Monday, 5 October 2015

AV-Test Lab: Linux User Without Virus

The amount of malware for Linux is still very limited, especially compared to Windows. Nevertheless, even Linux systems with malware become infected. In addition, Linux systems are often used in Windows environments and thus come into contact with Windows Malware. Astute Linux users, however, need to install a virus scanner, according to the German test lab AV-Test.

AV-Test decided 16 different security packages for Linux with both Linux and Windows Malware to test an Ubuntu system.The results are disconcerting for some products, because they are by letting 85% of the Windows Malware and up to 75% of the Malware Linux. Eight of the sixteen security suites able to detect between 99.7% and 99.9% of the 12,000 common Windows Malware. Only Symantec scores 100%. McAfee and Comodo scoring with 85.1% and 83% respectively lower.Much worse are the results from Dr. Web (67.8%), F-Prot (22.1%) and ClamAV (15.3%).

Tested for the second part of the test was 900 malware instances for Linux. Kaspersky'm here solely to detect all malware, followed by ESET with 99.7%. AVG scores 99%, followed by the server versions of Kaspersky and Avast that detect more than 98% of malware. Symantec, which identified all Windows Malware recognizes 97.2% of Linux Malware. The other products scored less well, with ClamAV, McAfee, F-Prot Comodo and finish at the bottom. The detection rates lie between 66.1% and 23%.

Linux And Malware

The question remains to what extent it is necessary for Linux users to install a virus. According to AV-Test, the number of Trojans for Linux has increased recently, but they are of poor quality. This is according to the test lab because attackers are aware of good security practices that Linux offers. There is then also especially the ignorance of users use, for example, which become infected by operational errors.

The most common way to become infected by Malware Linux is by installing software updates or via third parties, according to AV-Test. The software will ask during the installation to temporary root privileges. If the user allows this software to the system will be manipulated and attackers can install a backdoor on the system and is it part of a botnet.

According to AV-Test, most Linux users believe that they are one of the safest systems available use. "This statement is true if you only look at the system and leave the rest aside." Insecure third-party software and user errors can ultimately ensure that a Linux system, like Windows and Mac with malware gets infected.

Research by anti-virus companies shows that many infected Linux servers that are part of a botnet. Linux-based botnets often remain even longer operational because the servers do not use security software, unlike Windows Servers where this is the case. And if there is already software installed are often the wrong products. "In many Linux Forums free Comodo products, ClamAV and F-Prot be recommended to home users. This is not good advice", says AV-Test.

The test shows that home better for the free versions of Sophos or Bitdefender can choose. For server systems, there is the free scanner from AVG. ESET is as a whole out on top, followed by Symantec and Kaspersky. For servers are Kaspersky, AVG and Avast recommended.

Virus Scanner Necessary?

Or Linux Users must install a virus is ultimately to their own behavior. AV-Test says that security suites are only a second line of defense. The main security is in fact the user. Anyone who loves his system up-to-date, no unnecessary ports opens, only install software from trusted sources, prevents the browser to run active content and not open just e-mail attachments will do when it comes to Linux Malware no worries make, according to the testing lab.

No comments:

Post a Comment