One hears again and again that virus protection under Linux is superfluous. If you want to know why this is not quite true, you have come to the right place. In the following we explain to you which protective measures you can take for Linux.
Does Linux need anti-malware?
The benefits of anti-malware programs are hotly debated today, and there are calls from some corners of the security world to do without them completely - even under Windows. Viruses, worms, and Trojans have never been a serious problem on Linux . On the one hand, because Linux pursues a significantly better security / rights concept that simply makes it harder for attackers. On the other hand, it is mainly due to the low market share of Linux on desktop computers - Linux is simply not a promising target for criminals. And on top of that, you have to assume that the average Linux user has a little more knowledge of IT.
Still, there are at least two good reasons to install an anti-malware solution . On the one hand, it can also be used to check Windows installations and external data carriers that are running in parallel. On the other hand, it is simply a bit of security for the future . Who guarantees that the encryption blackmailers won't attack Linux at some point? At the latest, if Linux does make the breakthrough on the desktop, it will be an interesting goal. Of course, a running virus scanner costs a few resources, but that doesn't matter on any reasonably powerful computer. And of course you don't have to pay a cent for security software on Linux either..
The standard solution under Linux is ClamAV with the graphical user interface ClamTK, both open source and accordingly free of charge . Among the commercial providers, Sophos and Eset in particular have a good reputation - which cannot really be said about ClamAV. ClamAV has always been unable to keep up with the detection rates of commercial products - but it just keeps getting better.
In addition to the detection rate, the commercial solutions have another advantage: They monitor the system live - with ClamAV you scan the system, files or folders manually. Below you will find instructions for two variants: ClamTK and the full version of Eset NOD32, which costs around 30 euros per year..
Set up Eset NOD32
NOD32 can be installed quickly, but not simply by double-clicking - it takes three steps:
- Download the appropriate 32- or 64-bit version from https://www.eset.com/de/home/antivirus-linux .
- Open the properties of the file and under " Access rights " check the box for " Execute file as program ". Now start the file and install the program. Most likely you get an error message "ESET NOD32 for Linux needs the following packages to install: libc6-386, /lib/ld-linuzx.so.2". In this case, proceed as follows:
- Open a terminal and enter the following commands one after the other :
-
sudo apt-get up date -
sudo apt-get upgrade -
sudo apt-get install libc6:i386
This brings your package sources up to date and then sets up the required dependencies. The installation routine is now run through cleanly, then NOD32 starts, updates itself and immediately protects the system.
Professional software with a good user interface - at a high price by Linux standards. Note: After purchasing a license for ESET NOD32, the program also requires a user and a password for activation . The reason is that the program is now viewed as "legacy" at ESET. Please contact ESET again via eset.com to receive the data.
Set up ClamTK
At ClamTK, the setup is extremely simple - only the (first) update is not a matter of course.
- Start Synaptic, the Ubuntu Software Center or another package manager and search for ClamTK . The usual is sufficient in the terminal
sudo apt-get install clamtk - If the package manager suggests additional packages for installation, for example ClamAV itself, accept this and let everything be installed .
- After starting ClamAV for the first time, you will be notified of outdated malware signatures - and you will probably miss an "Update" button. ClamTK updates itself automatically . If you want it immediately, quit ClamTK and start the "freshclam" tool in the terminal via sudo freshclam.
You can then start ClamTK and the signatures should be up to date. The actual use of ClamTK is simple: just use the buttons to select folders or files to scan them manually . In the settings, it may be worthwhile to tick additional boxes, for example, to also include subdirectories in scans . Alternatively, you can test individual files and folders by right-clicking and selecting the " Open with " option.
ClamTK on Ubuntu Unity: Detected malware can be moved to quarantine manually. So you are spoiled for choice: The paid Eset NOD32 offers the best protection with the best user experience - but costs 30 euros per year. For an operating system that has practically no virus problems, that is quite a lot for private users. ClamTK can't quite keep up with the competition in terms of security , but it is the easiest to set up and offers a very rudimentary, but at least simple graphical user interface. Of course, there are other solutions for all three categories, ClamTK and Eset are just the best-known names in the game.
