Do you need an Antivirus in Linux?

[Berryracer]

I want to try Ubunto Linux v11.10 for the first time. I have never used Linux before, is it true that in Lunix you don't need an antivirus??

 

[theevilsharpie]

In theory, yes, as Linux allows you to execute arbitrary code.

In practice, I never see anyone use personal antivirus package on Linux, and I'm not even sure there's any available that aren't part of an expensive corporate offering. There are packages such as ClamAV that are meant to be used primarily for scanning e-mail attachments, but they can also be used to scan files manually.

 

[Nothinman]

All of the A/V tools for Linux are aimed at scanning for Windows viruses. As theevilsharpie said, with the idea of scanning email attachments, file shares, etc to protect end users. If you're using it as a workstation, you can just not worry about it.

 

[Randybob01]

I don't "need" to run ClamAV, but I added it to runlevel 5 and Linux still boots up much faster than my Windows XP partition.

 

[gmaster456]

I've never used an AV in linux

 

[Gs dewd]

no

 

[pcgeek11]

I agree with the others. In 10+ years I have never used AV in Linux. I ha.ve also not had any virus/malware issues

 

[nelop]

Yep have been using Linux for 13 years and never had any virus issues.

Saying that i would still be cautious: make sure your running a firewall , disable all services you don't need , only install apps from safe sources ... etc

 

[Fox5]

At its core, antivirus is just a blacklist of programs. Most bad programs are for windows, so all the effort of maintaining that blacklist are focused on windows...there aren't really any wide spread threats on Linux. There's also so many variants of Linux out there (remember, Windows updates its kernel once a service pack, Linux distros update like twice a month) that a virus would probably have trouble targeting all of them.

What Linux does have:
Software repositories, vetted by someone, so all the software in them is probably (not not guaranteed) to be safe.
and
SELinux, which is a mandatory access control system that looks at the behavior of programs, similar to what more advanced anti virus suites on windows may do. It's not installed by default on Ubuntu, since it can be a pain to set up. Instead Ubuntu uses AppArmor, which is a similar concept but not as strongly enforced.

Also, malicious content that targets browser plugins (java, adobe flash), or even the javascript engine of the browser can be cross-platform between windows, linux, mac, etc. In that case, it's best to run something like Firefox with NoScript. (although google chrome currently has the strongest protections of any browser, but javascript and browser plugins are inherently unsafe)

 

[Gs dewd]

Fox is right.