You are not logged in.
Pages: 1
Having recently arrived from the "dark side", I decided to go over to the Comodo website to see if they offered an antivirus application for Linux. Good news because there it was and even better, I was greeted with the following message"Your download link will be automatically generated after choosing your distribution and CPU type". I selected Debian and 32 bit and downloaded the Debian Package and placed it into a sub-folder in my home directory where it sits waiting patiently for me to work out what to do with it!
I understood that all I had to do was click on the package and that it would self-extract and install itself like Dai's Updater (what a great little app for those of you who have not given it a go) but sadly this was not the case.
With this in mind, I shall be grateful if a more experienced Q4OS user could review the system requirements set out below to confirm that Comodo antivirus will run because I note, in particular, that Debian 6.0 is a requirement.
System Requirements:
CPU: 2 GHz / RAM: 2 GB / Disk: 40 GB
Supported Operating Systems (32 bit and 64 bit)
Ubuntu 12.04 / Red Hat Enterprise
Linux Server 5.9, 6.3 / Fedora 17 / SUSE Linux Enterprise Server 11 / OpenSUSE Linux 12.1 / Debian 6.0 / CentOS 5.9, 6.2 / Mint 13 / CentOS 5.8, 6.2
Supported Mail systems
Sendmail 8.14.4 / qmail 1.06 / Postfix 2.5.x or higher / Exim 4.x / Amavis 2.6.4
Finally, and assuming that it will run, I shall be grateful if somebody could either set out or point me in the direction of where I can find the next steps to make it happen!
Last edited by system5 (2017-05-24 22:53)
Offline
I'm not too sure that is going to work based on it's dependencies, you could try DrWebs antivirus which is available in the Q4OS experimental installers page. It will likely be more up to date and has been tested to work with Q4OS.
Offline
Dont use Comodo as Ive had reports of issues with recent distros and many report that they cant get updates.
You could look at ClamAV which is about as much virus protection as any Linux user needs and its available thru Synaptic.
Q4OS Aquarius 5.x KDE Dell Inspiron 3670 i5 8600, GTX 1660 Super, 32gb, 2tb NVME SSD
Offline
In fairness I think the first question is to ascertain what it is you are expecting from AV on linux?
The majority of AV systems for Linux are designed to ensure that windows based viruses are caught when being distributed via email. Hence the mail servers support for Commodo - which is effectively a 2012 application and as Dai says the dependencies would cause trouble - it is too old.
ClamAV is widely used but again it's really for email or manual file scans.
If you're exchanging loads of files with windows users by email it could be handy.
However, if you look at the world of nasties you'll see that the old style email attached virus is really not the problem. The vast majority of infections seem to come from drive by and phishing as well as unpatched windows boxes. Yes there have been some problems such as Heartbleed but no AV would have helped with that.
There ARE linux 'viruses' out there but you have got to work really hard to actually get infected. To me the sheer variety of linux distros and package handling systems is one of the main reasons that linux systems are not being targeted more than they are. That and properly managed software repos. As Debian does not allow PPAs that reduces the chances of rogue code getting in to your machine.
A clean install followed by chrootkit and rkhunter will help you ensure your system is kept clean.
Do not install software from unknown sources - especially downloaded debian binaries such as browser and email apps. For example Palemoon/Fossamail can be run from your home folder. This exposes your data as opposed to your system. Not saying they are bad, but a classic example of a possible vector as you simply untar and run - could be anything if it comes from a fake source.
Don't use the 'Save Password' facility in your browser - there are simple extensions which can mine this information.
Use an ad-blocker such as u-Block Origin
Consider switching off javascript or using various script blocking extensions.
If you must have flash then use Chromium Browser plus PepperFlash which is at least up to date via Google.
Hover your mouse over any link in any email - look at the link it reveals and ask yourself if it sounds real.
Make sure your router admin password has been changed and that its firmware is up to date.
https://www.grc.com/x/ne.dll?bh0bkyd2 The GRC Shields Up web site not only will do a full port scan and analysis of your system as seen from the outside world but it also has an amazing password generator/checker. There's loads of good security advice there as well.
That lot should keep you pretty safe.
Offline
Some excellent advice there, and I will just add that I only ever use clamav for scanning other peoples infected systems from a live-cd environment, and do not feel that I currently have a need for an av solution on Linux (any distro I use), I use what I consider to be the best form of antivirus, regular backups. I can wipe my system completely and have it restored from scratch within an hour! With the exception of my Windows 10, that might take longer but I rarely use it and if I'm totally honest I wouldn't miss it if it was not there anyway.
Offline
I do the same thing Dai and havent had any issues.
Q4OS Aquarius 5.x KDE Dell Inspiron 3670 i5 8600, GTX 1660 Super, 32gb, 2tb NVME SSD
Offline
Thank you to all who responded and, after taking on board the points made, I have installed ClamTk through Synaptic, which I understand gives me ClamAV with a graphical front-end.
On the broader point, I get the impression that for somebody who is more used to Windows and just wants a system that works, it is easier and safer to simply stick with applications that are either sourced from the Q4OS Software Centre or are available through Synaptic. In this way, one can be sure that the applications are both compliant and free from viruses.
Offline
On the broader point, I get the impression that for somebody who is more used to Windows and just wants a system that works, it is easier and safer to simply stick with applications that are either sourced from the Q4OS Software Centre or are available through Synaptic. In this way, one can be sure that the applications are both compliant and free from viruses.
Yes this would be recommended to maintain a clean and working system, the main problem to Linux (Debian) security is when users start installing packages from unknown (and maybe untrustworthy) sources.
Offline
Many of the issues we have seen here onsite are due to users using packages from unknown or non-compatible sources or using packages not appropriate to Q4OS.
Q4OS Aquarius 5.x KDE Dell Inspiron 3670 i5 8600, GTX 1660 Super, 32gb, 2tb NVME SSD
Offline
What about if you're using Wine to run windows applications on Linux? should you install a windows AV?
Offline
I'm certainly not an expert on wine (or even knowledgable) but my understanding is that wine applications are sandboxed, that is they do not have acces to the full system (by default) so a wine Windows Av product would have the same restrictions, therefore rendering it quite useless, having said that there have been a few posts over at the debian forum where users are using them in wine.
My main thought would be what is the wine appplication doing? if it is a simple "program" that runs your favourite windows game that you simply couldn't live without then it is likely not to get a virus in the first place, if on the other hand you want to use internet explorer (don't know if this is possible but just as an example) then this would be a security issue and I would guess it is possible to become infected and hence a Av product of some kind might help.
Like I said it's just a bit of educational guesswork on my part as I do not use Wine (or should I say rarely), but there must be some situations where an Av product would help but I think the general concensus of opinion is that it would mainly be redundant.
Offline
WINE applications arent sandboxed as its actually a compatibility layer/API, you can read more here,
https://www.winehq.org/about
That said you would not need a Windows AV product in this environment.
WINE 2.9 has just released.
Last edited by crosscourt (2017-05-26 22:32)
Q4OS Aquarius 5.x KDE Dell Inspiron 3670 i5 8600, GTX 1660 Super, 32gb, 2tb NVME SSD
Offline
Many of the issues we have seen here onsite are due to users using packages from unknown or non-compatible sources or using packages not appropriate to Q4OS.
@crosscourt
I note your comment but how would one go about acertaining whether or not a particular Debian Package is compatible or appropriate for Q4OS?
For example, Dropbox is available in the Q4OS Software Centre but has reduced its free storage limit to 2Gb, whereas pCloud is meant to be a more secure alternative and offers 20Gb of free storage. It is a simple task to download the appropriate Debian Package from the pCloud website, but in the light of the advice offered by Dai and yourself, I am undecided about the best way to proceed.
I wonder if it is appropriate to submit a request through the "proper channel" for consideration to be given to making pCloud available in the Q4OS Software Centre but, then again, I could be the only one interested in pCloud and that would not be a good use of the developers' time.
Offline
I see no reason why this could not be made available through the Q4OS "experimental" repository, obviously it would depend on whether the developers think it is viable.
The decision on what to download and install on your machine is always your own and you are always free to do as you please, I would just say that you will have to place your trust in the developers of the software you install and base your decision on that. It's not that you will always break your system by installing software found on the web, it's just that usually there are "proper" packages in the repository that are similar to what you might want to install but have been more thoroughly tested to ensure (as best they can) they work smoothly.
As always there are newer packages out there that offer all sorts of benefits over similar older packages, but if you are looking for stability over cutting edge technology it is often best to stick to tried and tested until such time as the package you want becomes that. If on the other hand you want the cutting edge then a good place to start is usually the testing version of the OS (in Q4OS case Scorpion) which usually offer more up to date software but with the caveat that there might often be breakages which you would have to find/fix/file bug report/pull your hair out or some other course of action that cannot be predefined.
Having said that I have been using Scorpion for around a year now (full time) and have only had minor issues, very regular updates are usually the souce of many fixes before I can even notice the bug.
One thing to note though is at the moment we are very close to Scorpion becoming the new stable version, so in a month or so we will be talking about newer package versions anyway, so it might be worth sitting tight for a while and you never know the devs may introduce an installer for pcloud by that time.
A last word wrt pCloud, It does appear to be a reputable company and offering a good product/service so I imagine the deb file can be trusted, so if you wanted to install it I guess it would work ok, but like I said your decision. If you decide to try it and encounter any issues with installation please do post another topic in the help forum and we will do what we can to help.
Offline
No need for me to rehash as i agree with Dai's comments,suggestions and explanations in regard to the question above from system5.
Thats why this forum is so valuable so when things do crop up someone can help.
Q4OS Aquarius 5.x KDE Dell Inspiron 3670 i5 8600, GTX 1660 Super, 32gb, 2tb NVME SSD
Offline
It may be a silly question but as I am now using "Scorpion", should I select a Debian package based on Debian 7.0, 8.0 or 9.0?
Offline
Q4OS Scorpion is based on Debian 9 (Stretch) so that is the package base you would need.
Offline
Can I assume that Debian 9 and Debian Stretch are one and the same?
Offline
Yes Debian 9 is the same thing as Debian Stretch.
Q4OS Aquarius 5.x KDE Dell Inspiron 3670 i5 8600, GTX 1660 Super, 32gb, 2tb NVME SSD
Offline
Pages: 1