Although viruses are quite common on Windows machines, Linux based computers such as the Raspberry Pi don’t really suffer from virus attacks. There have been some proof of concept virus attacks on Raspberry Pi’s but they are aimed at “seeing if it can be done” rather than aiming to cause any actual damage. Also, most Raspberry Pi users are reasonably tech-savvy which is in itself a barrier to both virus creation and installation.
There are a few reasons why the Raspberry Pi isn’t prone to virus attacks:
Using a repo system (e.g. apt) means that software is usually only installed from recognised sources and verified against GPG keys. This vastly reduces the chance of installing and viruses on your Raspberry Pi.
Many different Raspberry Pi systems
On Windows, you only have the Windows 7, 8 and 10 operating systems so its relatively straight forward to write a virus as you know exactly what the target machine will be running. On Raspberry Pi (and to a greater extent, Linux) there are at least 8 different distributions (NOOBS, Raspbian, Ubuntu Mate, OSMC, OpenElec, Risc, etc) with many different software permutations for each. Therefore a particular target is much more difficult to define.
Using the Raspberry Pi without root permissions is also a good deterrent against viruses. To install a .deb file you need to have root privileges although it is possible to install software from a tarball into your home directory and infect your system from there if you’re not sure where it came from. So make sure that you only install software from trusted locations.
Although Linux is resistant to most virus/malware attacks, precautions should still be taken to minimse risk. These precautions come in the form of virus and malware scanners.
Install a virus scanner
Virus protection on the Raspberry Pi can be done using Clam AV. Downloading and installing is pretty straightforward but bear in mind that you have to install both clamav and the clamav-daemon:
sudo apt-get install clamav clamav-daemon
The configuration file for clamav-daemon can be found at:
Next, update the virus definitions:
Now you can start your scan. The following command scans the /home/USER directory and moves any infected files into the /home/USER/VIRUS directory.
sudo clamscan -r --move=/home/USER/VIRUS /home/USER
Other switches and flags can be found by typing:
ClamAV also scans for Windows viruses, which is important when sharing files with Windows users. Also, if you run a mail server on your Raspberry Pi, ClamAV can check attachments for infection.
Install a malware checker
As well as protecting against virii, it is also recommended to protect against malware. rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It can be installed as follows:
sudo apt-get install rkhunter
The next few commands update the data files, install the baseline database and perform the initial run.
sudo rkhunter --updatesudo rkhunter --propupd
sudo rkhunter -c --enable all --disable none
Have a look at the official site for further information on Rootkit Hunter.
Now you have virus protection enabled on your Raspberry Pi, don’t forget to run scans on a regular basis. You can set up a cron job to run the scan at anytime convenient to yourself by adding a line to your crontab.
Published on Sat 26 April 2014 by Gary Hall in Linux with tag(s): raspberry pi virus protection