How install avg antivirus?

how I install avg antivirus in openSUSE 12.2
I need help from the start: -

On 08/05/2013 06:56 PM, premen wrote:
> I need help from the start

-=WELCOME=- new poster…seeing you just joined the forums today,
and since you asked how to install AV i assume you are also new to
Linux…correct?

so, anyway, using the assumption you are new i’ll tell you that i
have no AV installed and have never had any on my Linux…since '98
when i first started using it…

really…


dd
http://tinyurl.com/DD-Caveat
http://tinyurl.com/DD-Complaints

On 08/05/2013 12:50 PM, dd wrote:
> On 08/05/2013 06:56 PM, premen wrote:
>> I need help from the start
>
> -=WELCOME=- new poster…seeing you just joined the forums today, and since you
> asked how to install AV i assume you are also new to Linux…correct?
>
> so, anyway, using the assumption you are new i’ll tell you that i have no AV
> installed and have never had any on my Linux…since '98 when i first started
> using it…
>
> really…

To add to the above answer, you will find AV codes that run on Linux, but if you
investigate them, they are designed to scan for Windows viruses on machines used
as E-mail servers, or similar situations. Linux is designed for security and it
is much more difficult to execute malware on it than it is in Windows. If you
keep your Linux system updated, and you do not log in as root, it is unlikely
that you will ever see any malware on your Linux system. I have run Linux
exclusively for more than 5 years, and I have never installed any anti-virus
software, and I have had no problems.

On 2013-08-05, Larry Finger <Larry.Finger@lwfinger.net> wrote:
> To add to the above answer, you will find AV codes that run on Linux, but if you
> investigate them, they are designed to scan for Windows viruses on machines used
> as E-mail servers, or similar situations. Linux is designed for security and it
> is much more difficult to execute malware on it than it is in Windows. If you
> keep your Linux system updated, and you do not log in as root, it is unlikely
> that you will ever see any malware on your Linux system. I have run Linux
> exclusively for more than 5 years, and I have never installed any anti-virus
> software, and I have had no problems.

… to my knowledge the only real indication for installing AV software within Linux is if you’re running Windows inside
a virtual machine within Linux, because the virtual machine is susceptible to the same vulnerabilities as those of a
`real’ machine running Windows.

http://arstechnica.com/security/2013/08/hand-of-thief-banking-trojan-doesnt-
do-windows-but-it-does-linux/

What’s the use of an antivirus in Linux? :stuck_out_tongue:

On 2013-08-07 23:09, GofBorg wrote:

> http://arstechnica.com/security/2013/08/hand-of-thief-banking-trojan-doesnt-do-windows-but-it-does-linux/

Interesting.


Cheers / Saludos,

Carlos E. R.
(from 11.4, with Evergreen, x86_64 “Celadon” (Minas Tirith))

On 2013-08-05 18:56, premen wrote:
>
> how I install avg antivirus in openSUSE 12.2

Why?

My answer would depend on yours :slight_smile:

First check to see if YaST has it on its list.


Cheers / Saludos,

Carlos E. R.
(from 11.4, with Evergreen, x86_64 “Celadon” (Minas Tirith))

On Wed, 07 Aug 2013 21:46:01 +0000, PiElle wrote:

> What’s the use of an antivirus in Linux? :stuck_out_tongue:

Old question, the answer typically is “to protect Windows users who use
Linux servers as fileshares or mail servers”.

But there are some Linux-specific viruses, trojans, and plenty of
rootkits (see rkhunter as a tool to find rootkits). They’re not very
prolific, but they do exist.

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Welcome to openSUSE! I think Denverd has really hit the nail on the head with his response to your request. The antivirus apps available for Linux are really for guys running servers handling windows emails etc that serve these to windows pc’s. No windows virus can work within Linux so therefore you don’t need the antivirus app. :slight_smile:

On 2013-08-08 00:39, Jim Henderson wrote:
> But there are some Linux-specific viruses, trojans, and plenty of
> rootkits (see rkhunter as a tool to find rootkits). They’re not very
> prolific, but they do exist.

I know :-}

The question would be whether the available antivirus we have are good
detecting them - after the fact, they do not act on runtime as in Windows.


Cheers / Saludos,

Carlos E. R.
(from 11.4, with Evergreen, x86_64 “Celadon” (Minas Tirith))

how I install avg antivirus in openSUSE 12.2
I need help from the start: -

not much information there …

how about reading the install instructions !

Now it has been 3 days and the OP only has one post

i do not think this script will be back .

On Wed, 07 Aug 2013 23:14:10 +0000, Carlos E. R. wrote:

> On 2013-08-08 00:39, Jim Henderson wrote:
>> But there are some Linux-specific viruses, trojans, and plenty of
>> rootkits (see rkhunter as a tool to find rootkits). They’re not very
>> prolific, but they do exist.
>
> I know :-}
>
> The question would be whether the available antivirus we have are good
> detecting them - after the fact, they do not act on runtime as in
> Windows.

I know you know that, Carlos - which is why my reply was directed to
PiElle, who had asked why we should worry about viruses on Linux. :wink:

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

Good to know … :frowning:
Even if Linux it’s more secure than Windows, it’s better to be prudent …

On Thu, 08 Aug 2013 20:16:01 +0000, PiElle wrote:

> Good to know … :frowning:
> Even if Linux it’s more secure than Windows, it’s better to be prudent
> …

Indeed.

Another reason to have it (I ran into this today) is when someone sends
you files and something seems wrong. In my case, I received a ZIP file
that was about 5 MB smaller than expected, and when my gmail account
tried to pick it up from the pop3 server (secondary e-mail account) it
was stored on, it refused because the file was “suspicious”.

Pulled it down with Thunderbird and scanned it - no virus, just a corrupt/
truncated file, but if it had been infected, I’d have wanted to let the
person who sent it to me know. :slight_smile:

Jim


Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

On 2013-08-08 22:37, Jim Henderson wrote:
> Pulled it down with Thunderbird and scanned it - no virus, just a corrupt/
> truncated file, but if it had been infected, I’d have wanted to let the
> person who sent it to me know. :slight_smile:

Yes, that’s the reason I have an antivirus installed here.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

On 2013-08-09 14:53, Carlos E. R. wrote:
> On 2013-08-08 22:37, Jim Henderson wrote:
>> Pulled it down with Thunderbird and scanned it - no virus, just a corrupt/
>> truncated file, but if it had been infected, I’d have wanted to let the
>> person who sent it to me know. :slight_smile:
>
> Yes, that’s the reason I have an antivirus installed here.

Just now it catched one.

It is a “social engineering” mass attempt: “For the latest information
on your VAT Return please open attached report.”, and it includes a
“VAT_8338912.zip” archive, which has been stopped by amavis, without
doing an antivir check.


cer@Telcontar:~/tmp/banned> file VAT_8338912.zip
VAT_8338912.zip: Zip archive data, at least v2.0 to extract Zip archive
data, at least v2.0 to extract
cer@Telcontar:~/tmp/banned> unzip VAT_8338912.zip
Archive:  VAT_8338912.zip
inflating: VAT_09082013.exe
cer@Telcontar:~/tmp/banned>

however, clamav does not detect a virus:


cer@Telcontar:~/tmp/banned> l
total 220
drwxr-xr-x  2 cer users     51 Aug  9 15:13 ./
drwxr-xr-x 59 cer users   4096 Aug  9 15:12 ../
-rw-r--r--  1 cer users 118272 Aug  9 04:29 VAT_09082013.exe
-rw-r--r--  1 cer users 100524 Aug  9 15:12 VAT_8338912.zip
cer@Telcontar:~/tmp/banned> clamscan VAT_09082013.exe
VAT_09082013.exe: OK

----------- SCAN SUMMARY -----------
Known viruses: 2556074
Engine version: 0.97.8
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 0.11 MB
Data read: 0.11 MB (ratio 1.00:1)
Time: 4.423 sec (0 m 4 s)
cer@Telcontar:~/tmp/banned>

But antivir does:


cer@Telcontar:~/tmp/banned> antivir VAT_09082013.exe
AntiVir / Linux Version 2.1.12-473
Copyright (c) 2008 by Avira GmbH.
All rights reserved.

VDF version: 7.11.96.10 created 09 Aug 2013

For private, non-commercial use only.
AntiVir license: 149996 for Avira AntiVir Personal - Free Antivirus

auto excluding /sys/ from scans (is a special fs)
auto excluding /proc from scans (is a special fs)
auto excluding /var/lib/ntp/proc from scans (is a special fs)
VAT_09082013.exe
Date: 09.08.2013  Time: 04:29:54  Size: 118272
ALERT: [TR/Fakealert.dhf.41] VAT_09082013.exe <<< Is the Trojan horse
TR/Fakealert.dhf.41

------ scan results ------
directories:        0
scanned files:        1
alerts:        1
suspicious:        0
repaired:        0
deleted:        0
renamed:        0
quarantined:        0
scan time: 00:00:01
--------------------------
Thank you for using AntiVir.
cer@Telcontar:~/tmp/banned>


But that was after I updated AVG, before it did not detect it. Notice
that Amavis does not bother to run the antivirus on stuff: if it is an
executable, it is banned, whatever it is.

X-Quarantine-ID: <pOMELP-ltHlE>
X-Amavis-Modified: Mail body modified (defanged) - Telcontar.valinor
X-Virus-Scanned: amavisd-new at valinor
X-Amavis-Alert: BANNED, message contains .exe,.exe-ms,VAT_09082013.exe

I have to investigate that Quarantine-ID, I didn’t know it was working.


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

On 2013-08-09 15:28, Carlos E. R. wrote:
> Just now it catched one.
>
> It is a “social engineering” mass attempt: “For the latest information
> on your VAT Return please open attached report.”, and it includes a
> “VAT_8338912.zip” archive, which has been stopped by amavis, without
> doing an antivir check.

Interestingly, the address field says that it was sent to 8 opensuse.org
addresses, one of them a mail list - which means that the “social
engineering” part was very badly directed :wink:


Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)