Exploring this site:

http://www.linux.org

I found this new:

Open Source Not Ready for Anti-Virus (http://www.eweek.com/article2/0,1759,1633536,00.asp)

Is that true that there are viruses in Linux? :eek:

Please tell me that this is not true. :(

I think there were a couple before, but in any case, they don't cause that much damage (unless you're running as root) since the permissions pretty much make it difficult for the virus to infect anything you can't write to. Of course it's always possible to first exploit a SUID program and have that run the virus, in which case you're screwed. But that's why you keep a fully updated patched system right? :)

So, how the heck could an anti-virus software for Linux work? :confused:

This is what an antivirus program would do:

Look for SUID executables:
"find / -group GROUP -user USER 2>/dev/null"
This will find all files with permissions of GROUP and USER, so a file that belongs to the user root and the group users would probably be exploitable if the hacker got into your system. It would point them out and suggest a fix.

Most package based distros are kinda anti-virus, 'cause you could just update all of your packages that have been patched for security reasons. Antivirus software would watch security sites and notify you of exploits.

Close off services you aren't using, like telnet, which is extremely prone, httpd, ftpd.

Don't run programs or scripts that you don't what they do or how they got there. That's your job.

And, dear god help us if it ever happens, never use Internet Explorer for Linux!

So, as you can see, antivirus software isn't really necessary as most of what I've mentioned is common sense on the part of the user. If you want, I'm pretty sure you could bug the closest Linux programmer into writing a little graphical client that packages all this together.

Well one helpful feature for an anti-virus program would be if you're using your Linux box as a mailserver. Say you allow other Windows based machines to access it through webmail. Then having an antivirus scanner to scan the attachments would come in handy.

You may want to have a look at http://www.chkrootkit.org/ , its one of several tools you can try.

Clam-AV is a good GNU/Linux anti-virus you could consider. In general, though, you can avoid viruses just like on Windows: don't run crap you don't know, watch out for attachments in mails, etc, etc. It's really not hard...