[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Anti-malware for my personal Debian workstation?





On Sun, Feb 23, 2020, 07:03 mlnl <mlnl@mailbox.org> wrote:
Hi l0f4r0@tuta.io,

l0f4r0@tuta.io wrote:

>Considering the fact I am human so not perfect at all + other notions
>like defense in depth / layered defense... would you recommend having
>a Linux anti-malware?

I have used clamav, linux malware detect with 3rd party repos like
sanesecurity just for fun and for some time to see, what you can do
beside commercial products. I had only a few postive, Windows related
matches and a lot of false positives - and think about the 0-day
problem with all anti-malware or the capabilities of state
sponsored cracker groups or CNA/CNE groups inside military/civil
state organizations ;)

I think, it is more important & usefull to audit & harden/secure your
system, kernels (KSPP), services and applications with IDS/IPS (e. g.
Samhain), MACs like AppArmor, systemd-analyze security unit, secured
sudoers file, use of additional 2FA tokens and so on...

--
mlnl
I've been using Sophos since it came out and clamav for many years prior and I prefer Sophos.

I definitely disagree with merely doing backups and updates. You could say the same for any OS. That is no means of keeping yourself safe.

Reply to: