Hi David,
Instead of an antivirus, considering using these things instead: AppArmor, FireHOL, Firejail, and NoScript or uBlock Origin.
Phil
Exactly, I used to be that ignorant, no offense, but it is a lack of knowledge that makes people think you need anti virus for everything.
Use AppArmor + Firejail + Noscript + Ublock Origin + Privacy Badger
these alone are good enough to block a whole lot of crap.
Also, greasemonkey and AAK-Cont Userscript For uBlock Origin
and you are in good shape. that's my personal thoughts on this.
]]>Instead of an antivirus, considering using these things instead: AppArmor, FireHOL, Firejail, and NoScript or uBlock Origin.
Phil
]]>_the rest of this is possibly not relevant_ but as I wrote it over my first coffee ...
Here it is anyway. Random observations thats all.
Its not impossible to write a virus that actually does something, just very difficult to do without _social__tricks_.
Like convincing you to run your browser or office suite as root or something startling...
(yeah I guess this could happen, we are only humans. )
The easier attack vector for "Nixen" is where they do their work on networks.
(so packet filtering and simply not running services you don't need).
Or via exploits in existing software or via the package management system or even firmware blobs.
(say in a closed driver for some zappy new IoT thing)
rkhunter
is an _excellent_ well tested tool to scan for , rootkits.
It is particularly useful where you have many users with mixed skill sets.
e.g. you are running webservers or have shell access accounts (!) etc.
As _one_ layer of defence along with others.
clamav
is for scanning email and _attachments_ for windows targeted payloads.
It would also be useful if your file sharing with windows networks etc.
Or collaborating with MSoffice users a lot.
i.e. Clamav looks for _known_ bad payloads in files you probably share..
You can help protect _them_ with clamav.
This works very well.
Now all you need to do is get them to keep _their_ anti virus suites up to date.
(this is not possible)
As a general user running with no special system privileges your
web browser is the weakest link.
( other than _yourself_ and, say sudo
There are other approaches like tripwire or entire suites of stuff that audit and help validate your system.
Some of them are almost attacks in their own right as they grind your cpu's down to dust... checksumming away.
These absolutely have a real place and are critical in some use cases...
Most of those assume your software doesn't change too often.
(thats a blurry line)
So real security starts with a clean kernel and a good package manager.
Like Devuan
Sorry I do rabbit on . .
You only need a virus scanner for other peoples stuff.
(or because your boss/client/user is an box checking idiot)
(which is just a special sub set of the world of stupid really)
Please I want to use a anti virus. But witch one is the best for Devuan?
Thanks. David
]]>