Malware attacks are increasing: be prepared!
Linux systems are known to be more secure than Windows. However, that doesn’t mean they are entirely immune to threats. Malware attacks on Linux systems are increasing. This article will describe seven free antivirus programs for Linux.
1. ClamAV
ClamAV is an open-source antivirus engine used to detect viruses, trojans, malware, and other malicious threats. It can run on a Linux server and Linux desktop.
All actions with this tool use the command line. Features include:
- Supports multiple languages
- Easy-to-use
- Portable
- Scans numerous file formats and mail gateways
- POSIX compliant support
- Provides a virus database update
ClamAV works through the terminal and doesn’t have a native GUI, although you can download your own. It can scan compressed files (supports Rar, Zip, 7Zip, and Tar) and archives.
If you are looking for an automatic file scanner, ClamAV is not for you. It requires you to open the files first.
Another downside of this program is its slow processing speed and infrequent system updates.
2. ClamTK
ClamTK is not a virus scanner in and of itself. It is a GUI for ClamAV. For those users who don’t like to use a command-line interface, ClamTK provides the same features as ClamAV via an easy to use graphical interface.
The main feature of ClamTK is to be able to use all the advanced features of Clam AV in a simple GUI. Other features include:
- Exclude folders and files with white-list feature
- Schedule scans easily
- Supports folder scanning integration with all major desktop environments
- Can be installed on most popular Linux operating systems
- Configure scan schedules
- Manually scan individual directories and files
- Download definition updates
- Users can securely delete files that have been moved into the quarantine manager
- Quickly access scan logs from history browser
Both ClamTK and ClamAV are available in many mainstream Linux distributions’ software repositories.
3. Comodo Antivirus
Sometimes referred to as CALV, Comodo Antivirus includes an on-demand scanner, real-time behavioral analysis, and spam mail protection and anti-phishing.
Other features of this free antivirus program include:
- Custom scanning profiles
- Regular and automatic updates
- Cloud-based
- Delivers 360-degree protection against zero-day and unknown malware
- Virus definitions are updated many times a day
Comodo Antivirus might be too complicated for those who are not tech-savvy. Be careful and pay attention when installing the free version. By default, Comodo will automatically change your browser and primary search engine.
Comodo also has no web filtering or URL blocking.
For advanced users looking for a feature-rich and highly configurable antivirus program, Comodo is a good choice. Average users might find it too difficult to use.
4. Rootkit Hunter
Rootkit Hunter is a small utility that uses backdoor and other local exploits to detect trojans and viruses.
Other features include:
- Easy-to-use and fast
- Works from the command line
- Portable
- Supports many Linux distributions
Rootkit Hunter detects rootkits by scanning for unrecognized changes in files. To recognize if there has been a change, Rootkit needs to know what the files should look like on a clean system. Therefore, you must install it to get a baseline for future scans.
If you wait until your system is infected, Rootkit Hunter will not be very useful.
5. F-Prot
F-Prot is a free antivirus program for Linux home users to keep their systems free of malware. It scans for ransomware, boot sector viruses, and other malicious threats.
It includes other features such as:
- Compatible with 32 and 64-bit
- Uses GUI or command-line interface
- Portable
- Does not affect system performance
- Scans an enormous database of known threats (over 21 million) and their other variants
- Performs scheduled scanning
- Detects different infection types including boot sectors
F-Prot doesn’t include Internet security tools such as virtual keyboards, browser extensions, or phishing detectors to protect against keyloggers’ efforts.
However, for those interested in an effective and functional antivirus program, it is a good choice.
6. Chkrootkit
Chkrootkit is a set of tools used to detect the presence of rootkits. It is free and open-source.
Chkrootkit has many other features, such as:
- Available for multiple Linux distributions
- Detects almost all the latest rootkits because the open-source community keeps it up to date
- Fast and easy to use
- Lightweight and portable
- Can be burned to USB or CD
- Runs from terminal
- Efficiently detects altered wtmp and lastlog files to alert administrators about intrusions
Chkrootkit doesn’t release new versions as often as some of the other antivirus programs.
7. Sophos
Sophos anti-virus software detects and eradicates viruses (including Trojans and worms) for a wide range of Linux distributions.
Below are some of the features of Sophos:
- Detects and blocks malware with on-demand, scheduled, or on-access scanning
- Updates are typically under 50KB and have little impact on system performance
- Runs quietly and easy to install
- Can run all commands (except savscan) from the command-line interface as root
- Uses live protection to find malicious files in real-time
- Configure scanning for local and network drives
By detecting and blocking non-Linux viruses that might be stored on your computer, Sophos prevents your Linux system from being affected by malware from other operating systems you might be using.
Sophos doesn’t come with a built-in GUI. The free version doesn’t give access to subscriptions or technical support.
Even though Linux systems are better protected than Windows, there is no way to be 100% safe from malicious threats. Why not protect your computer by installing at least one of the free antivirus programs above?