can avast! run resident like windows version?

[martosurf]

New to Linux, very new to avast! for Linux

For what I saw avast! for Linux runs only in on-demand basis. It's not I wish to run it in background all the time like in Window$, but I'm curious about avast! can run on a 'resident' mode.

By the way, everybody knows what kind of malware can attack a Window$ system (in fact everything, lol ) but what kind of malware can attack a Linux system?
I mean Linux is way more secure and you need to give explicit consent to allow risky actions, like enter your password or SUDO some commands.
Again, what type of malware can breach the natural security of Linux?

best!!

[FreewheelinFrank]

avast! in Linux is on-demand only.

what kind of malware can attack a Linux system?

Linux malware. 

Again, what type of malware can breach the natural security of Linux?

Linux systems can be hacked and rootkitted, but the primary defence here is a strong password and keeping the system up to date.

I'll let you know when I actually come across a Linux virus for the first time.

http://www.linuxquestions.org/linux/answers/Security/Antivirus_Desktop_protection_for_Linux

[martosurf]

hi Frank

These statements (copy & pasted from both news articles) are self explanatory: "Since Linux malware is pretty unusual[...]" (from SophosLabs, UK) and "Antivirus: Desktop protection for Linux. This is one of the most important guides on LinuxQuestions.org, but also one of the most useless. It describes how to install comprehensive virus scanning software for desktop Linux users. It's a useless guide because we all know that there are no Linux viruses "in the wild", which is to say, actively infecting computers" (this was writing at the middle of 2007).

I should add having all ports stealthed rather than just closed will help a lot to keep away not wanted visitors. Because I'm still learning and don't want to mess with iptables I use Firestarter firewall -a friendly GUI for iptables- to do accomplish total stealthness.

I beg you some patience but I'm really a beginner with Linux   

Actually my login credentials are a nickname and a very weak password consisting of only one character . I do this for practical purposes so I don't have to type all the password everytime I log on; I admit this bad habit comes from Window$ where you need to reboot all the time - in fact I'm logged in this session of Ubuntu 8.04 for several ours without a single incident nor a single boot    Thus may be I consider changing it to a better one on next days.

But what I would like to know is how this permissions and rights works, I mean, if a set a super ultra archi and cool nickname and password consisting of mixed numbers, letters and symbols but THEN I set Ubuntu to auto login at startup... isn't that creating a potentially security breach? Ok, I know what really matters are the credentials itself because if Mr. X wants to hack my PC and he can't exploit any glitch then Mr. X will need to guess my nick and my pass... but I'm not sure if this works this way 

Anyway, tnk for your time man! As allways these excellent forums rules!!!

Best!

[FreewheelinFrank]

Set yourself a secure password and type it in every time you log on. A small price to pay for security.

[pupusse]

....and don't hesitate to install avast for Linux to make a weekly on-demand scan...just in case....


Avast for Linux is free , efficient ( I should write : the BEST ) and very easy to use.


It's not worth paying for a resident AV under Linux ( I'm thinking about shit like SY.....TEC , MacA...., ....)

[martosurf]

lol
didn't knew Sym and McAf had Linux versions of their ASTOUNDING GOOD products hahahaha

i remember when back in time i read an article citing words of Peter Norton itself: "the computer viruses are real like the crocodiles of NY sewers" lol  so you are adviced, if you go down the drain please take care

also by that time what is now mcashit AV was a simple, on demand, one file packed, command line scanner by Network Associates...

and the so-named heuristics where introduced by FRISK's F-PROT...

and M$ started shipping a crippled version of Central Point Antivirus with it's DOS 6...

wow, what a times man, i'm getting older, lol  : PcTools r4.24, Central Point AV, Turbo AV, TurboDebugger from Borland, Jerusalem, Pong, Stoned, BannerMania, News, WordStar, DR-DOS, Michelangelo, Monkey Island, California Games  haha cooool 

[zilog]

New to Linux, very new to avast! for Linux

For what I saw avast! for Linux runs only in on-demand basis. It's not I wish to run it in background all the time like in Window$, but I'm curious about avast! can run on a 'resident' mode.

By the way, everybody knows what kind of malware can attack a Window$ system (in fact everything, lol ) but what kind of malware can attack a Linux system?
I mean Linux is way more secure and you need to give explicit consent to allow risky actions, like enter your password or SUDO some commands.
Again, what type of malware can breach the natural security of Linux?

best!!

Hallo,
depends on what do you call "resident". For example, avast4server daemon + avastguard do the same as residents - the daemon sits somewhere in background, kernel module (dazuko) intercepts file accesses, and avastguard does the scanning activity (= instructs the daemon to scan).

But, this is a "system global" thing, and avast4workstation was means as an per-user-solution (everyone can install it without having root privileges).

But still, it's possible to use the LD_LIBRARY_PRELOAD trick and intercept file accesses through modified libc functions (although some applications can easily bypass this king of intercepting - statically l;inked libc, direct int0x80/linux-gate.so accessing etc.)

regards,
pc

[martosurf]

too much technical for me     tnx anyway 

[romi66]

Hi,
I use AVAST many years under Windows, but last 9 years I use Linux too. AVAST under Linux (Linspire 6, and UBUNTU 9.0.4) I installed c.c.a 1 mounth ago. In past I don't use eny AV program under Linux, and I newer have had problem because of that.
Now I installed AVAST Home edition on my UBUNTU, but they don't work in Memory resident mode. Never mind! That isn't dager for us User of Linux.
But, because of our Friends (who use Windows) we must think about danger for them if we send them somewhat  we get on the internet with Forvard - maybe infected with some viruses, troyans, spain programs and so on.
I think, when we have AVAST memory resident program for free under Windows, there's no reson to don't have this program (Memory resident AVAST for free) for Linux!
Can tell me somebody, why is that so?
I ask here pro primo manager & marketing professionals for AVAST. (User like me can´t answer this question, of course.).

[zilog]

Hi,
I use AVAST many years under Windows, but last 9 years I use Linux too. AVAST under Linux (Linspire 6, and UBUNTU 9.0.4) I installed c.c.a 1 mounth ago. In past I don't use eny AV program under Linux, and I newer have had problem because of that.
Now I installed AVAST Home edition on my UBUNTU, but they don't work in Memory resident mode. Never mind! That isn't dager for us User of Linux.
But, because of our Friends (who use Windows) we must think about danger for them if we send them somewhat  we get on the internet with Forvard - maybe infected with some viruses, troyans, spain programs and so on.
I think, when we have AVAST memory resident program for free under Windows, there's no reson to don't have this program (Memory resident AVAST for free) for Linux!
Can tell me somebody, why is that so?
I ask here pro primo manager & marketing professionals for AVAST. (User like me can´t answer this question, of course.).

Hallo,
the answer is simple - Linux's architecture (monolithic kernel, well-separated users) doesn't need the "global memory resident protection" of the machine in the original sense. You can inspect physical memory (/dev/mem), virtual space of each process (proc/NNN/mem), but only with sufficient privileges. Without dedicated kernel hooks, comon user can't (without relying on some security hole mechanism:) control/inspect what other users do.

And, those hooks are a thin ice - and when someone really wants such functionality, usually well known self-compiled kernel module is used - in this case, Dazuko. Avast4 guard is the mediator, that obeys events from Dazuko, and scans via avastd.

Linux machines are usually compromised by external activity of a well-skilled attacker, not by the activity of the end user (like in the Windows-case).

regards,
pc