XP/openSUSE dual-boot -- antivirus called for?

Hello,

I’m relatively new to Linux – I’ve used it a little before, but haven’t had to manage an installation fully, until now.

I’ve just added openSUSE on my old XP laptop, because I need something internet-safe while my current machine goes to the shop. I intend to use it later for development, but my immediate need is for barebones internet access.

I am aware Linux is relatively safe from viruses, for itself. I am unclear under which conditions Windows might be exposed to virus infection, through Linux… File-sharing, yes ok, but what about simple visibility?

Basic machine characteristics:

— Acer laptop
— single physical drive, dual boot:
-------WinXP
-------openSUSE 13.1

Immediate concern:

SUSE can mount the XP volume, but only appears to do so on request? Does that sound right?

(Dolphin shows the volume: I click on it, prompt for root password… if I provide, it lists files, otherwise not.)

If I never, ever mount that volume:
— It is safe from virus attack, correct? No need for antivirus then?

If I *mount but only read, *never write the volume:
— Is the dormant system then vulnerable to attack?
— (Should I run an antivirus in the background, to protect it?)

NON-Immediate concerns:

I’ll need to “feed” data files to Windows that were written by Linux and eventually share with frequent r/w from both sides. Shared files may be on XP volume as well as other external media (hard drive, flash drives). Just to confirm…

— I probably need to manual-scan any such files Linux-side, before “exposing” Windows to them, right?
— Advisable to run in background, in this case, or still best to manual scan?

When I (eventually) network Linux with my other Win machine… then I really need the AV, right? Or no, since Win runs it?
Thanks so much for any advice. I will gladly provide more specific details if needed.

cat

In a nutshell and applies to all scenarios…

Any volume you can write to, you could potentially write malware that targets anything… an OS, an application, anything.

Any volume you can read, if it contains malware could potentially infect your OS, app, whatever if it is targeted. Depending on what the malware does, it may require execute permissions, but many malware use a bit of social engineering to convince a User to transfer a copy of the malware to a location where it can be executed or tricks the User into granting User permission to execute (which sometimes can over-ride all other protections).

Note, “potentially” only means a latent possibility. The right circumstances may still be required for the malware to activate.

If you’re running XP, it’s subject to infection <without notification> (that’s the big difference between it and other OS). But, for now you can get some protection by running one of the two following AV according to a major publication that did a recent test, Avast! or MalwareBytes. All other AV did a poorer job catching XP-specific malware.

HTH,
TSU

Yes, that is right. It is the default (and usually the preferred) behaviour. That is the way I run it to share data with MS operating systems.

If I never, ever mount that volume:
— It is safe from virus attack, correct? No need for antivirus then?

If it is not mounted, it is safe from attack.

If I *mount but only read, *never write the volume:
— Is the dormant system then vulnerable to attack?

Yes.

Although, it is very unlikely.

— (Should I run an antivirus in the background, to protect it?)

That is a personal choice. You can run the clamav antivirus, which is popular in the Linux world. It can be installed from the openSUSE repositories using Yast’s Software Management module.

Here is a description:

|[INDENT=2]clamav - Antivirus Toolkit[/INDENT]
|
|

[INDENT=2]ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats.
[/INDENT]

NON-Immediate concerns:

I’ll need to “feed” data files to Windows that were written by Linux and eventually share with frequent r/w from both sides. Shared files may be on XP volume as well as other external media (hard drive, flash drives). Just to confirm…

— I probably need to manual-scan any such files Linux-side, before “exposing” Windows to them, right?
— Advisable to run in background, in this case, or still best to manual scan?

Your Windows-based virus scanner should detect threats when you access the data while running Windows, if it is any good.

You can always run a a manual scan in Windows before accessing any of the data, also, if you wish.

I dont think anyone asked this so I will, why XP? Its 2014 … you should really look to update that (and if it cant handle newer versions of windows then wipe the whole drive and put opensuse on it :)).

I just want XP to go away once and for all.

Thank you all very much for taking the time to reply!

TSU,

I very much appreciate the recommendation on AV’s that are XP-specific, as most relevant to this situation. I’ll definitely bear that in mind, down the line. The XP is most vulnerable, if exposed, because it’s past end-of-life.

Gerry,

That was incredibly helpful! Thank you!

I am a bit pressed to get my current machine in for repair, so I was hoping to get the Linux machine up fast. The less I have to fiddle with, the better – I was in fact hoping to avoid fussing with an AV at the moment… already have hands full trying to see the internet! (It almost worked, and then I really broke it, bad!:o)

I will just keep the XP volume down in Linux… that works.

I’m actually thinking it might really be safest and quite doable never, ever to access that XP volume from Linux… I can use external storage. If a system file got compromised with the system down it would be a mess… I might not be able to recover the system but it’s handy for some legacy (erhhm, Win95) software. Anyway, it shouldn’t need to access to files from Linux and Win7 can do its own scanning, as you say.

Alan,

As per original post, the XP system is on my old laptop. My current laptop (it being 2014 and all) is going to the shop. (It has a hardware problem.)

cat.

Yes, although I personally would not worry about it.

If a system file got compromised with the system down it would be a mess… I might not be able to recover the system but it’s handy for some legacy (erhhm, Win95) software.

I seriously doubt that would happen. In order to do that, the Windows System partition would have to be mounted, and the offending malware would need to be able to operate in Linux environment and know how to locate and navigate to the Windows System files. I have never heard of anything that can do that. If it could infect/operate Linux, it would not even be targeting Windows.

But, for your own comfort and reassurance, you could do exactly as you suggest.

Anyway, it shouldn’t need to access to files from Linux and Win7 can do its own scanning, as you say.

Correct.

Yes, I see what you’re saying… that is a lot of ands. Besides, someone would have to go to considerable effort to write something that specific, just to target a tiny minority of situations.

But, for your own comfort and reassurance, you could do exactly as you suggest.
Lol… I am a little paranoid, yes. Hehe. I won’t likely need to share files between Linux and XP much, if at all. With Win7 yes, but it is on a different laptop, so sharing data via the “XP volume” (system and sole Windows-visible partition) would be less convenient than via external media or network. All the same, I guess I won’t worry too much if I do run into the need to do use that partition from Linux.

Thanks again for your very kind replies. Off I go now to try to get internet to work.

cat.