Questition for the english board. What antivirus is best?

[LRC1962]

Granted that linux is still relatively free of viruses as long as you use best practices for installing stuff, but it is not 100% fool proof.
I have looked at avira and do not like what I see as to make it work I need to go back to old kernel and setups, which means I get limited advantages of what siduction can offer. I am also look at Sophos, but that also has a kernel problem, which seems to have a work around, but have not yet tried it out.
Question is: what is out there that not only keeps itself up to date with definitions, but can work with the most resent kernels?

[piper]

I have never ran a antivirus, I really don't see a reason, even on my windows box (for a few games) I don't run one.

[musca]

Hello LRC1962,

I haven't seen any attacks in the last 10 years of using sidux/aptosid/siduction on my desktops.
Also the german BSI doesn't recommend antivirus for Ubuntu desktops.

But if you use WINE or SAMBA shares (to be accessed by windows clients), an antivirus solution might be useful.

Running some (comercial) third party software on an unstable system can be difficult, especially when it comes to non-free kernel modules. E. G. Sophos Antivirus for Linux only delivers binary modules for the TALPA On-Access scanning method for supported systems, so siduction users will need to compile their own Talpa binary module or configure Fanotify.
Sophos provides documentation of the required steps, but I haven't tried yet:
https://community.sophos.com/kb/en-us/14377

Greetings
musca

[domicius]

I'm also not using one, but each of our usage patterns differ so what might work for one of us, certainly doesn't apply to each and every one of us as well.

For example, for a lot of business stuff, I'm mostly using cloud (G Suite), have no offline email clients and I'm pretty much wary of what I allow in my browser (Firefox), thus I'm always using some sort of stuff blocking certain scripts etc. (used to be NoScript, now it's uBlock and while back when Flash was rampant, my very first addon to always install was Flashblock).

Thought I still have installed clamav, and while it's not running in the background and scanning things, the freshclam (regularly updating virus definitions) module is. Even though I know clamav isn't perfect (but then which AV solution is?), it's nice to know I can quickly scan something if I ever wanted to. Can't seem to remember I ever did.

On Win clients in the office, we use Bitdefender (Endpoint Security) and while they have something for Linux (https://www.bitdefender.com/business/antivirus-for-unices.html), I'm not comfortable installing something like that. It's neither in the repository nor open-source. I feel like just installing that would pose a bigger compromise of integrity of my system than not having any AV solution.

[dibl]

My very aged mother runs a Debian stable system that is only used for internet browsing, board games, and e-mail.  She is happy to click any mystery link in any spoofed e-mail from a virus-infected friend.  Multiple times she has clicked on malware or ransom-ware that locks the browser open in fullscreen mode and disables they keyboard and mouse. So then she closes the lid on the laptop and calls me on the phone.  Via ssh I have to kill the browser processes and reboot it, or else physically hit the reset button.  In 6 or 7 years of this nonsense, the underlying Linux OS has never been damaged. If it was, I would just reinstall it. So ....

[LRC1962]

GIven that I am paranoid about my browsers (ublock disconnect, bagder ) and the ease of reinstalling siduction, with most of my setups still available. And with the additional problems of almost no AVs available for sid  kernels, plus the resources needed to run it, I will forgo the AV adventure until such time that viruses do indeed will cause linux users trouble.
Many thanks for your input.