Hi All,
Interesting, I have never run a Virus scanner running Linux, but fire walled I am. And run a bunch of distributed computing technigues.
This from Handle With Linux.
Many people think you don’t need a virus scanner in Linux. Here are some considerations to make.
1. There are no linux viruses
This is a myth, there are linux viruses. Not many, not as harmful but they do exist.
2. A virus scanner uses to much resources.
You don’t need to run a virus scanner all the time, if this is what bothers you.
Having one at hand couldn’t hurt.
3. Viruses in Linux are harmless, as they can’t access root.
There are many ways of circumventing Linux security, I won’t say it’s easy, but it is possible.
Don’t think so? It’s called privilege elevation, and it’s used by human hackers all the time, much more difficult for a program, but possible.
4. You only install from source, or from repositories.
This can be a viable reason. I run a lot of systems without virus scanners, but I do have very tight control over what is installed. If you get everything from a reliable source and use checksums for everything there can be situations where you don’t need any virus/malware scanner. It could even impose a security threat, as it is a extra piece of software.
5. There are other things a virus scanner detects
While there are not many real viruses(as in the self replicating executable infecting kind) in linux, there are trojan horses and worms. I know there are hacker groups using a php shell backdoor, these things you can easily detect with clam av. So if you run a website, just scanning it once in a while won’t harm you.
If you ever notice you have been hacked, do take the time to scan for malware.
6. You never use a network
If you have a stand alone system, where you install everything from CD, which comes from a trusted source.
And it’s never connected to any other system, it probably won’t be harmed by malware.
7. You don’t care about security
This is a very good reason for not using a virus scanner in Linux. This could even be a very good reason for not using linux at all. This could also be a very good reason for not closing the door of your house.
It’s also probably because you are not aware of the implications. Not caring will stop at the moment you now it’s too late.
8. You have a firewall
If you have a firewall you are probably protected against most worm viruses. If it is configured to block all incoming and outgoing traffic by default, it provides a reasonable level of protection from network threats. The protection of a firewall depends on it’s configuration. A firewall is in no means a replacement for a virus scanner, and there are other threats than network threats alone.
9. You don’t have anything to protect.
If you have nothing to protect, I feel sorry for you. No seriously, the things you do to protect against security threats should be balanced against the assets you need to protect. The problem is most people don’t know or don’t think about the real risks. There are not many people who take to much security measures, there are many, many millions who take to little security measures.
If you know what it feels like to know something is not right with your system, you won’t think like this anymore.
10. You have a windows system in your network.
If you have any windows system in your network, it is probably a good idea to run a virus scanner on your Linux systems too. You don’t want your Linux system to infect the windows systems, which are much more vulnerable for viruses. This is especially important if you use samba or if you run a mailserver.
conclusion
There are a lot of things to consider for or against virus scanners in Linux. I have to honestly say I don’t always use one myself. They are for sure not nearly as important as firewalls, good habits and common sense. They are also not nearly as important in Linux as in windows. I put a windows machine on the internet one time and it was infected within 10 minutes, the change of something like this happening in linux is almost nil. There are also many cases where it does give a benefit, if you run a webserver, it could prevent some things. I use it on some systems where I think it’s most important. I do think it’s a good policy to have one at hand, I use it often as a tool for checking untrusted systems or files.
I do think it is important to think about these things and not just push them aside. I certainly don’t think people should go around telling people they don’t need a virus scanner in Linux, unless they know everything about the other persons system which should be considered.
If you have other ideas, more things to consider or just have something to say leave a comment.
I’m not English so: If you are bothered by spelling mistakes, please leave a comment and I’ll correct it.
want to read more by J00p34? The Blog root is here
or follow me at twitter
No user commented in " 10 Considerations Why You Should / Should Not Use A Virus Scanner In Linux "
Follow-up comment rss or Leave a Trackback