I have always heard not to use antivirus on Linux but I saw the post about a guy getting a RAT exploit backdoored through wine and it had me thinking should I be using ClamAV or some other antivirus for Linux?
I have always heard not to use antivirus on Linux but I saw the post about a guy getting a RAT exploit backdoored through wine and it had me thinking should I be using ClamAV or some other antivirus for Linux?
It’s not about AV. It’s about vulnerabilities.
AV just uses (often multiple) vulns to do something, and with closed-source systems you can’t fix it yourself, so you need an application to do it for you.
AV is a block-list approach… always needs updating, even for things you don’t have. Linux can operate with allow-lists, so only the apps you have can execute.
Plus firewalls (outbound as well as inbound), SSH, secure package repos, etc.
You don’t need AV, but, you can have it if you want it (maybe file-less memoey resident stuff)
But, yeah, that other post was just mayhem.