TOOLS |

Ubuntu and AntiVirus

Does Ubuntu need anti-virus? This is a question posed by many new users who try out Ubuntu Linux everyday. Everyone who has installed a Windows based operating system knows the first step after the first boot is to install AV.

Now for a quick background check; Ubuntu is stable, easy to use and a rock solid desktop. I have been using it since the Warty Warthog (Ubuntu 4.10 ~ 2004), it runs on all my systems: home server, virtual servers and laptops.

Back to the question:

An Ubuntu Virus?

The short answer is no, there is no significant threat to an Ubuntu system from a virus. There are cases where you may want to run it on a desktop or server but for the majority of users, you do not need antivirus on Ubuntu.

Keep in mind that while you don't need anti-virus does not mean you don't need to be security aware.

Members of the Ubuntu community have put together an excellent introduction to Security on Ubuntu Linux. There are also free firewall test and other scanning tools available to ensure your network is correctly configured.

Once you have familiarized yourself with the concepts and information in the guide; if you are really keen (or paranoid) I would suggest a security addition to your systems, it is known as Host Based Intrusion Detection system. My HIDS agent of choice is OSSEC, it will not detect a virus as such but it does alert you to anomalous behaviour on the system by examining system logs and watching the file system. If you chose to run OSSEC you probably do not need to run rkhunter and chkrootkit that are mentioned on the Basic Security Wiki page.

Read install guide for OSSEC on Ubuntu for the basic steps in getting it up and running.

Finally if you have a need for running anti-virus on Ubuntu, there is a new tutorial on running ClamAV on Linux with background and information on the popular and open source clamAV.