Linux is a reliable alternative operating system  Windows

However, virus and malware protection remains a concern for many users. Many anti-virus programs are available for it, each of which offers various pros and cons. There are five antivirus programs that are good choice  for users who use Linux on their personal computers. Most of these programs are free for private users, with various licensing options for added protection.

Avira AntiVir Personal

Avira AntiVir Personal other free productwhich is very popular due to its ease of use. Fast, frequent scans ensure the security of computers on computers running the Linux operating system.

Clam AV is an antivirus program that specializes in scanning email in mail gateways. Although it does not have a wide range like the other programs on the list, it is an important segment that deserves attention. Its anti-virus database is constantly updated, and there are various options for scanning files and many other options available.

F-Prot Antivirus Linux

F-Prot is a more advanced antivirus program. If the user is comfortable working from the command line, this is a good alternative to simpler and automatic programs. Scanning and updating can be scheduled in order to be performed on a regular basis.

Why Doesn’t Linux Need Antivirus?

Support the site, click on the button .........

Have you ever wondered if you need an antivirus for Linux? A lot of copies were broken in endless disputes, and now, the answer seems to be obvious - of course, we need it! But only if you need to look for Windows viruses.

It would seem that it can be considered as an axiom that if there are viruses on the platform, then an antivirus is also needed. But with Linux, things are not so simple. Yes, there are viruses under Linux, but in 99% of cases, these are worms that can exploit a single vulnerability in a particular service and, as a rule, a specific distribution (since the version of the service, settings, and compilation options vary from distribution to distribution) . A good proof of this fact can be, for example, Linux.Ramen (which uses vulnerabilities in wu-ftpd on Red Hat 6.2 and 7.0), the Badbunny macro worm for OpenOffice, or the same Morris worm.

However, almost every antivirus vendor has a version for Linux. However, most often this is the version for the mail server, gateway or shared file storage, to protect Windows clients. But lately, the number of antiviruses for Linux desktop has begun to grow. And the manufacturers of the corresponding products scare "the number of malvari under Linux arriving exponentially." Whether or not to use antivirus on a Linux desktop is everyone’s personal business. For me - so long as the popularity of Linux on desktops has not exceeded 1-2%, and manufacturers of popular distributions release security updates in a timely manner - there is nothing to be afraid of. But there are situations when you need to check the screw with Windows for viruses or a USB flash drive before giving it to someone. In such cases, antivirus for Linux may come in handy.

In general, testing antiviruses is a thankless task, since there is no objective test, and everything very much depends on the test suite of viruses (which manufacturers use successfully, periodically submitting tests to the public to the court, conclusively proving that their antivirus is "the best "). Since in all Linux antiviruses the databases and the kernel are identical to the Windows version, you can safely evaluate the effectiveness of antiviruses under Linux using the Windows version tests.
  Paid

For most of these antiviruses, manufacturers are asking for money. If the antivirus was made with an eye on corporate clients, it will cost quite good money. But if you need antivirus "a couple of times", then you can get by with a trial license (fortunately, most manufacturers provide it).

I’ll start the review with Dr.Web for Linux, since in April the “revolutionary” version was released at number 6 with new interesting features and a graphical interface. There is support for both 32- and 64-bit distributions. Installation is elementary - a .run file is downloaded from the official site, and when launched, a graphical installer appears. After a couple of clicks of the "Next" button, the product will be installed. If there is no license key yet, then during installation you can request a demo key from the company’s server for 30 days (a demo key can be requested no more than once every 4 months). After installation, the "DrWeb" item will appear in the Gnome menu (with two sub-items: launching the antivirus and removing it), and a nice, but not very suitable, default Ubuntu theme will appear in the tray symbolizing the operation of the file monitor.

There is also a CLI scanner, to scan the current directory it starts like this:

$ / opt / drweb / drweb ./

If he swears at the absence of a file with a key, then run with the ini-file, for example:

$ / opt / drweb / drweb -ini \u003d / home / adept / .drweb / drweb32.ini ./

In total, for 799 rubles a year the user will receive an antivirus with a graphical (GTK) and CLI interface, integration with DE, an antivirus scanner and a monitor that scans files when accessing them. Considering the core and the base that is common with the version for Windows, it’s a rather advantageous offer for those who need a restful sleep paid antivirus  for a Linux desktop.

Unlike Dr.Web, Kaspersky Lab believes that a home Linux user does not need an antivirus at all. But in the corporate sector it may come in handy. Therefore, Kaspersky Anti-Virus for Linux Workstation cannot be purchased separately, only as part of Kaspersky Total Space Security, Kaspersky Enterprise Space Security, Kaspersky Business Space Security or Kaspersky Work Space Security (that is, from 7,700 rubles per year). The version for Linux is being updated is not very active - the latest release (5.7.26) was already in October 2008. Deb and rpm are available on the site, support for both 32- and 64-bit is declared. Upon installation, it immediately requires giving him a file with a license key (which can be requested on the offsite for testing), offers to configure proxies and download the latest versions of the databases, and can also install a special module for webim and compile the kavmonitor kernel module (allows you to intercept kernel calls for accessing files and scan these files for viruses). Unfortunately, kavmonitor does not support kernels newer than 2.6.21 (for 32-bit systems) and 2.6.18 (for 64-bit), so all more or less new distributions will have to do without it. The antivirus does not have a graphical interface, only the CLI. It starts as follows:

$ sudo / opt / kaspersky / kav4ws / bin / kav4ws-kavscanner / tmp

You can update the database as follows:

$ sudo / opt / kaspersky / kav4ws / bin / kav4ws-keepup2date

The main anti-virus settings are stored in the /etc/opt/kaspersky/kav4ws.conf config.

Another popular antivirus manufacturer in our country - ESET - also has a version for Linux desktops (ESET NOD32 Antivirus 4 for Linux Desktop), which, however, is still in beta status. But the beta version can be absolutely free to use until a certain date. After the release, most likely, only the trial version can be used for free. The x86 and x86-64 architectures are supported; installation is done using the graphical installer. By default, the antivirus is installed in / opt / eset. After installation, we are greeted by a concise GTK interface and an icon in the system tray, symbolizing the operation of the file monitor. The interface can be switched to the “expert mode”, in which a couple of items will be added: Setup (for setting up the scanner and monitor) and Tools (for viewing the logs and quarantined files). There is also a CLI scanner scanning the current directory:

$ / opt / eset / esets / sbin / esets_scan ./

The "-h" option will show possible scan options.

Another fairly large manufacturer of antivirus solutions that has Linux versions of their antiviruses is McAfee. In general, if you evaluate only their Linux products, then the vendor is rather strange (by the way, the only one who has a website running on IIS is nothing personal, just statistics :)). Instead of All-in-one solutions, there are several separate Linux solutions in their product line: LinuxShield (a monitor that scans files when accessed) and VirusScan Command Line Scanner for Linux. LinuxShield costs about 2 times more. But the Command Line Scanner is not only for Linux (x86 and x86-64), but also for almost every conceivable OS: Windows, FreeBSD, Solaris, HP-UX and AIX. McAfee positions its products as solutions only for large companies, so you can buy at least 11 licenses for each product name from partners, and before downloading the trial version, you need to fill out the largest registration form in which you can tell in detail about your company.

Command Line Scanner is installed by install-uvscan script from the downloaded archive. When installing the script, it will ask a couple of questions (where to install and make symlinks) and will prompt you to immediately check the entire FS. The scanner is not designed to work with new distributions, so it did not start without dancing with a tambourine on Ubuntu 10.04, cursed at the lack of libstdc ++. So.5. I had to bet from Debian. This is the only anti-virus scanner that does not have any utility for updating. It is proposed to download new databases on your own and put them in the installation directory. To scan the current directory, type:

The command "man uvscan" tells about a large number of possible options of varying degrees of utility.

LinuxShield officially supports only RHEL and SLED, for other distributions (and, accordingly, other kernels) it is necessary to rebuild the kernel with antivirus modules. It is a dubious pleasure to rebuild the kernel every time you upgrade because of antivirus modules alone. Moreover, it is not a fact that modules will assemble with kernels newer than 2.6.18.
  Freebie

To attract attention to their products, some manufacturers give out free keys for home use (including Linux versions).

This is what BitDefender, for example, does. Its product BitDefender Antivirus Scanner for Unices can be used completely free for personal purposes. After filling out a small registration form on the offsite, a letter will be sent to the mail with the key for a year and a reminder that the key is "for personal usage only". Another plus to the BitDefender piggy bank is the number of versions: deb and rpm packages, ipk (a universal installer) and tbz for FreeBSD are available for download. And all this for both 32- and 64-bit OS. The 128-page manual also inspires respect. The antivirus only includes a scanner; there is no monitor. The scanner can be launched both through the GUI (there is integration with DE) and through the CLI. Scan the current directory:

Database update:

$ sudo bdscan --update

As usual, "man bdscan" will show many interesting options.

Another free antivirus for personal use is AVG. There are versions for Linux (deb, rpm, sh and just an archive with binaries. True, only 32-bit) and FreeBSD (also only for x86). For Windows is available 9th version, and for niks - so far only 8.5 (released in January 2010), but the beta version of the upcoming nine can be downloaded after registration. In addition to the scanner, there is a monitor for scanning on the fly. Only the inclusion of this function is not trivial: you need special modules for the kernel (RedirFS or Dazuko). The antivirus does not have a graphical interface, only the CLI. Scan the current directory:

Database update:

$ sudo avgupdate

Another challenger is avast. You can get a free annual license for personal use after registration. There is deb, rpm and a binary archive. True, again only for 32-bit. There is also no integration with DE. The antivirus is launched by the avastgui command.

At the first start, it will ask for a registration key or offer to follow the link and get it on the website (however, do not get fooled: the cunning antivirus sends the wrong link; the correct link is www.avast.com/registration-free-antivirus.php).

In addition to the GUI, there is also a CLI interface. Scan the current directory:

Database update:

$ sudo avast-update

The next vendor to offer free home use of their product is F-PROT. Linux version: F-PROT Antivirus for Linux Workstations. There are versions for Linux (i386, x86-64 and PowerPC), FreeBSD, Solaris (for SPARC and Intel) and even AIX. Latest version  for Linux (6.0.3) was released in December 2009. Installation is carried out using the install-f-prot.pl script. The script simply creates symlinks in / usr / local / bin (or any other specified directory on downloaded binaries, so it’s better not to install F-Prot, say, from the desktop, but first move it somewhere, for example, to / opt). The last stage of installation is downloading updates and setting tasks for hourly downloading updates in kroons. Launch:

You can set many things with the parameters: for example, recursion depth (30 by default), scan levels and heuristic level, etc. (read "man fpsan" for details). Forced database updates can be started with the fpupdate command (located in the installation directory).
  freedom

The most famous (and concurrently - the only normal) OpenSource antivirus is clamav. There is a console scanner and several GUIs for it (clamtk for GTK and klamav for kde). It can also work as a monitor through DazukoFS. True, in most tests it does not show the most brilliant results. But there is in the repository of any distribution for any architecture, and there are no licensing restrictions. The most for undemanding users!

DazukoFS (from Dateizugriffskontrolle, from German - file access control) is a special file system that provides applications with mechanisms for controlling file access. Since DazukoFS is not part of the vanilla core, in order to use it, you will have to patch and rebuild the kernel. DazukoFS is used by many antiviruses to implement the monitor function.

The first two versions of Dazuko were developed and released under the GPL license by Avira GmbH. The third version, dubbed DazukoFS, has been completely rewritten by the community.
  Live antivirus

LiveCD with antivirus more than once helped me out in a situation where it was necessary to quickly restore at least some functionality of Windows, which under the load of its viruses did not want to boot into anything. Unfortunately, the choice among such tools is not very large - not every vendor offers its own LiveCD, and even for free.

Perhaps the most famous representative is Dr.Web LiveCD. Current version  (5.02) was released quite a while ago, and so far there are no public beta versions (although the assembly with updated databases is released every day). But there is hope that, after the release of version 6 under Linux LiveCD, they will finally be updated. Despite the fact that the assembly is based on not quite old components (the kernel, for example, version 2.6.30), the LiveCD thread on the official drweb forum is full of reports that the OS is not loaded on a certain hardware in graphical mode. In this case, there is SafeMode with a bare console and a console scanner.

Unlike Dr.Web, Kaspersky does not particularly advertise its LiveCD; there is not even a mention of it on the offsite. But you can’t hide anything from Google! :) LiveCD is free to download from here. LiveCD is loaded quite quickly. You only have time to notice that it is built on the basis of Gentoo and the kernel 2.6.31, as the license agreement pops up. After accepting the terms of use, a GUI is launched (similar in appearance to kav 2010) with the ability to scan and update databases.

AVG also has its own LiveCD. At startup, it meets a license agreement, which, of course, having carefully read it, must be accepted (otherwise - reboot). The only LiveCD with a pseudo-graphic interface. When loading, it automatically mounts the Windows partitions, while partitions with a file system other than FAT or NTFS refuse to mount. But you can exit the pseudo-graphic interface (and, if necessary, run the arl command again), mount it with your hands and run the test from the console. Of the usefulness, you can also note the tool for editing the registry (Windows Registry Editor).

There are cases when the results of the scan by one antivirus are not enough. Apparently, the creators of the ViAvRe (Virtual Antivirus Rechecker) distribution kit, which contained a whole bunch of different antiviruses, thought this way: Avg, Avast, Doctor Web (CureIt), McAfee, BitDefender, F-Prot. The project is still very young, but it already holds great promise. The latest version at the time of this writing (04.10, released in April this year) was created on the basis of OpenSuse 11.2 using SuSeStudio. Another feature of the distribution kit is the viavre-update command, which allows updating the databases for all installed antiviruses at once. LiveCD is released in two editions: full version with KDE (and minimum requirements  768 MB of RAM) and the light version with LXDE (delivered without the antivirus mcafee, avg, firefox, virtualbox and k3b; it can run on 256 MB of RAM).
  Conclusion

Unfortunately, far from all Linux antiviruses managed to be considered, but only the most famous ones. Left behind, for example, Panda DesktopSecure for Linux and antivirus from Avira. But I hope that among the presented options, if necessary, you can find yourself something to your liking.