Hi l0f4r0@tuta.io,
l0f4r0@tuta.io wrote:
Considering the fact I am human so not perfect at all + other notions
like defense in depth / layered defense... would you recommend having
a Linux anti-malware?
I have used clamav, linux malware detect with 3rd party repos like
sanesecurity just for fun and for some time to see, what you can do
beside commercial products. I had only a few postive, Windows related
matches and a lot of false positives - and think about the 0-day
problem with all anti-malware or the capabilities of state
sponsored cracker groups or CNA/CNE groups inside military/civil
state organizations ;)
I think, it is more important & usefull to audit & harden/secure your
system, kernels (KSPP), services and applications with IDS/IPS (e. g.
Samhain), MACs like AppArmor, systemd-analyze security unit, secured
sudoers file, use of additional 2FA tokens and so on...