“UbuntuHelp:Antivirus”的版本间的差异
来自Ubuntu中文
小 |
小 |
||
| (未显示同一用户的4个中间版本) | |||
| 第2行: | 第2行: | ||
{{Languages|UbuntuHelp:Antivirus}} | {{Languages|UbuntuHelp:Antivirus}} | ||
{i} This article applies to all Ubuntu versions | {i} This article applies to all Ubuntu versions | ||
| − | + | == Why do I need anti-virus software? == | |
| − | For the most part, Linux is engineered in a fashion that makes it hard for viruses to run ([http://librenix.com/?inode=21 click here for more info]). | + | ==== Isn't Linux virus-free? ==== |
| + | For the most part, Linux is engineered in a fashion that makes it hard for viruses to run ([http://librenix.com/?inode=21 click here for more info]). However, there are many reasons you might want a virus scanner on your Linux PC: | ||
* to scan a Windows drive in your PC | * to scan a Windows drive in your PC | ||
| + | * to scan a Windows-based network attached server or hard drive | ||
* to scan Windows machines over a network | * to scan Windows machines over a network | ||
* to scan files you are going to send to other people | * to scan files you are going to send to other people | ||
| − | * to scan e-mail you are going to forward to other people | + | * to [[UbuntuHelp:ScanningEmail|| scan e-mail you are going to forward to other people]] |
* some Windows viruses can run with [[UbuntuHelp:Wine|Wine]]. | * some Windows viruses can run with [[UbuntuHelp:Wine|Wine]]. | ||
| − | + | * [[UbuntuHelp:Linuxvirus|| Linux virus]] infections are theoretically possible | |
| + | == Open Source Antivirus == | ||
* [[UbuntuHelp:ClamAV|ClamAV Antivirus]] | * [[UbuntuHelp:ClamAV|ClamAV Antivirus]] | ||
| − | + | For Ubuntu or Xubuntu install clamtk to get a nice gui front-end so that you don't have to run it from the command-line. The gui appears to be out-of-date but is still very usable. | |
| − | * [[ | + | == Free (gratis) version of proprietary Antivirus == |
| − | * [[UbuntuHelp:PandaAntivirus|Panda Antivirus]] | + | Most of these did not appear to have linux downloads accessible on their websites on 16th April 2010 |
| − | * [[UbuntuHelp:XFProt| | + | * [http://www.avast.com/linux-home-edition#tab4 Avast! Linux Home Edition]. More information about Avast! at [http://en.wikipedia.org/wiki/Avast! wikipedia] and an install guide at [http://www.ubuntugeek.com/avast-antivirus-for-ubuntu-desktop.html UbuntuGeek]. Avast's product key didn't work so we contacted the company & are awaiting their response. |
| − | * [[UbuntuHelp: | + | * [http://free.avg.com/us-en/download?prd=afl AVG Antivirus]. Function Limited. Virus detection only. |
| − | + | * [http://www.free-av.com/en/download/download_servers.php Avira Antivirus]. Requires Java to use the GUI. | |
| + | * [http://www.bitdefender.com/PRODUCT-80-en--BitDefender-Antivirus-Scanner-for-Unices.html BitDefender Antivirus]. Limited time trial version available apparently but only after filling in a form | ||
| + | * [[UbuntuHelp:PandaAntivirus|Panda Antivirus]]. I didn't check this one but it appears to be old and no longer maintained. It used to have some unique & awesome features | ||
| + | * [http://www.f-prot.com/products/home_use/linux/ F-PROT Antivirus for Workstations (home users)]. Free for personal use. GUI front-ends are available, but may require some manual work. e.g. [[UbuntuHelp:XFProt|XFProt]]. I have not tried the GUI front-ends. | ||
| + | * [http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications Wiki list] | ||
| + | == Possible reasons linux is less prone to malware == | ||
| + | * Programs are run as normal user, not Root User | ||
| + | * More eyeballs on the code, nowhere for malware to hide | ||
| + | * Vast diversity makes it difficult to reproduce flaws in a system | ||
| + | * All software and drivers are frequently updated by Package Managers | ||
| + | * Software is generally installed from vast Repositories not from unfamiliar websites | ||
| + | * Developers/programmers are recognised as Rock Gods rather than treated with contempt | ||
| + | * Elegant, secure code is admired & aspired to. Hasty kludges are an embarrassment | ||
| + | * Ownership of the means of production is in the hands of the workers | ||
| + | * No-one profits from supplying anti-virus or security products | ||
| + | "A computer virus, like a biological virus, must have a reproduction rate that exceeds its death (eradication) rate in order to spread. Each of the above obstacles significantly reduces the reproduction rate of the Linux virus. If the reproduction rate falls below the threshold necessary to replace the existing population, the virus is doomed from the beginning -- even before news reports start to raise the awareness level of potential victims." by [http://librenix.com/?find=Ray Ray] of http://librenix.com | ||
| + | === Root User vs normal usage === | ||
| + | "For a Linux binary virus to infect executables, those executables must be writeable by the user activating the virus. That is not likely to be the case. Chances are, the programs are owned by [[UbuntuHelp:[[UbuntuHelp:RootSudo|| root]] and the user is running from a non-privileged account. Further, the less experienced the user, the lower the likelihood that he actually owns any executable programs. Therefore, the users who are the least savvy about such hazards are also the ones with the least fertile home directories for viruses." by [http://librenix.com/?find=Ray Ray] of http://librenix.com | ||
| + | === Market Share Myth === | ||
| + | Some people say that linux suffers less from malware because it has less than 1% of the desktop market compared to Windows 90% & suggest that if linux ever increases in popularity then it will suffer just as badly. This argument is deeply flawed & not just by the spurious statistics. Linux dominates [http://www.top500.org/stats/list/34/osfam server markets]. Why struggle to write a virus that might knock out a few thousand desktops when knocking out a few thousand servers could knock out a continent? Yet it is the desktop machines that are commonly exploited. | ||
| + | === Package Managers === | ||
| + | With Windows when you want to try a new program you usually have to either pay a lot for it or else use a pirated version, a "cracked copy". With pirated programs you can never be sure of what extra stuff has been added and may often end up getting malware or viruses. Even if you do get a legit copy then you will be often be expected to search around the internet to download it from a site you have probably never seen before. It is quite common for malware agencies to imitate such sites to get malware onto wide-eyed-end-users machines. Users get the blame for going to the wrong sites but how are they supposed to know which are the legit sites without prior experience of that particular site? | ||
| + | With linux we use [[UbuntuHelp:InstallingSoftware|| package managers]] such as Synaptic or Software Centre that share the same lists of already installed programs and also share lists of approved sites (=repositories) to download programs/packages from. Programs generally have to go through some sort of approval process before being allowed to sit in the repositories (=repos) & generally go through alpha & beta testing before being approved. Theoretically complaints about a package could lead to it getting removed from the repos although generally they just get bug-fixed. | ||
| + | In Windows there is no built-in way of updating programs, drivers, codecs & other packages. Their update process is only about updates to the OS itself (and notice they are almost always called "security updates" although it is often about MS's security not the users or the machine's security). So, often when you open a program such as Adobe Reader a pop-up appears saying there is a new version or updates are available (again notice how often they are "security updates"). | ||
| + | In linux the package managers update all the programs, kernel modules (these contain the drivers amongst other things), shared libraries, codecs, add-ons and other packages. You can set how often & when (even down to the time-of-day) that this update process happens. Although it defaults to asking your permission to download & install updates you can make it just go-ahead automatically. No constant pop-ups demanding you update NOW. No demands to make the updates automatic. Most of the linux updates are about increasing functionality because writing packages with vulnerabilities is unacceptable and so packages would be held back rather than included in releases or added to the repos. Even with the timetabled 6 monthly release cycle of Ubuntu there are no major deadline requiring that badly written code gets rushed through. | ||
| + | So, once you update a linux system that means everything about the system is up-to-date. After a Windows update you are likely to still have programs and drivers that have known existing exploited vulnerabilities even tho "security patches" have been released. | ||
| + | == Other Links == | ||
| + | https://help.ubuntu.com/community/Linuxvirus | ||
| + | http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications | ||
| + | http://ubuntuforums.org/showthread.php?t=765421 | ||
| + | http://www.virusbtn.com/index | ||
| + | http://www.debian-administration.org/article/SSH_with_authentication_key_instead_of_password | ||
| + | http://www.debian-administration.org/article/Keeping_SSH_access_secure | ||
---- | ---- | ||
[[category:CategorySecurity]] | [[category:CategorySecurity]] | ||
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] | ||
2010年5月19日 (三) 17:24的最新版本
{i} This article applies to all Ubuntu versions
目录
Why do I need anti-virus software?
Isn't Linux virus-free?
For the most part, Linux is engineered in a fashion that makes it hard for viruses to run (click here for more info). However, there are many reasons you might want a virus scanner on your Linux PC:
- to scan a Windows drive in your PC
- to scan a Windows-based network attached server or hard drive
- to scan Windows machines over a network
- to scan files you are going to send to other people
- to | scan e-mail you are going to forward to other people
- some Windows viruses can run with Wine.
- | Linux virus infections are theoretically possible
Open Source Antivirus
For Ubuntu or Xubuntu install clamtk to get a nice gui front-end so that you don't have to run it from the command-line. The gui appears to be out-of-date but is still very usable.
Free (gratis) version of proprietary Antivirus
Most of these did not appear to have linux downloads accessible on their websites on 16th April 2010
- Avast! Linux Home Edition. More information about Avast! at wikipedia and an install guide at UbuntuGeek. Avast's product key didn't work so we contacted the company & are awaiting their response.
- AVG Antivirus. Function Limited. Virus detection only.
- Avira Antivirus. Requires Java to use the GUI.
- BitDefender Antivirus. Limited time trial version available apparently but only after filling in a form
- Panda Antivirus. I didn't check this one but it appears to be old and no longer maintained. It used to have some unique & awesome features
- F-PROT Antivirus for Workstations (home users). Free for personal use. GUI front-ends are available, but may require some manual work. e.g. XFProt. I have not tried the GUI front-ends.
- Wiki list
Possible reasons linux is less prone to malware
- Programs are run as normal user, not Root User
- More eyeballs on the code, nowhere for malware to hide
- Vast diversity makes it difficult to reproduce flaws in a system
- All software and drivers are frequently updated by Package Managers
- Software is generally installed from vast Repositories not from unfamiliar websites
- Developers/programmers are recognised as Rock Gods rather than treated with contempt
- Elegant, secure code is admired & aspired to. Hasty kludges are an embarrassment
- Ownership of the means of production is in the hands of the workers
- No-one profits from supplying anti-virus or security products
"A computer virus, like a biological virus, must have a reproduction rate that exceeds its death (eradication) rate in order to spread. Each of the above obstacles significantly reduces the reproduction rate of the Linux virus. If the reproduction rate falls below the threshold necessary to replace the existing population, the virus is doomed from the beginning -- even before news reports start to raise the awareness level of potential victims." by Ray of http://librenix.com
Root User vs normal usage
"For a Linux binary virus to infect executables, those executables must be writeable by the user activating the virus. That is not likely to be the case. Chances are, the programs are owned by [[UbuntuHelp:| root and the user is running from a non-privileged account. Further, the less experienced the user, the lower the likelihood that he actually owns any executable programs. Therefore, the users who are the least savvy about such hazards are also the ones with the least fertile home directories for viruses." by Ray of http://librenix.com
Some people say that linux suffers less from malware because it has less than 1% of the desktop market compared to Windows 90% & suggest that if linux ever increases in popularity then it will suffer just as badly. This argument is deeply flawed & not just by the spurious statistics. Linux dominates server markets. Why struggle to write a virus that might knock out a few thousand desktops when knocking out a few thousand servers could knock out a continent? Yet it is the desktop machines that are commonly exploited.
Package Managers
With Windows when you want to try a new program you usually have to either pay a lot for it or else use a pirated version, a "cracked copy". With pirated programs you can never be sure of what extra stuff has been added and may often end up getting malware or viruses. Even if you do get a legit copy then you will be often be expected to search around the internet to download it from a site you have probably never seen before. It is quite common for malware agencies to imitate such sites to get malware onto wide-eyed-end-users machines. Users get the blame for going to the wrong sites but how are they supposed to know which are the legit sites without prior experience of that particular site? With linux we use | package managers such as Synaptic or Software Centre that share the same lists of already installed programs and also share lists of approved sites (=repositories) to download programs/packages from. Programs generally have to go through some sort of approval process before being allowed to sit in the repositories (=repos) & generally go through alpha & beta testing before being approved. Theoretically complaints about a package could lead to it getting removed from the repos although generally they just get bug-fixed. In Windows there is no built-in way of updating programs, drivers, codecs & other packages. Their update process is only about updates to the OS itself (and notice they are almost always called "security updates" although it is often about MS's security not the users or the machine's security). So, often when you open a program such as Adobe Reader a pop-up appears saying there is a new version or updates are available (again notice how often they are "security updates"). In linux the package managers update all the programs, kernel modules (these contain the drivers amongst other things), shared libraries, codecs, add-ons and other packages. You can set how often & when (even down to the time-of-day) that this update process happens. Although it defaults to asking your permission to download & install updates you can make it just go-ahead automatically. No constant pop-ups demanding you update NOW. No demands to make the updates automatic. Most of the linux updates are about increasing functionality because writing packages with vulnerabilities is unacceptable and so packages would be held back rather than included in releases or added to the repos. Even with the timetabled 6 monthly release cycle of Ubuntu there are no major deadline requiring that badly written code gets rushed through. So, once you update a linux system that means everything about the system is up-to-date. After a Windows update you are likely to still have programs and drivers that have known existing exploited vulnerabilities even tho "security patches" have been released.
Other Links
https://help.ubuntu.com/community/Linuxvirus http://en.wikipedia.org/wiki/Linux_malware#Anti-virus_applications http://ubuntuforums.org/showthread.php?t=765421 http://www.virusbtn.com/index http://www.debian-administration.org/article/SSH_with_authentication_key_instead_of_password http://www.debian-administration.org/article/Keeping_SSH_access_secure
