Do you really need An Anti Virus and/or Anti Malware for Linux? In my opinion no you don’t need them if you know what are you doing and you deeply understand how Linux works. In the real world there are virus that targeted at Linux, you should heard that Mac OS (based on Unix) have been compromised by malware and people are installing antivirus software for Mac OS now to stay safe. Even popular mobile devices OS Android has been targeted by malware recently.
The way Linux/Unix permission work is very different than Windows systems. Windows machines without an Anti Virus software is like heaven for all sort of computer Virus out there. In Windows with single user, usually that user automatically is an administrator user or equivalent to root user in Linux, means if virus or malwares have highest privileges can do alot of damage to your system. Meanwhile users in Linux/Unix normally don’t have root/administrator privilege, means it’s harder for virus to attack Linux system. Linux users normally have lower permission and privilege levels than Windows, making virus to affect the whole system.
Another reason makes Linux less likely to be virus infected because the way Linux distributions work. There are many Linux distributions, each distribution come with different configurations as default, even within the same Linux distribution, there are different flavor/setup/version for end user to choose from, not to mention each distribution provides different Linux kernels in their products. With all the Linux setup and configurations differences, virus writers have to write specific virus for specific Linux distribution with specific flavor and setup. Meanwhile there are a few Windows versions out there and Windows tend to have similar kernel and configurations which make Virus for Windows easily wide spread to the wild. The Linux ecosystem is huge so hackers go for what is easier to attack.
Every know Linux is open source, open source means everyone have the access to the Linux source, there are a lot of people contribute and develop Linux, each line of Linux source code is written by huge community and skilled developers makes security flaws less likely to be happened. Plus being driven by huge Linux community, patches and fixes for Linux normally come faster and more regularly compare to Windows.
There are many kind of virus and malware for different purposes.
- Virus: in general are computer programs, written by bad people to damage your system or other purpose.
- Trojan/spyware: is designed to hide under other programs to collect sensitive information like credit card, social security number, username and password, banking accounts and send those information back to the hacker.
- Ransomware: being popular recently on the news. What ransomware does is encrypts documents and other sensitive information in your system. Instead sending those data back to the hacker, ransomware asks you ransom money to get your encrypted data decrypted.
- Zombies: is the term that virus make your system become a zombie (hackers have control of your system without your knowledge). Normally hackers have tons of zombie (zombies network) to attack another target sometimes hackers use your system/network resources for other purpose.
- Worms: another computer term for virus that copy itself and spread from one system to others in very short time. Worms is a standalone program unlike virus has to attach to programs. Because the way worm work which spread itself to other system/network, works will use lots of bandwidth which will harm your network in wide scale.
- Malware: is a general term for virus, usually what malware does is similar to virus that may harm your system or network.
- Rootkit: is another kind of Linux malware only targets Linux platforms which highly advanced techniques to hide itself. Rootkit can be installed when someone (hacker) have root access in your system to maintain root access for later use. Removing rootkit from your system is very hard since it hides itself in the linux kernel.
How to protect you from Anti Virus and Malware in Linux
There aren’t many real linux virus vulnerabilities, not means we don’t have to worry about it.
- Make sure you install or compile programs from trusted source.
- Don’t add any random PPA (Personal Package Archive), not all PPA is created equal.
- Update your system and programs often.
- DO NOT use your system as root.