For Windows users, installing (or enabling) an antivirus on their system has become one of the first steps over the years. But for a Linux system, like Ubuntu, the choice is not as clear. Is it really necessary? In this article, I will answer your questions and give you a few tips depending on your system usage.
As a whole, installing an antivirus on Ubuntu is not mandatory. Most viruses are written to target Windows systems, and Linux users in general are still fairly safe. If you care about security, there are great solutions available for free on Ubuntu, like ClamAV.
You now have an idea on what you should do, let’s see why and how in the following sections.
Do you need an Antivirus on Ubuntu?
As a general rule, it’s still not particularly encouraged to install an antivirus on Linux systems, and so on Ubuntu. Except for specific reasons, like sharing files with Windows users, it’s not necessary.
Can Ubuntu Get Viruses?
The probability to get a virus on Linux operating systems is very low, and so on Ubuntu. It doesn’t mean it’s not possible, but it’s very unlikely to get one file that will damage your system.
As a reminder, I call a virus a file that when executed will change the system behavior by inserting its own code. They generally exploit system vulnerabilities to infect the system, and the main goals are generally sabotage or profit.
Viruses are not the only threats, and must not be confused with malware, trojan horses, or other ransomware. These other types of malicious software are more frequent than viruses, whatever the system you are using. You can also get malicious browser extensions pretty quickly if you are not careful with your web usage.
We’ll see later how to protect your Ubuntu system from all these threats, but for now, remember that Ubuntu is already pretty safe out-of-the-box, thanks to built-in security measures.
Why is Ubuntu safe and not affected by viruses?
As stated on the Ubuntu website, the operating system is built with “unrivaled security in mind”:
Some security measures on Ubuntu are also difficult to bypass in comparison to Windows. For example, most users have administrative privileges on Windows, and any program can be installed, with a double click or even in the background. On Ubuntu, the main user needs to use sudo to install anything, which is an additional security measure before installing anything (you need to type your password to accept any new installation).
Let’s face it, Linux users are also more likely to be nerds who know what they’re doing. They are more likely to know that updates are important and use other security measures to protect their systems.
Why is Ubuntu a safer operating system than Windows?
As a whole, Ubuntu is safer than Windows systems for two main reasons: it’s built with enhanced security measures (like sudo) and is less interesting for hackers, as most users are on Windows.
Windows has made some great progress in recent years regarding system security. Windows Defender is now installed by default on any new installation and is good enough to block the most commons viruses. But there are new viruses every day, and most of them target Windows users, so it’s a challenge to keep your system safe on Windows.
On the other hand, all Linux distributions are used only by about 2% of the population for desktop usage (according to StatCounter). If you are someone writing malicious code, you’ll most likely create something to target Windows users (73% of the population) instead of Ubuntu users (only a subpart of the 2% of Linux users).
How to improve the system security on Ubuntu?
I explained previously that in some cases, installing an antivirus on Ubuntu can be a good idea. I will now explain how to do this on your system.
What antivirus should I use for Ubuntu?
On Ubuntu, ClamAV is the best antivirus you can use. It has been specially designed for Unix-based systems. ClamAV gives all the protection you need, is easy to install, and is free.
Other options are available on Ubuntu, but above all ClamAV is my recommendation.
After the installation, you’ll have the ability to scan your device for malware, viruses, trojans, ISP tracking, and other security threats that can plague your system. After the software finishes the installation, it will give you some configuration options and automatically set regular updates, so you don’t have to worry about updating anything manually.
How to install ClamAV on Ubuntu?
ClamAV is a free antivirus program, available in the default Ubuntu repositories, so it can be installed directly with the package manager (apt in command line or the graphical version).
The fastest way will be to use the command line:
- Open a terminal on your system (or an SSH connection if you don’t have a desktop environment).
You can also install a desktop environment on Ubuntu Server if you like, check my tutorial on how to add XFCE on it.
- Update the packages cache with:
sudo apt update
- Then install ClamAV with:
sudo apt install clamav
- You can also add the GUI if you want:
sudo apt install clamtk
If you have the graphic interface installed, you can open Ubuntu software and look for “antivirus” for example.
The only result should be “ClamTk”, which is a graphical interface for ClamAV.
Click on the green “Install” button to install everything.
How to use ClamAV on Ubuntu?
Once installed, you can either use the command line or the GUI front-end to control it.
I will show you both.
Use ClamAV with a desktop environment
Let’s start with the easiest one:
- Find ClamTK in the applications menu and open it.
- You’ll get something like:
- There is a message “An update is available on first start”.
ClamAV updates automatically, so you don’t have to worry about this for now.
- After that, the interface is easy to use, you can choose to scan a file, a directory or the whole system (in the analysis section).
- In the configuration section, you can also change the default settings and schedule a scan for the home directory once a day. It’s also in the scheduler window that you can configure the updates frequency.
Use ClamAV in a terminal
If you don’t have a desktop environment or if you want to run things in the background (great to schedule scans or code them for example), you can also use the command line to do the same:
- Run a scan in the current folder:
- Scan a specific folder:
clamscan -r /media/usbThe -r option has to be used for a recursive scan.
- Also, I think it’s a good idea to use sudo for a whole system scan:
sudo clamscan /
- Automatically delete any suspicious file:
- Or just put them in quarantine somewhere:
To schedule one of these commands, you can create a new line in the crontab. I explain everything in this article if you are interested. It’s for Raspberry Pi, but it’s the same thing on Ubuntu, as both are based on Debian.
You can also run a command on boot if you prefer (another article I wrote to do this).
How do I know if my Ubuntu as a virus?
After installing ClamAV on Ubuntu, you’ll get a notification if ClamAV finds any potential threat on your system. It may also remove the file or add it into quarantine, depending on your configuration. So, you are pretty safe once the antivirus is installed.
Don’t worry too much anyway, virus on Ubuntu are pretty rare, as explain in the previous sections.
Before wrapping up this article, I want to talk about other threats that may affect your system, don’t miss the next part.
Other security threats on Ubuntu systems
Before getting into the examples, I have to highlight that viruses and malware are not the only security issue in Ubuntu.
Most security risks with Ubuntu occur if you use a weak password. Nowadays, short passwords are pretty easy to guess, and the default settings on Ubuntu doesn’t protect you from that kind of attack, especially if you are using it as a server. You can use a password generator like this one to get a long password but easy to remember.
Another risk is installing add-ons and applications carrying malware. If you don’t use an antivirus on your system, it wouldn’t be a good idea to download anything from suspicious websites.
If you are using Ubuntu as a server, you’ll be exposed to various attacks depending on the services running and their configuration. For example, if you are hosting a WordPress website on it, it may attract many hackers. WordPress is very popular, so any breach is quickly exploited. Regular updates and antivirus will protect you nicely, though, even better than it would on Windows systems.
Any Ubuntu server might have one of its services exposed, it’s not only WordPress. Samba, Apache, remote access, and various game servers can also encounter the same issues. The more users there are, the more hackers are interested in these applications.
Having a firewall and using additional protection like Fail2ban to block malicious traffic is also a good practice to protect your system and network.
Finally, the biggest threat comes from hardware. If you connect an external device to your computer, it might be infected and “open a door” to your network or corrupt your system.
If you want to learn more security tips, I have an in-depth guide about this that you can find here. I list the 17 most common security threats on Linux, and how to avoid them.
If you are looking for exclusive tutorials, I post a new course each month, available for premium members only. Join the community to get access to all of them right now!
Overwhelmed with Linux commands?
My e-book, “Master Linux Commands”, is your essential guide to mastering the terminal. Get practical tips, real-world examples, and a bonus cheat sheet to keep by your side.
Grab your copy now.
If you just want to hang out with me and other Linux fans, you can also join the community. I share exclusive tutorials and behind-the-scenes content there. Premium members can also visit the website without ads.
More details here.
Need help building something with Python?
Python is a great language to get started with programming on any Linux computer.
Learn the essentials, step-by-step, without losing time understanding useless concepts.
Get the e-book now.