Linux

ESET NOD antivirus solution comes to Linux

The makers of ESET NOD have finally determined it is time to port their anti-virus solution to Linux. Jack Wallen thinks it's every Linux user's duty to help keep their vulnerable friends, family, and co-workers safe.

That's right, one of the long-time providers of Windows anti-virus solutions has finally ported to Linux. From the ESET website:

Desktop Linux distributions have surged in popularity on netbooks and low-cost office terminals. Linux has won for its fast startup time, low systems requirements and cost efficiency relative to popular platforms like Windows and Mac OS X.

And so they have decided it was time to join the few proprietary antivirus solutions for the Linux desktop. Personally, I was quite pleased with this news. But then I am of the mindset that you can never be too careful. And, although Linux machines are not susceptible to the multitude of viruses that Windows suffers from, that doesn't mean you shouldn't be protected. For those that scoff, I ask this simple question: Do you ever forward files or emails to users you KNOW are on Windows? If so, then why are you not protecting those users?

And that's what it ultimately boils down to when it comes to Linux antivirus solutions - protecting those who choose to go a less secure, more vulnerable route. It's shocking to find out, however, that this stance is in the vast minority among Linux users. Because Linux does not suffer the same fate that Windows suffers (in that it does not require an antivirus solution to be safe) most users don't bother.

What spurred me on to write this was the majority of reactions on the email list this was announced to. The over-riding opinion was, "Screw everyone not using Linux" and "Why should I protect everyone else?" One reader even pointed the list to an article, published in 2007, titled, "Note to new Linux users: No antivirus needed." Naturally that sentiment is fine if:

  • You do not forward files or emails to other users.
  • You forward/send files to users who ONLY use Linux.

But the moment you forward/send a file or an email (especially an HTML email or email with an attachment) to a Windows user, you make them vulnerable.

I find that stance to be irresponsible. And so do the makers of ESET NOD. So I decided to download, install, and try out the product. I have to say, I'm impressed. Installing the solution on a CentOS machine was a no-brainer and, surprisingly enough, when the scan was running full-bore the machine took no noticeable hit in performance. I was working as if nothing was going on in the background.

The product (currently in Beta testing) offers the following features:

  • Real time scanner.
  • Proactive detection of Linux, Mac, and Windows viruses, spyware, and other threats.
  • Small and non-invasive updates.
  • Convenient "check for updates" functionality.
  • Intuitive and elegant look-and-feel.

The Beta test program for ESET NOD for Linux will continue until the makers have determined the product ready for shipping. At that point the beta versions of the software will cease to work and, I would imagine, anyone wanting to continue on with protection will have to purchase a license. As we have concluded recently, this is going to be a challenge for the creators as the majority of Linux users do not seem to want to lay down coin for software. From my perspective, if you are using Linux in a production environment where there are computers that are more susceptible to viruses, do yourself and everyone around you a favor and purchase a license for this product or a product like it.

Linux users owe it to Windows users to protect them in ways their native operating system can not. It's a crazy, infected PC world out there. I, for one, am glad I never have to worry about my own machine getting hit with viruses or malware. But there are plenty of people out there I do care about who are vulnerable. It is my responsibility to make sure I do not send them infected files. To that end I will use whatever means I have to in order to protect them. If that means installing an anti-virus solution on my Linux desktops...so be it.

About

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website getjackd.net.

12 comments
dvd.moore
dvd.moore

ESET NOD is an option toward not passing on virus-contaminated e-mails, etc, from a Linux machine. But there are also other solutions for Linux, like ClamAv for instance. How does ESET NOD compare to these?

todd_dsm
todd_dsm

As a quick smoke test I've attempted to download the package. Here's what I found: 1) They only have software under their Business Downloads 2) You'll have to expand the Mail/File/Gateway Servers portions of the page and search for Linux. After clicking on the link you are presented with a login that says: "A username and password are being requested by http://download.eset.com. The site says: "NOD32 For Unix"" 3) I tried a few combinations using "NOD32 For Unix" in the password with some other common parameters, like "anonymous" - no dice. 4) I searched their site for download instructions - no dice. Honestly, the only work I was willing to put into this eval was on your say-so, which is still golden btw ;-) - short of that, companies like this shouldn't spank those interested in an eval of this (proprietary) nature to the point where interest is lost. My Mail Server security is comprised of SA, greylisting, ClamAV. If viruses can get past that it's time to bulk up on rifles and ammo, and head for the hills. Filesystem security can be achieved by googling for "harden linux filesystem" and reading. Network and gateway security is a bit trickier (snort) but is entirely doable. The point is, companies like this should know we have options that we actually LIKE to exorcise. They will have to go a little further out of their way to bring us to the table. And if ESET can't reach any further, maybe the ClamAV people will see the error and fill the gap. How long could it take to branch it, throw an UI on it (for the kiddies), and make it a desktop mail scanner for Thunderbird, et al? Good find though :-D

ejv
ejv

I think I'll stick with my current Linux a/v solution...Common Sense v. 1.0 An alert and knowledgeable PC user, which I suspect many Linux users are, would spot a suspicious attachment a mile away. I don't think email attachments are much of an "attack vector" these days anyway. Clickjacking is much more of a problem. A/V on a linux mail/file server is a good idea, on the desktop, meh. Besides, what are you doing forwarding malicious links/attachments to your contacts? Don't you LOOK at what you're sending???

rmerchberger
rmerchberger

And I quote: """ ???Note to new Linux users: No antivirus needed.??? Naturally that sentiment is fine if: * You do not forward files or emails to other users. * You forward/send files to users who ONLY use Linux. But the moment you forward/send a file or an email (especially an HTML email or email with an attachment) to a Windows user, you make them vulnerable.""" OK, I'm not going to go all "caps-lock-happy" and try to look cool (especially because it's rather childish... ;-) ), but it's not my job to make sure Windows users are safe any more than it's my job to make sure everyone who owns one of those dinky 'Smart' cars is a safe driver just because I drive a Chevy Avalanche. Believe it or not, I don't even check to see if my neighbors lock their doors at night -- Oddly enough, I rather think that's their responsibility, not mine. Now, I am going to install the beta and check it out - as I get asked by a *lot* of friends (and friends of friends) who run Windows to clean the viruses / malware off of their systems, I do have a VirtualBox WinXP install running Avast AV to scan their hard drives hooked to a USB->IDE interface. Although the arrangement is somewhat sub-optimal, I've not had good luck with ClamAV for this purpose, and 1) if this product can save a lot of emulated CPU cycles by not going through the VB sandbox and 2) does a better job cleaning the drive as it wouldn't be classified as a network drive (that's what shared folders are considered in VB) then I'd consider purchasing it if it's not insanely expensive as that would improve the services that I provide my customers (read: seriously undercharged friends ;-) ). I would *not* do it to protect others from themselves (and would not run it full-time - only whilst scanning others' machines), and just because I'm much more security conscious does not make me "my brother's keeper" especially as my brother doesn't even own a computer. I'm just sayin'... "Merch"

fatman65535
fatman65535

That one had me spitting out the mouthful of coffee all over the monitor and the keyboard. We Linux users owe WindoZE users NOTHING!!!!!! but our contempt. I jumped off that sinking WindoZE ship a few years ago, and switched to Linux; and I have not regretted it. If ANYTHING, WindoZE (l)users have the RESPONSIBILITY to the remainder of us to practice safe computing; and not treat their machines like an appliance. (i.e. "Plug it in, and just expect it to work flawlessly") (sarcasm) I feel WindoZE (l)users MUST have an internet surfing license!!!! (that means - take a test) (/sarcasm)

Bolaris
Bolaris

"Linux users owe it to Windows users" - lol, I think you mean Windows users owe it to Linux users to clean up their act and make sure they don't burden other OS's. It's important that we understand the simple fact that AWARE Linux users will not want to be responsible for the burdens Microsoft has brought upon the security industry. Possibly though when Linux becomes more mainstream, that would translate into more and more ex-windows users switching over, not realising it's not needed for their Linux machine, yet cluelessly forking over cash to protect someone else with the very Windows OS they abandoned and don't want to associate with anymore..interesting scenario.

msux
msux

You expect Linux users to PURCHASE anti virus software to run on our systems (bogging them down, wasting CPU cycles) because MS is incapable of producing decent software?

ejv
ejv

It took me awhile to find it yesterday too. I thought I would download and install it today and figured I would try "http://beta.eset.com" and sure enough, it brought me right to it. The download on that main beta page installed without a problem or asking for authentication (the username and password fields where already filled out.) All I needed to do was assign an execute bit and run the installer from the shell. I don't know why the author didn't include a proper link in his article.

david.hunt
david.hunt

Yes, but many people don't. How many joke emails do you get as just an empty forward with no introduction or commentary by the forwarder. I just hit the delete key. If the sender cannot be bothered saying something about what they have forwarded, then why should I take the time to look at it? The exception is when the attachment has been sent by arrangement through IM or a phone call. The same goes for emails with null subject lines. You could easily argue that Acrobat and Flash are the biggest risks for Windows users of recent times. I had a really long think about whether to put Flash on my new Windows laptop... I eventually did, but I don't on Linux, even though they have finally offered it for 64bit Linux. ShockWave didn't make the cut, so I don't have that loaded anymore.

jlwallen
jlwallen

i envision a day when more than just your current "average linux user" will be using Linux. think about when your average PC user is using Linux...at that point something like this will be a necessity.

jlwallen
jlwallen

no. i don't expect this. not on an individual basis. but if you work in a business, and you use Linux as your desktop, it might behoove you to add antivirus to prevent the accidental (or even intentional) forwarding of a virus-infected file or email.