I have always heard not to use antivirus on Linux but I saw the post about a guy getting a RAT exploit backdoored through wine and it had me thinking should I be using ClamAV or some other antivirus for Linux?
I have always heard not to use antivirus on Linux but I saw the post about a guy getting a RAT exploit backdoored through wine and it had me thinking should I be using ClamAV or some other antivirus for Linux?
Antivirus is not the begin all and end all. I do not specifiically have AV installed and have had 0 issuses over the past 26 years of Linux use.
On the other hand I do only install software from trusted sources. I keep my system updated. I do scan things with VirusTotal if there is a question. I have wine installed but not the exe handler. I have a firewall. I do sometimes harden my systems and use security scanners to help with that. Probably biggest attack vectors are email attachments and the web browser. I am careful about attachments. In the brower I use uBlock Origin at a minimum. I segregate sensitive things too so even compromising my general user account would not be fatal. I also have good offline and offsite backups.
As for AV like stuff. I do sometimes install ClamAV or a rootkit scanner and sometimes do a manual scan but have never found anything. Same with my IDS. My WS for example has Tripwire but not all my systems and have never found anything.
My point really, I view security about process and defense in depth then AV specifically. Keep in mind that AV introduces attack vectors too.