Author Topic: Real Time Scanning  (Read 7186 times)

0 Members and 1 Guest are viewing this topic.

Oops its me again

  • Guest
Real Time Scanning
« on: November 07, 2013, 02:12:21 AM »
RE:  Avast Linux Home Edition v1.3.0
     Linux Mint 15 32bit Cinnamon

I see that this "AV" is an "on demand" application.  Will Avast be developing a "real time" AV and include email scanning?

I use Avast AV Free on my Windows XP Home and am reasonably satisfied with Avast thus far.

While Linux, unlike other OSs, does not get hammered by infections and such, I really want the peace of mind that my computer, regardless
of the operating system, is being covered by some sort of AV.  And, I really want to have "real time" rather than on demand scanning.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Real Time Scanning
« Reply #1 on: November 07, 2013, 01:05:39 PM »
I don't believe there are any plans for a real time scanner.

There is a possibility of social engineering, spear phising attacks against Linux, but any notion that an AV is going to protect you is a false sense of security.

Do not run or install attachments from the internet, even if they appear to come from someone you know. (If they appear to be from somebody you know, and there is a reason for that person to be sending you an executable file, confirm with that person before installing.)

Similar advice applies to running macro's in Open Office/Libre Office documents.

Quote
Whenever OpenOffice detects macros in a document being opened, by default it displays a warning and will only run the macro if the you specifically agree.

The safest rule is you should never open any OpenOffice file unless you are sure where it has come from and trust the sender. Note that it is very easy to falsify an email address - if you have any doubt, do not open the document until you have proved its identity. If you need to exchange documents regularly, we recommend the use of digital signatures to certify the origin of the document.

http://www.openoffice.org/security/faq.html#macros
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

MAG

  • Guest
Re: Real Time Scanning
« Reply #2 on: November 07, 2013, 04:47:54 PM »
Comodo provide a real-time AV for Linux - but they only claim that it is looking for windows platform malware. I guess it would pick up some cross-platform malware as well. I've given it a try (on Ubuntu 12.04), and it seems to run OK but it's not installed any more.

I now tend to the same view as FreewheelinFrank (and may well have learned it from him amongst others).

I don't install from outside the repositories, and have a separate account for sensitive web transactions - and use it only for that. The browser in that account only visits a few trusted websites and is free of all add-ons but Noscript. I also run Apparmor profiles in enforce mode on all outward facing Apps.

I've not had a malware problem. Then again, I never did with Windows!
« Last Edit: November 07, 2013, 04:49:54 PM by mag »

Oops its me again

  • Guest
Re: Real Time Scanning
« Reply #3 on: November 08, 2013, 01:26:34 AM »
I do know that any operating system can be hacked/infected.  Linux is not as susceptible to such things as is WIndows, Mac, etc.  I feel a bit more easy if I had some form of "real time" scanning as opposed to nothing at all.

I too had Comodo AV for Linux but had install problems initially, did not scan incoming or outgoing emails as it is proprietary to specific email clients, and overall, just wasn't pleased with it.

I will let this thread run for a while longer.

Thanks.
« Last Edit: November 08, 2013, 01:31:17 AM by Oops its me again »

Oops its me again

  • Guest
Re: Real Time Scanning
« Reply #4 on: November 08, 2013, 02:06:20 AM »
Here is an article that you may be interested in reading about operating systems getting viruses/malware.

Link:   http://www.howtogeek.com/175083/htg-explains-do-non-windows-platforms-like-mac-android-ios-and-linux-get-viruses/


Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Real Time Scanning
« Reply #5 on: November 08, 2013, 07:30:38 AM »
Here is an article that you may be interested in reading about operating systems getting viruses/malware.

Link:   http://www.howtogeek.com/175083/htg-explains-do-non-windows-platforms-like-mac-android-ios-and-linux-get-viruses/

Believe it or not, we keep an eye on these things already.  ;)

http://dontsurfinthenude.blogspot.co.uk/search/label/anti-virus
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: Real Time Scanning
« Reply #6 on: November 08, 2013, 07:47:08 AM »
I do know that any operating system can be hacked/infected.  Linux is not as susceptible to such things as is WIndows, Mac, etc.  I feel a bit more easy if I had some form of "real time" scanning as opposed to nothing at all.

I too had Comodo AV for Linux but had install problems initially, did not scan incoming or outgoing emails as it is proprietary to specific email clients, and overall, just wasn't pleased with it.

I will let this thread run for a while longer.

Thanks.

Linux is not susceptible to email viruses at all, because you have to download the attachment, and give it permission to run. (The same is probably true of Windows now.)

If you do that with an AV, you are playing Russian Roulette because there is no guarantee that any AV will detect the malware- more likely a Trojan than a virus.

Email attacks against Linux users are likely to be spear phishing attacks trying to get hold of banking passwords, in which case the attackers are likely to use a limited number of carefully crafted Trojan files that are not detected by AV programs.

To protect yourself against that scenario, you need to understand how social engineering is used in malware attacks and follow the rules I gave above.

An AV can give you a false sense of security.

There’s no reason you can't scan suspicious email attachments with avast! (or send them to VirusTotal be be checked by a range of AV scanners).

I have been using email on Linux for five years without encountering a virus. I believe real time scanning is unnecessary, and a waste of computer resources, but if you still feel it's necessary, there are AVs that provide it- for a price.
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline Abraxas

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 730
  • Perseverance Furthers...
    • PCLinuxOS-Forums
Re: Real Time Scanning
« Reply #7 on: November 12, 2013, 05:31:06 PM »
Quote
I have been using email on Linux for five years without encountering a virus.
Spam, of course, but I put them on a Blacklist to be deleted so no problem. Not that Spam in Linux is a problem except as 'FWF' says in the sense of Social Engineering. Important obviously to realise the executable file in Windows is the weak point that Malware exploits.
Quote
I believe real time scanning is unnecessary, and a waste of computer resources, but if you still feel it's necessary, there are AVs that provide it- for a price.
I agree. I'd rather the Processing power be used on my programmes, not an AV.
I feel the greatest threat is to a User account, not the OS.
Someone knowledgeable can hack into your user account if you use root privilidges online, that's as far as a threat we encounter at this time I believe.
However as Linux gains popularity (as a Desktop System) which may take years, decades, the market orientated coders of Malware will start taking further interest in cracking open the chinks in it's Armour.  ;)