Malware and Antivirus Systems for Linux

Have you ever had or suspected malware to be on your Linux system?

  • Yes, I had malware.

    Votes: 0 0.0%
  • I suspected malware, but I never proved it.

    Votes: 0 0.0%
  • Never

    Votes: 0 0.0%

  • Total voters
    0
Hi,
I run Linux Mint 17.1 Mate on my 32 bit portable PC. Perfect for my uses. Normally, hard disk Led is off when I use Firefox on internet with flash, cookies and others add-on locked off. But on some web pages run an not explainable hard disk activity that stay on for a very long time with firefox closure too. Only with a PC restart I can stop it. Clamav not find nothing. Can be a spyware? How can I lock it? Thanks.
 


Check out in Htop, Lxtask or similar what processes are running and go from there. You can use these programs to kill undesirable programs.

check out on Google anything unusual.

You could also run something like rootkit hunter to check out if there is any malware.

Are you using alot of public wifi spots. Have you got firewall confgured and running?????
 
Ok, thanks, when will happen I will check out with Htop.
No, I'm using the wifi tethering of my android phone in wpa2 with password.
Firewall is running with default configuration.
 
Hi,
I run Linux Mint 17.1 Mate on my 32 bit portable PC. Perfect for my uses. Normally, hard disk Led is off when I use Firefox on internet with flash, cookies and others add-on locked off. But on some web pages run an not explainable hard disk activity that stay on for a very long time with firefox closure too. Only with a PC restart I can stop it. Clamav not find nothing. Can be a spyware? How can I lock it? Thanks.

It is hard to explain the odd behavior. I agree with @Darren Hale , use Htop or some other utility to help pin-point the programs using the hard-drive and what files they are reading or writing.

Do you have Firefox set to cache the pages?

Perhaps, Firefox is reading or writing config files that are under ~/.mozilla/ or ~/.cache/mozilla/firefox/.
 
After seeing this thread I was watching a video by Matthew Moore and he spoke about Malware on Linux and other stuff.

Link:
 
Hi
I am new to this or any other forum,so now is the time to get some help.I have mint 17.1 and used clam av to find 6 malwares.I tried to delete them and or quarantine, but they will not delete or move.Can i send a screen shot to show someone?
 
Hi
I am new to this or any other forum,so now is the time to get some help.I have mint 17.1 and used clam av to find 6 malwares.I tried to delete them and or quarantine, but they will not delete or move.Can i send a screen shot to show someone?
Ask your question in a new thread. Include a screenshot in the new thread.
 
Hi, I am just wondering does for example this software you mentioned "ClamAV" remove malicious code from .php files etc within my Wordpress site. I have just moved to a new dedicated server and am wanting virus protection like my old shared server. For example, my old server when uploading files via FTP it would alert me of any viruses or malware. So my question is does the ClamAV (or any other software you could recommend) do this same job?
 
Hi, I am just wondering does for example this software you mentioned "ClamAV" remove malicious code from .php files etc within my Wordpress site. I have just moved to a new dedicated server and am wanting virus protection like my old shared server. For example, my old server when uploading files via FTP it would alert me of any viruses or malware. So my question is does the ClamAV (or any other software you could recommend) do this same job?
I am not sure about any anti-virus programs having support for PHP-related malware.
 
The safty of os is hard to keep.And the install of bad software always means you have been under control.So is's important to keep your docunment and personal information safety
the last version of clamav is 0.98.7. so it isn't a good choice to install it as a root software.(we should choose the software which version under 1.0 or run it in boxes!
 
Last edited:
sorry, the selinux is enough, we don't have to scan virus.there are many types of anti-virus software have bugs, once they broke down, the os will broken!
 
I had an interesting problem: mama gave me her USB Flash to copy some files, after copying she found some viruses on the device, so here's the question: if I got a virus, maybe it was written only for Microsoft Windows or I need to find an additional security?
yes, the windows software can't run in linux (even you use wine)
 
Last edited:
Informative article. Thank you.

About this statement....


This statement is typically true, but not always true. Malware, virus, etc can be any file. Most importantly, a file can be infected without being executable -- the executable code is just inert. Any file can be made executable, userspace especially being vulnerable.


Some malicious files exploit the executable that calls them, eg an FLV could contain malicious code that exploits a flaw in flash player when playing said FLV, usually stored in the file's header.

Anyway, I agree execution must happen somewhere in the stack in order for infection to occur, however, thinking that your FLV is safe might not be the best route. Scan those too, along with your MP3s and PNGs.
why? if they make a file for rudle 32 but named flv? or the flv is not the comman one?(maybe it can cause software crash?)
 
@dtse9 , Most Windows software does run well on Linux with WINE. However, there are some Windows programs that do not run well on WINE.
 
I am using openSUSE 13.2 and I have COMODO anti-virus. Since COMODO doesn't come with the proper drivers for active scanning. I can do only manual scans. The fix for this doesn't work. Doing a scan, COMODO found one Windows virus in Linux. As for those other anti-virus programs, I don't like ClamAV because you need to use the terminal. I came from Windows and it's difficult for me to use the terminal even though it's easier with Linux. ClamTK doesn't work at all. You can click as much as you want, where ever you want and nothing happens. Avast is not free for Linux unlike for Windows. As for AVG, I haven't tried downloading from that link that was posted but on their site there is no AVG listed. Kaspersky is known to be one of the best. I guess that's they want you to pay for it. I keep my system up to date and have print file sharing disable. I switched to Linux about 5 weeks ago and love it. It's bad enough that my mother is nosy, but Microsoft has her beat big time with being nosy with Windows 10.
 
I don't like ClamAV because you need to use the terminal. I came from Windows and it's difficult for me to use the terminal even though it's easier with Linux.
You should really like using terminal, one day you may find yourself without a working GUI and the only way to determine and overhaul it is to use console and edit text files (with vi of course). Nothing fancy but always works. And console tools are often better than bloated interfaces (which are especially widespread in the Microsoft world). Thus, give a chance to ClamAV and welcome.
 
@dtse9 , Most Windows software does run well on Linux with WINE. However, there are some Windows programs that do not run well on WINE.
sorry,but most windows software'srun enviroment is ms net framwork not rudle32,you can't install net framwork in linux!
 
You should really like using terminal, one day you may find yourself without a working GUI and the only way to determine and overhaul it is to use console and edit text files (with vi of course). Nothing fancy but always works. And console tools are often better than bloated interfaces (which are especially widespread in the Microsoft world). Thus, give a chance to ClamAV and welcome.
This is the problem in the Linux community that scares away people migrating from MAC or Windows to Linux with the insistence of using the terminal and the only proper way to use Linux is being a power user. While using the terminal has it's time and place of being used it's an ancient antiquated way of using a computer. Using the terminal is an easy way to break an operating system because it's so easy to make a mistake. We are in the 21st century and not the 20th century. Linux has come a long way since I first tried it back in 2000 when I couldn't get it to work because of very poor driver support. Most people that come from MAC or Windows like myself are not power users and haven't needed to use the terminal in years in those OS's and expect the same when using Linux.
 
This is the problem in the Linux community that scares away people migrating from MAC or Windows to Linux with the insistence of using the terminal and the only proper way to use Linux is being a power user. While using the terminal has it's time and place of being used it's an ancient antiquated way of using a computer. Using the terminal is an easy way to break an operating system because it's so easy to make a mistake. We are in the 21st century and not the 20th century. Linux has come a long way since I first tried it back in 2000 when I couldn't get it to work because of very poor driver support. Most people that come from MAC or Windows like myself are not power users and haven't needed to use the terminal in years in those OS's and expect the same when using Linux.
First, Unix was created in 1969 and GNU/Linux still tries to maintain similar philosophy these days. Terminal was the only way to use computers these days. Even nowadays a lot of people continue to use CLI only (most notably on servers but there are some hobbyists also).

Second, you don't have to be a power user to use a terminal and know a couple of commands.

Third, it's better to solve problems (which are common if you use fancy GUIs like GNOME 3, KDE or Cinnamon) using command line than don't solve them (like with BSoD).

Fourth, you can as well easily break your operating system using GUI. That's why you are not advised to use your system as root.

Many distributions (so-called "user-friendly") like Mintubuntu and some others let you forget about your terminal.

Cheers
 

Staff online


Top