Although Linux operating systems are fairly stable and secure, they may not completely be immune to threats. All computer systems can suffer from malware and viruses, including those running Linux-based operating systems.
However, the number of critical threats to Linux-based operating systems is still way lower than threats for Windows or OS X.
Therefore, we need to protect our Linux systems from various forms of threats such as viruses that can be transmitted in many ways including malicious code, email attachments, malicious URLs, and rootkits to mention but a few.
In this article, we will talk about 5 best free anti-virus programs for Linux systems.
ClamAV (Clam AntiVirus) is a free and open-source, versatile anti-virus toolkit for Linux systems that is used for detecting trojans, viruses, malware, and other malicious threats.
It’s a standard for mail gateway scanning software; it supports almost all mail file formats and it is primarily used on Unix-like systems such as Linux, FreeBSD, and macOS, but it also has support for Windows.
ClamAV operates on a signature-based detection method, which means it scans files for patterns that match known malware signatures. These signatures are regularly updated to keep up with new threats.
Additionally, ClamAV can also perform heuristic analysis, which involves examining the behavior of files and identifying potentially malicious patterns.
The following are its well-known ClamAV features:
- It’s cross-platform; works on Linux, Windows, and Mac OS X
- POSIX-compliant, portable
- Easy to install and use
- Works primarily from the command-line interface
- Supports on-access scanning (Linux only)
- Provides a virus database update
- It can scan within archives and compressed files (also protects against archive bombs), and the built-in support includes Zip, Tar, 7Zip, and Rar among others.
To install ClamAV on a system, you can use the default package manager on your Linux distribution.
$ sudo apt install clamav [On Debian, Ubuntu and Mint] $ sudo yum install clamav [On RHEL/CentOS/Fedora and Rocky/AlmaLinux] $ sudo emerge -a sys-apps/clamav [On Gentoo Linux] $ sudo apk add clamav [On Alpine Linux] $ sudo pacman -S clamav [On Arch Linux] $ sudo zypper install clamav [On OpenSUSE]
ChkrootKit is a free and open-source security scanner designed to detect known rootkits on Unix-like systems, including Linux.
It is a lightweight tool that scans your system for signs of rootkits, which are malicious programs that can grant unauthorized access and control over a compromised system.
It contains various programs/scripts which include:
- chkrootkit – a shell script that checks system binaries for rootkit modification.
- ifpromisc.c – it checks if an interface is in promiscuous mode.
- chklastlog.c – this checks for lastlog deletions.
- chkwtmp.c – this checks for wtmp deletions.
- check_wtmpx.c – checks for wtmpx deletions (Solaris only).
- chkproc.c – checks for signs of LKM trojans.
- chkdirs.c – this checks for signs of LKM trojans.
- strings.c – it performs quick and dirty string replacement.
- chkutmp.c – this checks for utmp deletions.
To install Chkrootkit on a Linux system, you need to download the source code and compile it manually as shown.
$ wget ftp://ftp.chkrootkit.org/pub/seg/pac/chkrootkit.tar.gz $ tar -xvf chkrootkit.tar.gz $ cd chkrootkit $ ./configure $ make $ sudo make install $ sudo chkrootkit
3. Comodo Anti-virus For Linux (CAVL)
Comodo is a powerful cross-platform anti-virus and email filtering software. Comodo Anti-virus For Linux offers great virus protection with the additional features for a fully configurable anti-spam system.
Comodo anti-virus for Linux features include:
- Simply install and forget, no annoying false alarms, just solid virus protection.
- Provides proactive anti-virus protection and intercepts all known threats.
- Optional automatic updates for the most up-to-date virus protection.
- Comes with a scan scheduler, detailed event viewer, and custom scan profiles.
- Offers a mail filter that is compatible with Postfix, Qmail, Sendmail, and Exim MTA’s.
Comodo Antivirus for Linux provides installation packages for various Linux distributions, including Ubuntu, Debian, Fedora, CentOS, and openSUSE. Make sure to choose the appropriate Linux distribution package for your system from the download page.
4. F-PROT For Linux
F-PROT anti-virus for Linux workstations is a free powerful scanning engine for use on home/personal workstations.
Developed to effectively get rid of viruses-threatening workstations running Linux, it offers full protection against various types of malware, including viruses, worms, Trojans, and other malicious software.
Below are some of its exceptional features:
- It supports both 32-bit and 64-bit versions of Linux x86.
- It scans for over 2119958 known viruses and their variants.
- It’s able to perform scheduled scans using cron.
- It scans hard drives, CD-ROMS, diskettes, network drives, directories, and specific files.
- It can also scan for images of boot sector viruses, macro viruses, and Trojan Horses.
5. RookKit Hunter
Rootkit Hunter (rkhunter) is a remarkable lightweight, open-source security monitoring and analyzing tool for POSIX-compliant systems that is designed to detect and identify rootkits, backdoors, and other potentially malicious software on Linux and Unix-based systems.
It scans the system for known rootkit signatures, suspicious files, and various system configuration anomalies that might indicate a compromise.
To install Rkhunter on a Linux system, you can use the default package manager as shown.
$ sudo apt install rkhunter [On Debian, Ubuntu and Mint] $ sudo yum install rkhunter [On RHEL/CentOS/Fedora and Rocky/AlmaLinux] $ sudo emerge -a sys-apps/rkhunter [On Gentoo Linux] $ sudo apk add rkhunter [On Alpine Linux] $ sudo pacman -S rkhunter [On Arch Linux] $ sudo zypper install rkhunter [On OpenSUSE]
6. Sophos Antivirus
Sophos Antivirus is a comprehensive antivirus solution developed by Sophos, a leading cybersecurity company, which provides protection against malware, viruses, ransomware, and other security threats across various platforms, including Windows, macOS, and Linux.
Sophos also offers a free version of its antivirus software for Linux, which provides real-time scanning, on-access scanning, and on-demand scanning to protect against malware and other threats. It also includes features like web filtering and malicious traffic detection.
Firejail is an open-source security sandboxing tool for Linux systems that provides an additional layer of security by isolating applications or processes from the rest of the system, reducing the potential impact of security vulnerabilities or malicious actions.
Firejail achieves this isolation by using Linux namespaces and control groups (cgroups) to create lightweight sandboxes for applications. When an application is executed within a Firejail sandbox, it operates within a restricted environment with limited access to system resources and files.
8. Qubes OS
While all the security tools mentioned in this list are undoubtedly valuable for strengthening the security of a Linux operating system, achieving a truly secure system requires a more comprehensive approach.
To establish a genuinely secure Linux system, it’s essential to consider Qubes OS, which is a free and open-source operating system that prioritizes security through a unique approach known as “security by compartmentalization“.
It is designed to provide strong isolation between different tasks and applications running on the system, making it highly resistant to malware attacks and offering enhanced privacy.
That’s all! Don’t believe that Linux-based operating systems are completely secure, get one of these free anti-viruses we have talked about to secure your workstation or server.
Do you have any thoughts to share with us? If yes, then make use of the feedback form below.