clamav

English Hardware
1

I am somewhat of a new user. Been a long time ago. I am trying to make clamav and klamav to work. They are installed but I cannot tell if they are working. I cannot find a GUI for klamav

2

On 02/16/2013 07:46 PM, mike7757 wrote:
> I am trying to make
> clamav and klamav to work.

-=WELCOME=- new poster, but why do you want them to work? that is,
are you running a mail server to feed Windows machines or in some
other way want to protect your’s or other Windows machines?

well, let me say it this way: there are no Linux viruses so there are
no AV programs available to protect you from nothing…

both klam and clam are used to clean mail on its way to Windows
folks, nothing else…

and, i don’t think either one of them needs a gui to either setup or
run with a mail server.


dd
openSUSE®, the “German Engineered Automobile” of operating systems!
http://tinyurl.com/DD-Caveat

3

Welcome here.

Not very many people here will use any anti-virus pogram… Thus one might ask you: why do you want to do so?
The only valid reason IMHO is when you want to check files that go through your system to MS Windows systems (e.g. when you run a mail server) and when you want to deliver to those systems a service (which, again IMO, they should do themselves ;)).

The fact that few people here use clamav might rsult in the fact that you have to wait a bit longer for an answer because people have no experience enough to answer you.

And be prepared for the fact, that when you run such programs on your system ( and do not restrict it to those datafiles you want to send to Windows systems) you will get a lot of false alerts! Because those AV programs know next to nothing about Unix/Linux and thus accuse normal Linux files from being “the enemy”. >:)

4

I will wait for as long as it takes

5

On 2013-02-16 19:46, mike7757 wrote:
>
> I am somewhat of a new user. Been a long time ago. I am trying to make
> clamav and klamav to work. They are installed but I cannot tell if they
> are working. I cannot find a GUI for klamav

A GUI? What for?

Clamav is a command line utility, that’s all. There is a kde3 frontend,
though, if it still works.

Clamav and other antivirus in Linux are used to protect Windows users
through services provided to them, like scanning email. This is done by
daemons and services, thus there are not GUIs, that is not how things
are done.


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

6

Are you looking for this ?

clamtk - GUI for the ClamAV Antivirus

7

On 2013-02-17 02:36, vazhavandan wrote:
> Are you looking for this ?
>> > clamtk - GUI for the ClamAV Antivirus

Oh, Then such a thing exists… :open_mouth:


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

8

I did a search with yast for clamtk and found nothing. The klamav seems to be the frontend for clamav. I have heard all the debates about antivirus programs and Linux. I prefer to have a antivirus program on my machine. Im not going to give up on having an antivirus program. There is also an avast or fprot for linux. one of these will be on my pc. Thankyou

9

you probably don’t have this repo in YaST
Index of /repositories/security
Use the “correct” one-click from this page software.opensuse.org:
correct = depends based on your openSUSE version
note on avast:- After avast installation and you begin launching avast it will works,but definition update will break. i saw some workaround in avast forums

10

On 2013-02-17 03:46, mike7757 wrote:
>
> vazhavandan;2527874 Wrote:
>> Are you looking for this ?
> I did a search with yast for clamtk and found nothing.

I found it in seconds. Where did you look for it?

> The klamav seems
> to be the frontend for clamav. I have heard all the debates about
> antivirus programs and Linux. I prefer to have a antivirus program on my
> machine. Im not going to give up on having an antivirus program.

Your time is yours to waste :-p


Cheers / Saludos,

Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)

11

Thankyou for fast responce

12

On 02/17/2013 03:46 AM, mike7757 wrote:
> one of these will be on my pc.

do as you wish, but i’ve not had any AV on any linux machine since i
first ran linux in '98, its just not needed for linux–as said if you
want to protect your windows users that is ok, but there are no
linux viruses to find…that is there are NO linux virus signatures
which Clam can look for, so . . .

and, if ever one is constructed it will not be known until it is
seen–so even then Clam/etc can’t protect you from what has not yet
been seen until it is ‘too late’…

running Clam/etc on a linux machine for purposes other than
protecting other windows users is just a waste of time and
electricity/battery

your time is better spent learning about root kits and how to keep
them out of you system, and how to discover them if already there…


dd
openSUSE®, the “German Engineered Automobile” of operating systems!

13

On 02/17/2013 01:49 AM, dd wrote:
> your time is better spent learning about root kits and how to keep them out of
> you system, and how to discover them if already there…

Interesting comment. In fact, what better way to introduce a root kit into a
noobs machine than in the form of a virus checker for Linux. It would not get
any of the experienced users who know that there are currently no viruses for
Linux, but anyone fresh from Window$ would get nailed!!

14

On 02/17/2013 06:27 PM, Larry Finger wrote:
> anyone fresh from Window$ would get nailed!!

funny! and, while they would deserve getting ‘nailed’ (for not
listening to experience/wisdom) it would be a kinda rude introduction
to Linux security…

so, should we collaborate to produce Linux AV Pro Ultimate 2014
Supreme Unlimited ZOOM!!..

we could sell it for $49.99 and let the unlock key ‘accidentally’ get
posted to some torrent site and we would have millions of root kits
in our botnet pretty darn quickly!!


dd

15

Guess I missed something and rootkits now are an actual threat to linux machines, appearing and becoming active out in the wild? Nah …

On a linux machine the best thing to do is to keep your system up to date. That will pull in patches and fixes that keep your system safe.

16

Once bitten,twice shy. It just denotes how much a user has suffered on the other OS that they want the new system to be secure :slight_smile:

17

On 02/17/2013 09:36 PM, Knurpht wrote:
> Guess I missed something and rootkits now are an actual threat to linux
> machines, appearing and becoming active out in the wild? Nah

yes, you must have missed something!

of course there is the threat of a rootkit being installed…

and, it is NOT a new “actual threat”…it has been around for decades…
even before Linus wrote the first line of Linux code…
even before Bill Gates graduated from high school…

yes, by definition rootkit installation requires the attacker to gain
root access…and, there are several ways that can occur (NONE of
which is, as far as i know, via a Window’s virus or “appearing” out
of thin air and “becoming active”…nope, it requires an attacker
“rooting the system”…

just ignoring the rootkit threat with a “Nah” is not wise as it is
the basis, the reason, for such normal security procedures such as:

  • don’t browse as root

  • don’t do things as root that don’t require root privileges

  • keep the system updated to minimize the known attack vectors (to
    disallow the opportunity for an attacker to install a rootkit
    serendipitously)

  • use only strong passwords

  • don’t run/install untrusted code as root

and many many more…


dd

18

I know linux systems are not invulnerable. The things you mention are basic linux principles that users should stick too. If I decide I can go out on the highway with all car doors wide open …

19

On 02/18/2013 10:56 AM, Knurpht wrote:
> I know linux systems are not invulnerable.

then why, with rootkits a known security threat, leave the exact
impression that the system is invulnerable to them by writing (in a
condescending way):

“Guess I missed something and rootkits now are an actual threat to
linux machines, appearing and becoming active out in the wild? Nah …”

yes, they are an actual threat for 20+ years now…nothing new there.


dd

20

This is what I wrote first: “I know linux systems are not invulnerable”. That’s why I don’t login as root ever, never run programs as root unless required, have the firewall running even though I’m behind a second one 99.9% of the time and so on, basic linux security practice.

I do read/follow tech info on root kits. They become an actual danger as soon as you break the linux basic security principles. If there’s something out there to be afraid of, IMHO it’s security holes in browsers, CMS’s etc. Just take some time reading on rootkits, you’ll find the debate a lot like the one on virusses for linux. So far, I haven’t been able to find massive use / infections with root kits on linux machines.
Question: has any of you ever felt that a rootkit might be on their system(s)?

To expand: if a windu machine starts behaving weird, I suspect a virus, malware, rootkit. On a linux machine starting to behave different than it should, my thoughts go “updates? last config changes? hardware died?”. Should I put “rootkit suspected” somewhere in that list?

Mind, I’d be the first one to change my way of thinking, as soon as a good reason would be provided, the data on my systems are too precious for nonchalance. But “don’t bother about virusses, worry about rootkits” ? Another thing I’d like to emphasize, is the enormous speed the open source world replies to threats with…