*
________________________________________________
"...Intelligent people don't call people stupid!
-only stupid people, call other's stupid!..."
"...If you want something done well!
-leave it in the microwave overnight!..."
________________________________________________
I use clam to root out windows bugs, but I have no worries about any wild linux viruses. After a little snooping I found info on 3 Viruses found in wild that infect old apache/Openssl, but nothing that can get through a modern kernel on a limited account. Don't surf the web as root and you need only scan to protect your unfortunate Windows using buddies. Now If sombody knows you use a particular kernel, and convinces you to download and install a root-kit you can get zombified. So don't install crap from people who know you,don't like you much, and can hack with some skill.
There is a front-end to Fprot Anti-Virus. The rpm here contains
both Fprot plus it's front-end Xfprot:
http://distro.ibiblio.org/pub/linux/dist...-4.6.2.i386.rpm
After installing - create a link on your desktop to the executable 'xfprot'.
This program also allows you to download new virus signatures at mouse point, etc ...
Requirements:
GTK 2.0x
Original source: http://web.tiscali.it/sharp/xfprot/
both Fprot plus it's front-end Xfprot:
http://distro.ibiblio.org/pub/linux/dist...-4.6.2.i386.rpm
After installing - create a link on your desktop to the executable 'xfprot'.
This program also allows you to download new virus signatures at mouse point, etc ...
Requirements:
GTK 2.0x
Original source: http://web.tiscali.it/sharp/xfprot/
It is quite simple if you use KDE and Kmail. Install clamav and in Kmail under the Tools menu select antivirus wizard. It's easy and it works. You can also install spamassassian and in Kmail under the same menu select antispam wizard.
You really have very little to worry about in Linux but it does prevent you from passing a virus to others who persist in using ms windows.
You really have very little to worry about in Linux but it does prevent you from passing a virus to others who persist in using ms windows.
How do I get xfprot installed?
I installed fprot from here:
http://www.f-prot.com/download/trial_forms/linux-ws-rpm.html
But when I try and install xfprot it says f-prot is missing as well as linux-gate.so.1, libintl.so.3, and perl-libwww.
F-prot seems to be installed fine:
Code:
Thanks,
Will
[Edited by war59312 on 2006-02-11 06:05:22]
I installed fprot from here:
http://www.f-prot.com/download/trial_forms/linux-ws-rpm.html
But when I try and install xfprot it says f-prot is missing as well as linux-gate.so.1, libintl.so.3, and perl-libwww.
F-prot seems to be installed fine:
Code:
$ f-prot -vernoF-PROT ANTIVIRUSProgram version: 4.6.6Engine version: 3.16.14VIRUS SIGNATURE FILESSIGN.DEF created 9 February 2006SIGN2.DEF created 9 February 2006MACRO.DEF created 9 February 2006$ f-prot eicar.comVirus scanning report - 11 February 2006 @ 0:04F-PROT ANTIVIRUSProgram version: 4.6.6Engine version: 3.16.14VIRUS SIGNATURE FILESSIGN.DEF created 9 February 2006SIGN2.DEF created 9 February 2006MACRO.DEF created 9 February 2006Search: eicar.comAction: Report onlyFiles: "Dumb" scan of all filesSwitches: -ARCHIVE -PACKED -SERVER/home/war59312/Desktop/eicar.com Infection: EICAR_Test_FileResults of virus scanning:Files: 1MBRs: 0Boot sectors: 0Objects scanned: 1Infected: 1Suspicious: 0Disinfected: 0Deleted: 0Renamed: 0Time: 0:00
Thanks,
Will
[Edited by war59312 on 2006-02-11 06:05:22]
