Tuesday, July 12, 2011

Do you really need an Antivirus Software in Linux?

This has been posted lots of time all around the web, the forums, blogs, discussion boards, IRC, almost everywhere. The question is, does one really need to run an Antivirus software in Ubuntu or any other Linux? The simple is answer is, No! Why? Lets discuss a few aspects.

Linux is a hard place for Computer Viruses to Run, Hide and Re-produce

For a computer virus to successfully infect an operating system, it should be able to run, hide and re-produce at a better rate than its death rate which is nearly impossible in Linux.

Unable to Run

A computer virus should be able to infect the binary executable files in an Operating System for success. Linux is engineered in a way that almost all the binary executable files are owned by 'root' and are being run by a non-privileged user account thus reducing the chances of infection to a minimum. Although, some experienced users like to login as 'root' and they own the executable files then but they are experienced enough to know what they are doing most of the time. And thats why the root account is disabled in Ubuntu by default and many other Linux distros.

Moreover, Linux file systems support universal file permissions i.e. read, write and execute. And they come in three levels: root, user and group. All the important files are owned by root, so the minimal chance of damage from a successful Linux virus is that it can infect the files owned by the user and also those of which the user has got write permission.

Unable to Hide

Almost all of the Linux software comes as open source rather than binaries. Open source means anyone around the Globe can download the source and take a look, improve it and upload it. With so many eyes on the source code, that makes it very difficult for the virus to hide in there.

Security Patches are released frequently

As soon as a vulnerability in code is detected for any software, a security patch is released most of the time within 24 hours after its detection. Obviously, as with any other OS, you need to keep your system updated to further minimize the security lapse.

No proper medium for the virus to spread

Mostly, the viruses spread over the internet via e-mail, IM clients and web browsers. In Windows, the downloaded files from those sources are executable already and they are executed with or without your permissions. In Linux, the downloaded files aren't executable by default, so very rare chances that you make them executable and run those. Linux doesn't depend on file extensions (like .exe in Windows) to make them executable, so renaming a file's extension doesn't make it executable. You need to 'know' how to make it executable and run. And if you know that stuff, you are probably smart enough to know what is contained in that file/package.

Ubuntu doesn't come with any open ports by default. That's why you don't even need to enable the firewall in Ubuntu if you are an average user. Unless you open a port yourself (in which case it would probably be protected by a firewall), you don't have to fear about viruses coming in through open ports.

Production Rate

For a computer virus to successfully exist, just like a biological virus, its re-production rate must be higher than its death rate, obviously. The above factors make it nearly impossible for the virus to achieve that and, therefore, the result is the extinction of the virus.

When you actually need an Antivirus in Linux then?

Aside from all the stuff stated above, you may still need to run an antivirus software in Ubuntu/Linux at times. The probable cases are:
  • You are dual-booting Windows and Linux and frequently mount your Windows partition in Linux to copy over some stuff.
  • You've got a shared data partition that shares data between Windows and Linux.
  • You don't want to keep spreading the infected files to Windows users via e-mail etc.
  • You share a USB thumb drive between Windows and Linux.
  • You want to scan Windows machines over the network from Linux.
  • You are running some kind of File or Web Proxy Server to serve Windows.
  • You are running Wine in Ubuntu. Windows viruses are probably able to run in Wine.
  • You fear that your system is infected, as having viruses in Linux is theoretically possible.
Avast Antivirus (free)

If you really need to use an antivirus software in Ubuntu, Avast is probably the best one out there. For installation, download the .deb package by visiting the link below, then double-click it and follow on-screen instructions.

avast! Linux Home Edition

Related Posts: