Is it safe to not have an Anti-Virus with a Linux distro?
 

Hello I was wondering if it is safe not to have an Anti-virus if I install a Linux Distro like Mint Distro?

Mint has ClamAV available. IS it safe without AV? Well, that depends upon what you are DOING with it! I like having AV, but I am a paranoid old SYSADMIN who has seen incursions and infections before. I also like having rootkit detection, because not all malware in a virus!


What will you be using this Mint node for?

If you just have a desktop machine and not a server, I don't think you need an antivirus. There are not many Linux viruses out there in the wild.

However Linux can act as a carrier for Windows viruses, a kind of "Typhoid Mary". So if you share files with Windows users, you might want to install ClamAV.

One BIG difference between Linux and Windows is that scrubbing your drive and reinstalling Linux is free and fast. (Just have a backup of your home folder. No, I mean really: plan to make a refresh backup every week, and rotate three or four media so if two are corrupt you can go back and get a good copy!)

Reload Linux, restore your settings, restore your home backup, and you are back in business!

No Windows support fee, not re-registration or registration limits: gotta love it.

Not a protection, but in the worst case a great way to get back in business quick.

Been using Linux as my desktop PC since 1999, no AV - no, not needed, in my opinion; just back up your personal data regularly, as you should with any O/S.

Yes, for a general use case. If you're head of the Secret Service or in a position where State backed hackers are going to spend time taking you down, that's a different ball game. Mind you, when they say there's been a vulnerability uncovered & patched, update. Things exploiting the Log4J vulnerability were hacking long after the exploit had been patched, and devs and others were jumping up and down yelling at folks for months to update. But the lazy & inexperienced didn't bother, and suffered the penalty.

Question for the guru's here...
Is (clam)av usefull when using wine?
- Can a wine environment (bottle) get infected?
- Will clamav check for windows virusses in wine?

+1 . Agree.

Security is a set of tools, settings and practices. The more you use the more likely you are safer.

I worked with a really smart CPA once, who was managing a small company out in Utah.
He mostly took my advice, but was sure his risks were low because his company would be too small to show on anyone's radar. One night he "simplified" his password on the web server to make it easier to work form home. By the time he got home his web server was OWNED. Dictionary attack cracked his password. The script kiddie that got in infected it with more malware than I could count, so I just rebuilt the box and reminded him of the security standards we had discussed. They only reason they did not take over his web pages and get data was because it was all protected and in unexpected/non-standard places. He got lucky!

When I run a server I log access attempts, and you would be SHOCKED at how many probes I intercept. Yes, even attempting my home network. NOTHING is off their radar!

Just take steps to may yourself look a lot less attractive than your neighbor. No one is going to spend extra hours trying to break in if they are pretty darn sure the work will bring them no payday. BUT: don't make it too easy!

The security settings on your edge device are your first protection.
Second is software on your internal nodes (Firewall, AV, etc.).
Third is just making it a habit to not do dumb things (like simplifying your passwords!).

Not opening your node to export services (using it in client only mode with no open ports) is pretty safe. There is no sure thing.

It's certainly a lot safer than running Windows without an AV, especially since dodgy links and phishing seems to have become greater (more immediate?) dangers than traditional viruses. But . . .

I would say it's like leaving your car unlocked.

You may leave it unlocked 10,000 times without incident, but there's always the 10,001.

That is true, but OpenVPN on a non-standard UDP port with certificate based authentication seems to come quite close.

I also log access attempts. Up until December last year, I was running OpenVPN on port 1194 and would usually get hit 6 to 8 times per day. Sometimes more, sometimes less, but there was never a day with no hits. In December, I change the config to use a non-standard UDP port... Haven't seen a single hit since. Not a one.

The experience has been such that I'd advise anyone and everyone to do the same whenever they have to expose a machine to the internet for whatever reason. You can call me crazy, but I don't even use SSH across the open internet without going through a VPN tunnel.

I've not used WireGuard, but I'm led to believe that the experience should be much the same.
Some practices are safer than others, though.

The ONLY VPN I trust is the one where I control both endpoints! But for that case, it is pretty good security. ALL of your traffic between those endpoints is encrypted. ALL traffic to anything PAST that endpoint is NOT encrypted, and people seem not to keep that in mind.

Safe for me. Not safe for my wife when she asks " Can you send that to me ".

Then fresh clam can tell me if it is ok to send what ever.
I don't need it. But she does.

Pays to be polite.

I have been using Linux since 1999. I have never used anti-virus software. My protection is a complete multi-generation onsite and offsite backup system. The backup hardware is offline except when I do backups. I have a unique password for each site that requires a password (over 200 unique passwords). I do not use any of the "password cabinets" because that is the first place a hacker would look for my passwords. I turn my computers off when not in use. My computers have never been infected with a virus.