Peppermint | Linux OS Community Forum

Do I need antivirus / firewall software?
Page 1 of 1

Author:  Rich_Roast [ Tue May 25, 2010 4:02 pm ]
Post subject:  Do I need antivirus / firewall software?

Class: Security discussion
Difficulty: Just some common sense required
Time: Just the time to read the document
Desirability: Most users should not need to take any further action

Most users of Peppermint OS will not need an antivirus, nor a firewall solution.


Yes, really. In the six years I have been using Linux I have only been made aware of one poorly written trojan, and have certainly never been affected by any kind of attack.

To date, extremely few viruses or other malware have been written to exploit Linux. This is partly because Linux provides a secure environment which is trickier to crack, but is also due to the popularity of Windows, which makes it a much larger target.

It is also worth noting that antivirus software acts as recovery software and is not a preventative. By the time a scan for viruses has been completed, the payload has already been dropped and damage done. Furthermore, antivirus software may miss certain types of malware, and may also fall victim to "zero day" attacks (whereby the malware is so new that the antivirus software's pattern database doesn't identify it yet).

Rather than spend precious processor cycles on such measures, a little common sense goes a long way to keeping your computer secure. The most important rule of thumb is to never, ever log in as root, and to exercise due attention when handing over your administration password ('sudo command').

Be careful if downloading and installing applications, desktop themes and indeed any file from third party websites or complete strangers. You don't need to be a programmer or a security guru to check for suspicious signs. If a file claiming to a be a game is only twenty kilobytes in size, then that's suspect (unless it's a really simple game). If a file claiming to be some sort of media has the executable bit set (it has the "Make the file executable" box checked in properties), then that's really suspect. If it's an attachment from an unknown admirer who's just introduced themselves to you through email for the first time... you get the idea.

There is one exception to not needing antivirus, and some users still decide not to go to the trouble. It is considered by some a courtesy to Windows users with whom you share third party files to scan them for viruses first. Just because Linux isn't affected by many viruses out there (they won't run), doesn't mean that it's not "contagious". If going down this route, my recommendation is to download and install clamtk through Software Manager. It is a good, open source antivirus suite and can be called through the Accessories menu. It can scan just one file, or entire directories.

Finally, there is the question of a firewall. A firewall is designed to prevent unauthorised network connections to and from your computer. For personal, private users firewalls are primarily useful for preventing malicious software from making outgoing connections; however, this should not be an issue for the reasons discussed above. It is unlikely that a user actually needs a software firewall installed and running.

That said, if a user is feeling insecure then it is trivial to install some gui software and block all unknown outgoing connections by default. Install "gufw" through software manager. It's launcher is located at Preferences -> Firewall Configuration. To begin, check the 'Enable Firewall' box. Keep the default options checked (allow outgoing, deny incoming) to provide basic protection. Over time, it may be necessary to add rules, for which gufw has a few templates (for torrent and so on). Gufw documentation is here. Once configured, it is safe to close gufw's window, the firewall will still be enabled.

Page 1 of 1 All times are UTC - 5 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group