Jump to content
The mkiv Supra Owners Club

Mac owners advice on antivirus.

ScottC

By ScottC
in Off Topic

 Share

Recommended Posts

ScottC Newbie

ScottC

Posted
Posted

I’ve recently moved over to a Mac and I’m after some advice regarding antivirus. All of the people I’ve spoken to so far who own Macs don’t seem to run any form of antivirus what so ever. After some reading up on the interweb and from what I can gather most people don’t run any just because the risks are so low even though there a a few nastys out there.

 

So my question is do you guys run any form of antivirus / spyware as a precaution?

Link to comment
Share on other sites
RedM Newbie

RedM

Posted
Posted

You could argue that Mac and Linux should use anti-virus software.

 

When dealing with Windows users they may not always be aware of a virus being present on their machine. The Mac/Linux user may receive emails that contain a Windows-based virus. Obviously it wouldn't bother them but that virus may then be sent to a windows user who most likely won't be happy about that.

 

Of course, you could also argue that it is up to the individual to secure their system.

Link to comment
Share on other sites
Pete Enthusiast

Pete

Posted
Posted

No need.

I note a couple of virus software publishers have started to make Mac versions - but there's really no need unless you're sharing files with Windows users and would like to ensure they can't get infected through files you have stored for them. (Server stuff)

Link to comment
Share on other sites
caseys Newbie

caseys

Posted
Posted

As mentioned above clamxav is a reasonable one to do a scan

 

there aren't that many exploits running out in the wild for osx at the moment.

 

If you don't want av software I'd recommend installig firefox and running noscript plugin and use that as a browser. And deploy some common sense. Don't download or open files you're not expecting, don't run JavaScript that you don't need to. It's not viruses you have to be worried about mainly, it's execution of JavaScript generally thatcan exploit security loopholes.

 

Oh and tighten up the ports on the firewall to literally what you need.

 

And encrypt your personal folders if you're really paranoid. And if you're really paranoid then you know that most operating systems are not truly secure. The most secure system I ever came across is an IBM os which had to be built to compu with C2 security for the US government and when you run it at that level you have to modify it so it can even bloody load.

 

So yeah, most of the time wih osx just be careful of java. The most insecure things about it are it's default firewall settings but most of all it's user :) (no dig, just sayin be careful).

 

If you have an issue I'd hope you could roll back to a previous time machine backup. If you're not doing backups regularly that's the first and foremost thing you should be worried about

 

cheers

 

si

Link to comment
Share on other sites
ScottC Newbie

ScottC

Posted
  • Author
Posted

Cheers, thanks for you replies. It’s interesting to hear your views on the subject.

 

No Antivirus or spyware on my Mac, though on my PC's... Antivirus software, spyware, windows defender, windows firewall & plus the firewall on the router.

 

lol i really don’t miss all that with windows. Come to think of it I don't miss windows at all.:)

 

As mentioned above clamxav is a reasonable one to do a scan

 

there aren't that many exploits running out in the wild for osx at the moment.

 

If you don't want av software I'd recommend installig firefox and running noscript plugin and use that as a browser. And deploy some common sense. Don't download or open files you're not expecting, don't run JavaScript that you don't need to. It's not viruses you have to be worried about mainly, it's execution of JavaScript generally thatcan exploit security loopholes.

 

Oh and tighten up the ports on the firewall to literally what you need.

 

And encrypt your personal folders if you're really paranoid. And if you're really paranoid then you know that most operating systems are not truly secure. The most secure system I ever came across is an IBM os which had to be built to compu with C2 security for the US government and when you run it at that level you have to modify it so it can even bloody load.

 

So yeah, most of the time wih osx just be careful of java. The most insecure things about it are it's default firewall settings but most of all it's user :) (no dig, just sayin be careful).

 

If you have an issue I'd hope you could roll back to a previous time machine backup. If you're not doing backups regularly that's the first and foremost thing you should be worried about

 

cheers

 

si

Sounds like good advice.

 

At the moment I have time machine running on an external hard drive for the time being. Very clever how you can instantly go back in time and retrieve a file.

 

I will take a look at clamxav later today. I don’t think it will hurt to run a scan from time to time just to be sure.

 

Nothing on mine other than a slightly used rubber johnny draped over the CPU

:blink: Your back on the porn then?

Link to comment
Share on other sites
Ark Newbie

Ark

Posted
Posted

To everyone that said some variation of "no need" - you're wrong. Sorry.

 

Yes, you can reduce your risk by being careful, configuring your router/firewall properly, encrypting your wireless, not opening email attachments etc, and yes you can tell yourselves that the vast majority of viruses are written for windows systems (purely because of the larger installed user-base) but there are still mac specific viruses floating around, and it only takes one to wreck all your stuff.

 

Also remember that viruses and system vulnerabilities are different things all together. For the last couple of years it has consistently been the macs that got broken first at the annual hackers contests (quite probably because the winner got to take away the broken system, which was a top flight macbook air ;) )

Link to comment
Share on other sites
Ark Newbie

Ark

Posted
Posted
caseys, what settings do you recommend for the firewall?

 

Start with "Deny all" and go from there ;)

 

Seriously, make sure there are no inbound rules configured, so any connection has to be initiated from your PC, and use some kind of network monitor or local firewall on the computer to check what is connected outbound.

 

Go to Shields Up at Gibson research to check your config from the outside and get a report.

https://www.grc.com/x/ne.dll?bh0bkyd2

Link to comment
Share on other sites
caseys Newbie

caseys

Posted
Posted
caseys, what settings do you recommend for the firewall?

 

Start with "Deny all" and go from there ;)

 

Seriously, make sure there are no inbound rules configured, so any connection has to be initiated from your PC, and use some kind of network monitor or local firewall on the computer to check what is connected outbound.

 

Go to Shields Up at Gibson research to check your config from the outside and get a report.

https://www.grc.com/x/ne.dll?bh0bkyd2

 

Yep I'd recommend this. Deny everything then start using the applications you want to use and start enabling ports. If you don't use it, it shouldn't be open and preferably be stealthed to a sniff.

 

Glad someone else agrees that no security = bad security. That's like not locking your door at home because you live somewhere remote and hardly anyone uses your road. It doesn't mean you're not at risk, just the majority of issues occur unsurpringly, with the most popular (i.e windows) and gets the most media attention.

 

Leave a default mac on the net and ask a good security expert to get something off it or to infect your computer by you visiting a website without a good level of file security/script security and you'll just be owned.

Link to comment
Share on other sites
martini Newbie

martini

Posted
Posted
I wish people would stop saying there's no need for security measures. Security through obcurity is not a good idea at all.

 

OK, well, I have the firewall on as that's default. I refuse to pay for antivirus...

 

I rely on my backups and bootable clones. I lock ports down on my router and am very careful about what I download.

 

When I said "no need" I meant regarding installing Sophos on my home computer. I don't want buggy virus protection software on my computer.

 

I also run little snitch to monitor ALL network connections... so I'm not as lax as I may have sounded previously :)

 

) but there are still mac specific viruses floating around, and it only takes one to wreck all your stuff.

 

Any chance you could name some?

Link to comment
Share on other sites
Ark Newbie

Ark

Posted
Posted
Any chance you could name some?

 

I don't use macs, not having artistic pretensions (JOKE! sorry :D) so I wouldn't know off the top of my head. They are computers however, so the same security principles apply as _any_ other platform. A quick Google search showed up plenty of hits.

Link to comment
Share on other sites
ScottC Newbie

ScottC

Posted
  • Author
Posted
Start with "Deny all" and go from there ;)

 

Go to Shields Up at Gibson research to check your config from the outside and get a report.

https://www.grc.com/x/ne.dll?bh0bkyd2

 

Just gave this a go here are the results.

 

File sharing

 

Your Internet port 139 does not appear to exist!

One or more ports on this system are operating in FULL STEALTH MODE! Standard Internet behavior requires port connection attempts to be answered with a success or refusal response. Therefore, only an attempt to connect to a nonexistent computer results in no response of either kind. But YOUR computer has DELIBERATELY CHOSEN NOT TO RESPOND (that's very cool!) which represents advanced computer and port stealthing capabilities. A machine configured in this fashion is well hardened to Internet NetBIOS attack and intrusion.

 

Unable to connect with NetBIOS to your computer.

All attempts to get any information from your computer have FAILED. (This is very uncommon for a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS networking protocol over the Internet.

 

Common Ports

 

Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

Link to comment
Share on other sites
RedM Newbie

RedM

Posted
Posted

This is an intersesting, if long, piece about the need for anti-virus software on Linux systems.

 

http://linuxmafia.com/~rick/faq/index.php?page=virus

 

The upshot is (and I think this may apply to Mac users too) that you'd have to do something very dumb to allow a virus to damage your system.

 

FWIW I have Clam installed on mine. I use it once a month (if I remember) and it's never found anything.

Link to comment
Share on other sites
ScottC Newbie

ScottC

Posted
  • Author
Posted
This is an intersesting, if long, piece about the need for anti-virus software on Linux systems.

 

http://linuxmafia.com/~rick/faq/index.php?page=virus

 

The upshot is (and I think this may apply to Mac users too) that you'd have to do something very dumb to allow a virus to damage your system.

 

FWIW I have Clam installed on mine. I use it once a month (if I remember) and it's never found anything.

 

Thats way over my head

Link to comment
Share on other sites
Ark Newbie

Ark

Posted
Posted

For the TLDR people, the article boils down to: there are linux-specific viruses, but they tend to die off by themselves because to do any real damage you have to run them as root, and as we all know, only dumbasses run potentially damaging code as root.

 

To put in another way, windows security can be summed up with the phrase:

"Where do you want to go today?" (remember that line?)

 

*NIX systems are summed up with:

"Where do you think you're going?"

 

Quite what any of that has to do with mac boxes, I'm sure I don't know.

Link to comment
Share on other sites
RedM Newbie

RedM

Posted
Posted

 

Quite what any of that has to do with mac boxes, I'm sure I don't know.

 

I'm not a Mac fan so may have got this totally wrong but doesn't OSX prevent the user from easily doing harm to their system by preventing them from accessing the core 'whatever of it' in much the same way as Linux does?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. You might also be interested in our Guidelines, Privacy Policy and Terms of Use.