gilbert.gif
www.famousgrouse.com

The CRYPT Mag

F-Prot

Linux is a secure OS, well compared with Windows, but thatís hardly news. So are there any virus checkers on Linux?

The answer is, of course there are.

One of the easiest (that Iíve used), is F-Prot. Again, it is free for home users.

The software can be found at http://www.f-prot.com/

There is even a version of F-Prot for Windows users, if they decide to try it as well.

Downloading can be in the form of a g-zipped tar file, or as an RPM, for those who prefer the easy way.

I downloaded the RPM file and simply double clicked on the file once it had downloaded. This spawns the requester asking for the ďrootĒ password (you canít install software without going into root) and the software installs itself.


To access the virus checker, you have to use a command line. Linux users love a shell (I use BASH), and this software doesnít have a GUI. It does, however, check your system exceedingly well. The F-Prot home page has full documentation on the usage of F-Prot and tips. It can be automatically updated using Cron (schedules the procedure). I normally just do it manually as you can see from the grabs. The definitions are updates frequently, so it might well be that Iíll set it up via Cron in the future. F-Prot also advises that you assemble a test file to check your virus checker. This is the EICAR check file. The site tells you where to get this, as well as the command options for the checker. Simply keep the EICAR file on your drive and F-Prot will report it every time when you do a scan. The file isnít a virus, but contains a text string that triggers most virus checkers.



As you can see by the grabs, I manually upgraded the checker by changing to the F-Prot directory and executing the updates option. If nothing has been updated, it returns the ďnothing to be doneĒ message. Once you have updated, it is a simple matter to check your files. Normally, I only check my home directory, but you can check the entire partition (or any drive) by changing the command. F-Prot by default checks for viruses and macros whether they are in archives or not. The full list of commands can be found on the manual pages as usual. Iím sure there will be a large variety of virus checkers on Linux, but Iíve had no problems with F-Prot, so Iíll stick with it for now. You can also check out ClamAV, if you so desire. I did, but prefer F-Prot. However, Linux is a matter of choice, and a virus checker is no exception.


Any other threats to Linux users? Well, there is what is known as a rootkit, where someone has managed to find a way into your system. The checker for this is already built in to Mandrake and, once again, head into root via Bash. Simply type chkrootkit and thatísí it.†

Well, that was hard, wasn't it?

By Ian Urie

 

© RIYAN Productions

gilberthat.gif
www.famousgrouse.com