Hi, would you know an efficient and privacy friendly Ubuntu antivirus ?

  • GnomeComedy@beehaw.org
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    1 year ago

    You’d be better served learning how to setup and use:

    • backups (and test them)
    • automate your reinstall (see ansible)
    • firewalld (RHEL/Fedora) or ufw (Ubuntu)
    • fail2ban
    • SELinux (RHEL/Fedora) or AppArmor (Ubuntu)
    • disable SSH via password, use keys only
    • adblocker (like ublock origin) - credit to whale@lemm.ee for the idea below
      • GnomeComedy@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        No, most desktops behind a NAT probably dont need fail2ban (though it wouldn’t hurt).

        Everyone’s security profile/needs are different.

        The point is that list does a hell of a lot more useful than ClamAV

              • GnomeComedy@beehaw.org
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 year ago

                If you think ClamAV on your mom’s laptop on Starbucks WiFi is doing anything useful, but you think fail2ban isn’t - you’re naive.

                On phishing - you’ve got another great example. ublock origin or any other decent adblocker will do WAAAAY more to help than ClamAV.

    • neosheo@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      For the automating of reinstalls what do you mean?

      Is it just a playbook that installs the distro, them installs the same packages, and then restores things like /home from backup?

      • GnomeComedy@beehaw.org
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        That, and:

        • put down config files that were modified
        • enable/start services that were installed
        • modify the firewall to open necessary ports

        Basically: put everything back as it was right before the ransomware encrypted your system on you.

        Then of course - fix what you did wrong that got you compromised. ;-)