Privacy Guides @lemmy.one LMP @lemmy.one 1 yr. ago

Privacy friendly Ubuntu antivirus ?

Hi, would you know an efficient and privacy friendly Ubuntu antivirus ?

You're viewing a single thread.

17 comments

You'd be better served learning how to setup and use:

backups (and test them)

automate your reinstall (see ansible)

firewalld (RHEL/Fedora) or ufw (Ubuntu)

fail2ban

SELinux (RHEL/Fedora) or AppArmor (Ubuntu)

disable SSH via password, use keys only

adblocker (like ublock origin) - credit to whale@lemm.ee for the idea below
- Permanently Deleted
  
  No, most desktops behind a NAT probably dont need fail2ban (though it wouldn't hurt).
  
  Everyone's security profile/needs are different.
  
  The point is that list does a hell of a lot more useful than ClamAV
  
  Permanently Deleted
  
  Sounds like you've got a better solution, but I think you forgot to mention what it was.
  
  Permanently Deleted
  
  If you think ClamAV on your mom's laptop on Starbucks WiFi is doing anything useful, but you think fail2ban isn't - you're naive.
  
  On phishing - you've got another great example. ublock origin or any other decent adblocker will do WAAAAY more to help than ClamAV.
  
  Permanently Deleted
  
  @whale @GnomeComedy
  This also assumes they know how to tell if it is exposed or not.
  
  I normally setup fail2ban as soon as I know something exposed to the outside.
  
  Permanently Deleted
- For the automating of reinstalls what do you mean?
  
  Is it just a playbook that installs the distro, them installs the same packages, and then restores things like /home from backup?
  
  That, and:
  
  put down config files that were modified
  
  enable/start services that were installed
  
  modify the firewall to open necessary ports
  
  Basically: put everything back as it was right before the ransomware encrypted your system on you.
  
  Then of course - fix what you did wrong that got you compromised. ;-)
  
  How would you determine the configs that were modified? What do you mean put down?
  
  Ideally you keep your configs in a git repo (like github). You know what's modified because you're the one who modified them. If you modify them - put that config file in the git repo.
  
  As for "put down" I just meant copied to the system (from github) by your automation (like ansible)
  
  https://docs.ansible.com/ansible/latest/getting_started/index.html

You've viewed 17 comments.