Use common sense and dont install random shady shit from the internet.

Best antivrius in the world

Do you have any antivirus recomendations for Linux.

Install all applications from your package manager.

Don’t run things as root.

Don’t visit sketchy websites.

Run an ad-blocker that isn’t owned by an advertising company.

I wouldn’t recommend using anti-virus software. It usually creates a lot more overhead, plus it usually mimics existing solutions already in linux. The only viruses I have ever caught using an anti-virus software on Linux are the test viruses to see if all is working fine.

Anyway, here’s my 20+ enterprise experience recommendations with Linux :

• enable secure boot: will disable launching non-signed kernel modules (prevent root kits)
• enable firewall: and only allow ports you really need.
• SELinux: it is getting better, and it will prevent processes to access resources out of their scope. It can be problematic if you don’t know it (and it is complex to understand). But if it doesn’t hinder you, don’t touch it. I do not know AppArmor, but it is supposed to be similar.
• disable root over ssh: or only allow ssh keys, or disable ssh altogether if you do not need it.
• avoid using root: make sure you have a personal account set up with sudo rights to root WITH password.
• only use trusted software: package managers like apt and rpm tend to have built in functionality to check the state and status of your installed software. Use trusted software repositories only. Often recommended by the distro maintainers. Stay away from use this script scripts unless you can read them and determine if they’re the real thing.

Adhering to these principles will get you a long way!

edit: added section about software sources courtesy of @[email protected]

The typical consumer Windows antivirus was designed to solve a different set of problems in a different environment and analysing files for signatures and behaviors against known threats was very valuable when so many people were running executables from unsafe sources intentionally or not. Even on Windows an antivirus has never been the best way to secure a machine. It was always the lowest common denominator solution that you put on everyone’s machine because it was better than nothing.

Linux has been well served for a long time by the division or privileges between root and users and signed trusted distro sources. The linux desktop is trending towards containerized flatpak applications running in seperate namespaces with additonal protection via seccomp. Try and understand the protections Linux provides and how to best take advantage of them first and only reach for an antivirus if you still think it is needed.

deleted by creator

Yes. Don’t.

I don’t understand why we keep telling new users that it is useless to use an antivirus on Linux. For people with computer knowledge, sure. However more widespread Linux adoption will mean more casual users will start using it. Most of them don’t have the “common sense” that is often mentioned ; these users will eventually fall for scams that tell them to run programs attached in emails or random bash scripts from the internet. The possibility is small, but it’s not zero, so why not protect against it?

Avast! runs on Linux.

Personally I prefer to just avoid clicking on dodgy links. In the last 5 years I haven’t found any viruses. YMMV

There’s plenty of good advice in other comments in this topic. Let me add mine too, something I haven’t seen in other comments: You need to figure out your threat model, and steer your course accordingly.

Who do you trust?

• No one? Don’t use a computer. Use an airgapped computer without any internet connection. Write your own OS (but be mindful of bootstrapping issues, you’ll also need to write your own compiler to protect against Thompson’s hack). It’s a hassle.
• Original authors of software? Compile and install all software from source. Consider using LFS. It’s a hassle.
• Maintainers of my operating system of choice? Only install packages from official package repositories (apt in Debian, pacman in Arch, you know the drill). Eschew any others, like PPA in Ubuntu, AUR in Arch. Though package maintainers don’t necessarily review any package updates, there’s a chance they just might. Though package maintainers are in the position to inject backdoors during packaging, this is somewhat unlikely as packaging scripts tend to be small and easy to review.

What risky activities are you doing?

• Running random crap software downloaded from the internet?
  • Run it in a virtual machine. It’s easy to install another Linux into a VM - you could try VirtualBox or qemu or libvirt or some other one.
  • Containerize it with Docker, or run it in Firejail or Bubblewrap
    • Don’t mount your home directory, or anything other important into the container. Instead, if you need to pass data, use a dedicated directory.
    • It’s easy to restrict internet access to a program, when running it in Docker or Bubblewrap.
• Running the same as root? I’m pretty sure a full virtual machine would be the only secure option to do that, and I’m 100% certain even that would be enough.
• Running large software that probably ought to be OK, but you never know for certain? This is what I normally do:
  • Use the Flatpak version, if available. Check its permissions (e.g. with Flatseal), you might be able to tighten the screws. For example, a browser (yes, Firefox, Thunderbird, Chromium are available as Flatpaks. Even Chrome is) is plenty large enough for any number of security bugs to hide in. Or a backdoor, which might be crafted to be indistinguishable from a honest bug.
  • If there’s no Flatpak version available, I Bubblewrap it.

I have a simple Bash script that restricts apps’ view of my filesystem, and cuts off as much stuff as possible, while retaining the app’s ability to run. Works with Wayland and console apps, optionally with Xorg apps if I set a flag. Network access requires its own flag.

I could share my Bubblewrapping script, if there’s interest.

Dr Web for linux. Run it once a week.