> Starting assumption: I do want to run A/V.
You have it: it's called `apt` (i.e. in the world of Debian, the
response to "viruses" is to plug the hole they try to exploit, instead
of leaving those holes gaping while wasting resources trying to look for
known attacks).
> * (Clamscan already caught 4 things)
I'll bet that none of those 4 "things" exploit a hole to which you
are vulnerable. Hence catching those attacks has not made you more
secure: it just wasted resources.
My SSHd daemon has probably rejected more attempts to log into my system
while writing this email. So what? None of those attempts are real
threats, anyway, just like those 4 "things" that Clamscan says
it caught.
Stefan
