Security Soft for Solus

berjer

I don't know snake oil

berjer

I have Firejail, but don't know how to use. In the Configuration is Firefox and Thunderbird, but Opera Browser not and I don't know how to insert Opera

SethStorm666

If you really want an anti-virus scanner you can install ClamUI. It's available as a flatpak. Just be aware that clam is famous for spitting out a lot of false positives.

presianbg

Hi,

A lot of malware is targeting Linux... mostly servers though.
Some of you might be interested in reading this one:
https://web-assets.esetstatic.com/wls/en/papers/white-papers/ebury-is-alive-but-unseen.pdf

Its not a bad idea to have anti-malware from trusted vendor (ESET, Sophos, Elastic ...etc) on your Linux box., nowadays its called endpoint protection software due its many layers of defense... but this scenario is mostly for enterprise environments, not for the regular Joe. For servers I would recommend trying https://sandflysecurity.com , which is not requiring much of tinkering with the protected assets.

You may consider the following to make informed decision:

evaluate your threat model, I'm saying this because many Linux savvy users are security and privacy cautious. They do not download and run random stuff from the internet, also not exposing their machines to the open world. So... if the risk is low and the attack surface is small, there is really no point of looking for endpoint protection;
if you concerned mostly about downloaded files, then upload their hashes to VirusTotal, just for piece of mind, not a real protection; (you may upload the files itself, but beware that anything uploaded to VT is in the public domain, so be careful especially with documents containing sensitive information).
if you decide to go with fully featured endpoint protection, then you have to switch your Linux distro to something mainstream like Ubuntu or OpenSuse, this is because the endpoint protection has A TON of dependencies to work properly (real-time scanner mostly). You may find some opensource projects, but as I said the REAL protection comes from the vast telemetry, threat intelligence and years and years of experience with malware, thus I would recommend spending a buck with some of the commercial options.
last but not least, Linux is mostly around open-source, which is its biggest strength and in the same time WEAKNESS. The opensource landscape has been flooded with supply-chain issues for the past couple of years ( XZ utils for an example). Nothing will protect you from upstream trusted prodcut, library or whatever being breached and served you as a "benign" update.

TraceyC

Another common vector for malware is through browser ads (javascript). Ad blockers in the browser are a good defense against this. In our home, we also have the PiHole ad blocker installed at the network level.

berjer

How works / install Sandfly? Is there a german manual?

nolan

A good point to start with sandfly is in the link below BUT if you are a regular user I recommend to not use it.

"Sandfly is an agentless intrusion detection and incident response platform for Linux."(https://docs.sandflysecurity.com/docs/getting-started)
So Sandfly is an EDR, not an Antivirus like Avast, Norton or Bitdefender.
Normally with the antivirus, the user don't have to do anything in response to a threat or virus; The EDR is used for Security Researchers, normally for a company, to detect intrusion in the network, vulnerabilities on endpoints (devices to be protected) and not intended for regular users.

Axios

I think most home users dont need heavy stuff
Just find browser extensions that keep stuff off the computer in the first place
and watch how you do stuff online.

Unless you are doing shady stuff then its a whole different issue.

« Previous Page