Re: Antivirus for Debian

To: debian-user@lists.debian.org
Subject: Re: Antivirus for Debian
From: Stuart Longland <stuartl@longlandclan.yi.org>
Date: Fri, 21 Aug 2015 05:56:36 +1000
Message-id: <[🔎] 55D630F4.9090006@longlandclan.yi.org>
In-reply-to: <[🔎] 20150820145027.10a31058@ron.cerrocora.org>
References: <[🔎] CAMb9PZmocO3KKPOJhAevvouM0Tgfx8ZZc-bUXdgat3Gzv906GQ@mail.gmail.com> <[🔎] 55D61B50.90207@yahoo.fr> <[🔎] 20082015193032.d182317082a2@desktop.copernicus.demon.co.uk> <[🔎] 20150820145027.10a31058@ron.cerrocora.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 21/08/15 04:50, Renaud (Ron) OLGIATI wrote:
> On Thu, 20 Aug 2015 19:33:17 +0100 Brian <ad44@cityscape.co.uk>
> wrote:
> 
>> On Thu 20 Aug 2015 at 20:24:16 +0200, Diogene Laerce wrote:
> 
>>>> Hello guys. I wanted to know if antivirus is required for
>>>> Debian or for linux in general. And if it is required, what
>>>> are the recommended antivirus for Debian? Thank you in
>>>> advance.
> 
>>> Required no, advised I guess.
> 
>> You guessed wrong.
> 
> Although I know that proof-of-concept viruses (virii ?) have been
> created in computer labs, has anyone seen one alive in the wild ?

Maybe it'd be helpful to consider what a "virus" is, in the context of
computing.

In a nutshell, it is an exploit for a security vulnerability, that
embeds code to try and seek out and infect other victims that suffer
similar vulnerabilities.

What does anti-virus packages do?  It's basically an intrusion
detection system, looking for anomalies in programs and files that
indicate evidence of an intrusion, combined with some knowledge of how
to "disinfect" the infection caused by the malware.

The approach used on DOS (inherited by Windows), is to basically react
to software vulnerabilities by trying to treat the symptoms: malware
infections.

The approach used on Unix systems (inherited by Linux) is to try and
find and treat the underlying security vulnerabilities that permit the
malware to infect the machines in the first place, with perhaps an IDS
package like TripWire and/or Snort to detect when an intrusion takes
place.

You decide whether an anti-virus package is truly needed.
- -- 
Stuart Longland (aka Redhatter, VK4MSL)

I haven't lost my mind...
  ...it's backed up on a tape somewhere.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iJ4EARMKAAYFAlXWMO8ACgkQoCQEvFhlDPn/xgH/Vmy4O51cElH9/FKosjLczdAZ
6//OIwLwdw0pf47LdNOUwD31G5/Y6s/uIFxCrKqcXobP2LgFljfxjqfMylvcQgH9
GvC9PVp1MqN3fyudqZYKqaWSKTwtTXTPMfhyugnj0pl2LphOUmnnUWftZwQ1yyxu
oFd171ESuvTa34HTpxbksw==
=qltK
-----END PGP SIGNATURE-----

Reply to:

References:
- Antivirus for Debian
  - From: Dwijesh Gajadur <dwijesh1@gmail.com>
- Re: Antivirus for Debian
  - From: Diogene Laerce <me_buss777@yahoo.fr>
- Re: Antivirus for Debian
  - From: Brian <ad44@cityscape.co.uk>
- Re: Antivirus for Debian
  - From: Renaud (Ron) OLGIATI <renaud@olgiati-in-paraguay.org>

Prev by Date: Re: Antivirus for Debian
Next by Date: Re: Antivirus for Debian
Previous by thread: Re: Antivirus for Debian
Next by thread: Re: Antivirus for Debian
Index(es):
- Date
- Thread