On Sun, Feb 23, 2020, 07:03 mlnl <m...@mailbox.org> wrote: > Hi l0f...@tuta.io, > > l0f...@tuta.io wrote: > > >Considering the fact I am human so not perfect at all + other notions > >like defense in depth / layered defense... would you recommend having > >a Linux anti-malware? > > I have used clamav, linux malware detect with 3rd party repos like > sanesecurity just for fun and for some time to see, what you can do > beside commercial products. I had only a few postive, Windows related > matches and a lot of false positives - and think about the 0-day > problem with all anti-malware or the capabilities of state > sponsored cracker groups or CNA/CNE groups inside military/civil > state organizations ;) > > I think, it is more important & usefull to audit & harden/secure your > system, kernels (KSPP), services and applications with IDS/IPS (e. g. > Samhain), MACs like AppArmor, systemd-analyze security unit, secured > sudoers file, use of additional 2FA tokens and so on... > > -- > mlnl
I've been using Sophos since it came out and clamav for many years prior and I prefer Sophos. I definitely disagree with merely doing backups and updates. You could say the same for any OS. That is no means of keeping yourself safe.
