Is it safe to not have an Anti-Virus with a Linux distro?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello I was wondering if it is safe not to have an Anti-virus if I install a Linux Distro like Mint Distro?
Mint has ClamAV available. IS it safe without AV? Well, that depends upon what you are DOING with it! I like having AV, but I am a paranoid old SYSADMIN who has seen incursions and infections before. I also like having rootkit detection, because not all malware in a virus!
If you just have a desktop machine and not a server, I don't think you need an antivirus. There are not many Linux viruses out there in the wild.
However Linux can act as a carrier for Windows viruses, a kind of "Typhoid Mary". So if you share files with Windows users, you might want to install ClamAV.
One BIG difference between Linux and Windows is that scrubbing your drive and reinstalling Linux is free and fast. (Just have a backup of your home folder. No, I mean really: plan to make a refresh backup every week, and rotate three or four media so if two are corrupt you can go back and get a good copy!)
Reload Linux, restore your settings, restore your home backup, and you are back in business!
No Windows support fee, not re-registration or registration limits: gotta love it.
Not a protection, but in the worst case a great way to get back in business quick.
Distribution: Mainly Devuan, antiX, & Void, with Tiny Core, Fatdog, & BSD thrown in.
Posts: 5,507
Rep:
Been using Linux as my desktop PC since 1999, no AV - no, not needed, in my opinion; just back up your personal data regularly, as you should with any O/S.
Yes, for a general use case. If you're head of the Secret Service or in a position where State backed hackers are going to spend time taking you down, that's a different ball game. Mind you, when they say there's been a vulnerability uncovered & patched, update. Things exploiting the Log4J vulnerability were hacking long after the exploit had been patched, and devs and others were jumping up and down yelling at folks for months to update. But the lazy & inexperienced didn't bother, and suffered the penalty.
Question for the guru's here...
Is (clam)av usefull when using wine?
- Can a wine environment (bottle) get infected?
- Will clamav check for windows virusses in wine?
I worked with a really smart CPA once, who was managing a small company out in Utah.
He mostly took my advice, but was sure his risks were low because his company would be too small to show on anyone's radar. One night he "simplified" his password on the web server to make it easier to work form home. By the time he got home his web server was OWNED. Dictionary attack cracked his password. The script kiddie that got in infected it with more malware than I could count, so I just rebuilt the box and reminded him of the security standards we had discussed. They only reason they did not take over his web pages and get data was because it was all protected and in unexpected/non-standard places. He got lucky!
When I run a server I log access attempts, and you would be SHOCKED at how many probes I intercept. Yes, even attempting my home network. NOTHING is off their radar!
Just take steps to may yourself look a lot less attractive than your neighbor. No one is going to spend extra hours trying to break in if they are pretty darn sure the work will bring them no payday. BUT: don't make it too easy!
The security settings on your edge device are your first protection.
Second is software on your internal nodes (Firewall, AV, etc.).
Third is just making it a habit to not do dumb things (like simplifying your passwords!).
Not opening your node to export services (using it in client only mode with no open ports) is pretty safe. There is no sure thing.
It's certainly a lot safer than running Windows without an AV, especially since dodgy links and phishing seems to have become greater (more immediate?) dangers than traditional viruses. But . . .
I would say it's like leaving your car unlocked.
You may leave it unlocked 10,000 times without incident, but there's always the 10,001.
When I run a server I log access attempts, and you would be SHOCKED at how many probes I intercept. Yes, even attempting my home network. NOTHING is off their radar!
That is true, but OpenVPN on a non-standard UDP port with certificate based authentication seems to come quite close.
I also log access attempts. Up until December last year, I was running OpenVPN on port 1194 and would usually get hit 6 to 8 times per day. Sometimes more, sometimes less, but there was never a day with no hits. In December, I change the config to use a non-standard UDP port... Haven't seen a single hit since. Not a one.
The experience has been such that I'd advise anyone and everyone to do the same whenever they have to expose a machine to the internet for whatever reason. You can call me crazy, but I don't even use SSH across the open internet without going through a VPN tunnel.
I've not used WireGuard, but I'm led to believe that the experience should be much the same.
That is true, but OpenVPN on a non-standard UDP port with certificate based authentication seems to come quite close.
I also log access attempts. Up until December last year, I was running OpenVPN on port 1194 and would usually get hit 6 to 8 times per day. Sometimes more, sometimes less, but there was never a day with no hits. In December, I change the config to use a non-standard UDP port... Haven't seen a single hit since. Not a one.
The experience has been such that I'd advise anyone and everyone to do the same whenever they have to expose a machine to the internet for whatever reason. You can call me crazy, but I don't even use SSH across the open internet without going through a VPN tunnel.
I've not used WireGuard, but I'm led to believe that the experience should be much the same.
Some practices are safer than others, though.
The ONLY VPN I trust is the one where I control both endpoints! But for that case, it is pretty good security. ALL of your traffic between those endpoints is encrypted. ALL traffic to anything PAST that endpoint is NOT encrypted, and people seem not to keep that in mind.
I have been using Linux since 1999. I have never used anti-virus software. My protection is a complete multi-generation onsite and offsite backup system. The backup hardware is offline except when I do backups. I have a unique password for each site that requires a password (over 200 unique passwords). I do not use any of the "password cabinets" because that is the first place a hacker would look for my passwords. I turn my computers off when not in use. My computers have never been infected with a virus.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.