gengwg/linux-antivirus.md

Created March 18, 2025 16:52

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/gengwg/22793c32d51ce66f14897d4c35765129.js"></script>
Save gengwg/22793c32d51ce66f14897d4c35765129 to your computer and use it in GitHub Desktop.

Download ZIP

Open-source Linux antivirus and security tools

Raw

linux-antivirus.md

1. ClamAV

Description: ClamAV is a powerful open-source antivirus engine that scans for malware, including Windows viruses. It’s lightweight and widely used.
Installation:
```
sudo dnf install clamav clamav-update
```
Update Virus Definitions:
```
sudo freshclam
```
Run a Scan:
```
sudo clamscan -r /path/to/scan
```
Graphical Frontend (ClamTK):
```
sudo dnf install clamtk
```

2. rkhunter (Rootkit Hunter)

Description: rkhunter scans for rootkits, backdoors, and other malicious software.
Installation:
```
sudo dnf install rkhunter
```
Update Database:
```
sudo rkhunter --update
```
Run a Scan:
```
sudo rkhunter --check
```

3. Lynis

Description: Lynis is a security auditing tool that scans for vulnerabilities and provides hardening recommendations.
Installation:
```
sudo dnf install lynis
```
Run a Scan:
```
sudo lynis audit system
```

4. chkrootkit

Description: chkrootkit is a lightweight tool for detecting rootkits.
Installation:
```
sudo dnf install chkrootkit
```
Run a Scan:
```
sudo chkrootkit
```

5. Sophos Antivirus for Linux

Description: Sophos provides a free version of its antivirus software for Linux. It’s not open-source but is free for personal use.

Installation:

Download the installer from the Sophos website.

Extract and run the installer:

tar -xzvf sav-linux-free-9.tgz
cd sav-linux-free-9
sudo ./install.sh

Update virus definitions:
```
sudo /opt/sophos-av/bin/savupdate
```

Run a scan:

sudo /opt/sophos-av/bin/savscan /path/to/scan

6. Comodo Antivirus for Linux

Description: Comodo offers a free antivirus solution for Linux with both CLI and GUI options.
Installation:
1. Download the installer from the Comodo website.
2. Install the package:
```
sudo dnf install ./comodo-antivirus-for-linux.rpm
```
3. Launch the GUI or use the CLI for scanning.

7. Firejail (Sandboxing Tool)

Description: Firejail is not an antivirus but a sandboxing tool that adds an extra layer of security by isolating applications.
Installation:
```
sudo dnf install firejail
```
Usage: Run any application in a sandbox:
```
firejail firefox
```

8. SELinux (Built-in Security)

Description: Fedora comes with SELinux (Security-Enhanced Linux) enabled by default. It provides mandatory access control (MAC) to enhance security.
Check Status:
```
sestatus
```
Manage SELinux: Use tools like setenforce, getenforce, and semanage to configure SELinux policies.

Recommendations

For Malware Scanning: Use ClamAV for general malware scanning and Sophos for more advanced features.
For Rootkit Detection: Use rkhunter or chkrootkit.
For System Hardening: Use Lynis to audit and secure your system.
For Sandboxing: Use Firejail to isolate applications.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment