Sabayon Community

[tylerdurdin]

could someone please post a walkthrough of getting klam up and running. I have spent hours on google only to find that there are alot of steps and none of which are walkthroughs for sabayon 4.1. I really hate to bother you guys with this but, I would like to be safe and not be sending viruses to my friends and my other pc's. klam is already on my system from install of sabayon, after click on clam to set it up, I then click load module, enter password for root privelages,then the dreaded module failed to load please check installation. I will pay 50 million for such info.thank you in advance

[WarraWarra]

Have not tried clamav or Klamav but kde should have a decent interface for this if I remember correctly. This could be the easiest way to go with kde clamav

Here is a few links that could help as SL is based on gentoo so what works in gentoo works here as well most of the time.

http://wiki.linuxquestions.org/wiki/Usi ... _ClamAV.3F

http://www.google.com/intl/en/#hl=en&q= ... lAWEoQSgPM

Loading modules can be done with
/etc/modules/autoload.d/kernel-2.6
or
eselect rc list
and then
rc-update add ********* default
replacing the **** with module name list in above command. Likely clamd .
or
modprobe ********
Example:
modprobe ndiswrapper

You can also checkout clamav's website for how-to's and it might be in the wiki top right of this page.

[tylerdurdin]

Thanks for the quick reply, from what I have seen every direction you pointed me in is at least helpful.
BTW is there a better antvirus than clam? or one that is just as good that is an easy install, from my understanding the good antiviruses need to be compiled with my kernel.
Thank you very much for your help.
Your check is in the mail.

[WarraWarra]

Clam f-prot avast avg seems there is a few, how easy they are no idea.

http://www.google.com/intl/en/#hl=en&q= ... lAWEoQSgPM

If google link does not work then just search for "linux antivirus"

http://www.linux.com/feature/22899
Flavors:
http://www.avast.com/eng/avast-for-linu ... ation.html
http://www.pandasoftware.com/download/linux/linux.asp
http://www.clamav.net/
http://www.f-prot.com/products/home_use/linux/
http://www.kaspersky.com/anti-virus_linux_workstation
http://free.avg.com/download

How to install = check tehir website pages or gentoo.org or best might be to search equo and then emerge for the same name as software you need.

Code: Select all

example:
emerge -s avast-something-something
emerge -S virus

Last time I used kaspersky they where one of the best but this was back in windows days and then they like most companies added bloatware and ruined a very good product same as KDE and their vista clone theme by default or nero and their bloatware and all of this just to compete with vista bloatware.

Seems like most software company's get things to decent and working and then they add rubbish / bloatware gimmick and can never get the James dean car / software curse removed + get rid of the people that actually made it work.

Have a look at the links they should have screenshots if the software is any good , if mediocre or rubbish they will not have screenshots and you might be able to find screenshots hopefully on google, It might still work as it is build by nerds for nerds and not for customers / humans = tricky to use but very effective and horrible interface or usually this is the case in similar results.

[Fitzcarraldo]

BTW is there a better antvirus than clam?

BitDefender Antivirus Scanner for Unices 2009 (free for home use) gets a 10/10 rating in the June 2009 issue of Linux Format magazine. According to the magazine article, BitDefender's virus database is over five times bigger than ClamAV's database.

Unfortunately there is not an ebuild as yet for Gentoo/Sabayon Linux as far as I know. However the console version does exist in Portage and Entropy:

Code: Select all

# eix bitdefender
* app-antivirus/bitdefender-console
     Available versions:  -7.0.1-r1 (~)7.1
     Homepage:            http://www.bitdefender.com/
     Description:         BitDefender console antivirus
# equo search bitdefender
>>  @@ Searching...
>>   #1 Sabayon Linux Official Repository
>>      @@ Package: app-antivirus/bitdefender-console-7.1               branch: 4
>>        Available:            version: 7.1 ~ tag: NoTag ~ revision: 0
>>        Installed:            version: Not installed ~ tag: N/A ~ revision: N/A
>>        Slot:                 0
>>        Homepage:             http://www.bitdefender.com/
>>        Description:          BitDefender console antivirus
>>        License:              as-is
>>  Keyword:    bitdefender
>>  Found:      1 entries

I don't have any experience with it myself, but it might be worth you giving it a shot. No doubt Google would dig up some instructions from somewhere.

[tylerdurdin]

so let me bother you one more time, do you use a antivirus? My confusion only stems from the fact that within a week of having 4.1 installed I managed to pick up a couple of viruses, I somehow managed to half-ass avast into my system downloaded the tar yada yada yada, unpack with ark, then could not find it anywhere. Managed to actually open the scanner by clicking on one of the files that said GUI, it actually scanned the system and found two viruses that it said it could not quarantine due to some privelage deal (PLEASE EXCUSE MY SOPHISTICATED EXPLANATIONS) I would just like to be sure that my pc is safe I use it for everything. I do not even use windows anymore ,and absolutely adore sabayon, but I must say gentoo seems tricky, kubuntu and debian were a walk in the park. So ultimately I guess I am really wondering how to keep my machine as perfect as possible, no viruses and especially from rootkits.

[kodiakmax]

While there aren't many viruses for Linux right now and while Linux inherently makes virus writing harder they do happen, they will grow in number as the Linux user base grows (sadly).

...And statments like "linux is cool, you'll never see a virus again" will eventually make you look stoopid and will make people question the value of a great OS simply because they didn't prepare.

it would be like saying I don't know anyone that's been hit by a car so I don't need to look.

Here is wikipedia's entry on linux viruses. It is well sourced for accuracy.
http://en.wikipedia.org/wiki/List_of_Li ... er_viruses

And here is why linux viruses don't last long
http://librenix.com/?inode=21

Do not believe the suggestion that the Linux community is complacent or "behind the times" in terms of viruses, or any other security issue. Linux developers have not "ignored" viruses, rather the OS is built to be highly resistant to them and since the code is "Open" there are literally thousands of eyes watching ...

For the most part, Linux anti-virus programs scan for Windows viruses which do not run on Linux. There are increasing reports, however, that Windows malware may run in wine. And browser malware/spyware/"tracking cookies" are also easier to write.

Please understand, anti-virus programs, and in fact most HIDS, are "reactive" in that they can only protect you from known viruses. They can only protect you against malware after it is developed and incroporated into HIDS, not before. Furthermore the "fix" will be to close any hole(s) in the code, these fixes will be available through security updates (which are more frequent in Linux then your previous OS if you are coming from Windows).

Reasons AGAINST antivirus on Linux:

1. They scan primarily for Windows viruses.
2. There is a high rate of false positives.
3. Isolation/inoculation is poor.
4. And currently there are no known active Linux viruses (so there is essentially nothing to detect).


Reasons FOR antivirus on Linux:

* You are running a file or mail server with Windows clients.
* You wish to scan files before transferring them, by email, flash drive, etc., to a Windows machine.

It would also depend upon how proactive your were staying up to date on security advisories.

Also keep in mind a "virus" may also come in the form of malicous "help" commands. Some piece of code you found somewhere on the net to "fix" a problem. Here are some examples: http://ubuntuforums.org/announcement.php?a=54

Browser / Spyware : Java/Flash/Ad-ware/Trackers/Cookies

This is where most users will have the most risk. We all want Java/Flash, but our Internet browser opens us to attacks.

I advise :

1. Deny all cookies and add trusted sites, allowing only for session.
2. Install NoScript. Again block all and add trusted sites to a white list.
3. Install Safe History
4. Adblocking : I block with a hosts file rather then Adblock Plus or Adblock Filterset.G because a hosts file protects more then just firefox.
* http://www.mvps.org/winhelp2002/hosts.htm
* Linux script : http://hostsfile.mine.nu/downloads/updatehosts.sh.txt

Root kits

From http://en.wikipedia.org/wiki/Rootkit :

Quote:
The term rootkit (also written as root kit) originally referred to a set of recompiled Unix tools such as ps, netstat, w and passwd that would carefully hide any trace of the intruder that those commands would normally display, thus allowing the intruders to maintain root access (highest privilege) on the system without the system administrator even seeing them.

The term is no longer restricted to Unix-based operating systems ...
Root kit detection:
rkhunter

HOWTO: http://www.skullbox.net/rkhunter.php
(for the install section just use equo)

chkrootkit

HOWTO: http://www.howtoforge.com/howto_chkrootkit_portsentry
(for the install section just use equo)