Antivirus for Ubuntu

Fri May 25 03:00:42 UTC 2007

On 05/24/2007 11:07 AM, jarrodhenry at comcast.net wrote:
> Honestly, the structure is such that this is an unnecessary device
> right now, and the security being as it is, might be an unnecessary
> construct in the future of linux.

Nonsense. There are indeed virus/trojans/bots etc., out there on a daily
basis that will indeed infect linux. The latest proven on an Ubuntu
supplied application is for OpenOffice.

See:

http://secunia.com/search/?search=openoffice
 http://secunia.com/virus_information/38489/
  http://www.sophos.com/security/analyses/sbbadbunnya.html
[click on 'Advanced']
<quote>
 - On Linux, it drops a file named badbunny.pl that is a Perl file
infector also detected as SB/BadBunny-A.
</quote>

There are many, many patches/fixes that go out for linux/Ubuntu on a
daily basis. Example:

http://secunia.com/search/?search=ubuntu
http://secunia.com/search/?search=linux

IMO, as linux gains popularity I am quite certain that the linux
community will indeed easily see more and more virus/trojan/DOS/bots in
the wild over time. Further, as for ClamAV (and others) being useless or
needless on linux; perhaps you should consider that many run a
windows/linux mix; including sharing files amongst those machines.

> 
> That being said, there is ClamAV at http://www.clamav.net/.
> 
> I'd be more concerned with someone who desires a useless or needless
> product being executed, though.  The only purpose for an anti-virus
> in Linux at this time is to protect the windows users.  Microsoft
> Windows is the issue here, not Linux.

I doubt it. System security has nothing to do with issues, instead it
has everything to do with system knowlege and the ability to use that
knowledge to lock down outside threats (and the obvious user security
issues). Examples:

1. I administer multiple Win2000 servers and Win2KP desktops for my
customers. Those are locked down tighter than a drum primarily because
there are so many tools available which enable me to do that. In over 4
years we've not experienced a single virus, trojan, backdoor, etc., on
any of the servers, and have only experienced one virus on a desktop
when we let a new application on without proper security restrictions.

2. In the past year of transitioning desktops to linux (Ubuntu) I can't
honestly say that I have the same grasp and view of what all of the
desktops are doing. I expect that there are tools that will allow me to
do this, but none (that I've found) that allow me to do this as easily
as the established windows tools. Overall the 'comfort' level in
admistering linux desktops is uncomfortable to say the least.

3. It has taken me one year to even attempt to bring up an Ubuntu
server. This week I've reloaded a LAMP server onto a test machine and
figure that it will take me at least a month or so to figure out what it
does, how it works, and how to secure it. It will probably take another
few months before I bring up one on the intranet for user testing.

I suppose that I'm not the typical linux guy (yet... I'm working on it),
but I can say that I've dealt with computers & networks since the early
1970's. I have designed, implemented, installed, and project managed
global and local area networks for many, many years and I still find
linux a daily learning experience.

That said, I'd advise against such statements as "The only purpose for
an anti-virus in Linux at this time is to protect the windows users.
Microsoft Windows is the issue here, not Linux"... Statements like that
are liable to come back and bite you in the near future.

Gary