Security in EndeavourOS vs Windows and antivirus/firewall/protection in Linux

Hi all friends.

I’ve been using EndeavourOS KDE as my only operating system for over a month now and I’m really happy (I regret not doing it decades ago).

But after having used antivirus/antispyware, etc. on Windows for decades, I wonder if there is no need to use antivirus or some kind of protection on, for example, EndeavourOS.

I mean, there’s no antivirus available for Linux, right? But if there is a firewall, which I suppose is the only protection Linux has?

So do I have to configure the firewall or something like that, or is it configured by default? Should I download a “better” Firewall from the repositories or something?

Because, I installed EndeavourOS and started installing applications from the Core, Extra, Multilib, EndeavoursOS repositories, but I try not to download anything from AUR for greater security (although sometimes it is the only option, but they are very famous programs like proton, and I am I’m sure I can trust that).

I tend to think that everything here works like it does in Windows, although I know it doesn’t, but I feel like maybe I’m missing out on some extra protection for EndeavourOS, which is why I started this thread.

Is there something I need to install, or is Linux just so secure that you don’t need antivirus etc?

Thanks in advance friends.

1 Like

You have asked a controversial question :slight_smile:

Many people believe they are critical, others believe they are useless on Linux. The reality is changing all the time with new threats being constantly discovered so it is hard question to answer.

There are products available.

It is configured by default to allow nothing in and anything out. This provides protections against threats that originate outside your device that try to attack from the network.

The network firewall, firewalld, installed by default should be sufficient for it’s intended purpose.

However, there are other types of firewalls such as application firewalls that can be added in addition to the network firewall you should already have installed.

Many of these do things such as controlling traffic in both directions from applications and allowing you more control over what applications can and can’t do.

Linux is not inherently more secure than most other OSes. You need to make it secure.


Speaking of Antivirus: On Windows Systems this kind of programms is often called “Snakeoil”, and I share that opinion. Thing is - protection via software against other software, which runs on the same machine, in the same context, just makes no sense. Further more, the Anti-Virus-Software can easily be exploited and weakens your system even more. Within Windows: Don’t. Just don’t.
Regarding Security on Linux: Your basic installation of Linux is not very secure. Your basic installation of EOS is a little bit more secure (due to the firewall). But you can add onto this quite easily and - this is in opposition to windows - quite effectivly. Search a bit about linux hardening. This page here:
could be a good starting point.

Godd Luck, enjoy!


btw, since we’re on topic - i always wanted to know what would you recommend as per-program firewalls for Arch?

I kinda like the idea of fine-grain control…


I still use Windows at work and in VMs at home. Because I need to use it because one of my favorite languages is C#. The issue with Windows is it doesn’t have a gate like most Linux distros do. The UAC which was implemented in Windows 7 is similar to Linux sudo (I’m just comparing it lightly don’t go ballistic on me). Which kind of added an extra layer of security but letting users disable that was bad. But since Windows 7 it has come a long way. Why Windows is threatened more is that it is widely used. The way Windows lets users install software from individual vendors using executable binaries which can be infected or repacked with malicious software or code is one of the biggest mistakes along with many other faults or oversights of the developers. Also, OS not being opensource no other expert can point out the problems or fix an issue quickly. So, once a problem is found it takes time for Windows to release a patch.

But when it comes to Linux the platforms are vivid because anyone can configure the distro to his/her liking along with hardening the environment makes it harder for black hats to make software/scripts harm each and every platform using Linux. The other thing Linux does is have a much better implementation of installing software onto a system. Linux distros and users tend to use the official repository and trusted sources to install software. Not to forget that we our selves can inspect the software scripts to see what’s going on in an executable.

But still, all the security boils down to the one in front of the screen. As long as we don’t run any command/executable scripts from unknown sources and stay away from shady websites our systems we can take it easy.

I think there are some products but I’ve never needed them. The default firewall is enough for me. I did harden my system once but didn’t like it. Reversed back to the normal system and found a middle path. Even on Windows, I don’t use that much stuff. I do use Avast (I’m not a privacy extremist so I don’t care much about what they about the software) It has been serving me good for almost a decade.

I would say the default firewall and dash of hardening settings would serve you well but it’s up to you. I’ve never had any issues with Arch/Endeavour or on Windows.

AUR is vetted not by Arch itself but by thousands of users who go through these packages. I would say AUR is safer than NPM.

Nope. Use a good browser other than Google Chrome and I think you’re good to go. If you feel insecure. Below link might help.


A good firewall is really all you need, and you’ve got that. There are applications like ClamAV for Linux antivirus, but I’ve never used those.

I started about 6 years ago in earnest, initially back in 2012 but that was off and on. I’ve used dozens of distros and have found EOS fits best for me too.

On per application firewall type stuff, you could check out firejail. I think that will do what you’re looking for though I have no idea how to configure it.


Thank you all very much, friends.

I am going to read all of this carefully this week to understand everything correctly, since I have to assimilate many concepts that are new to me.


Hi Nicknick,

Welcome to the wonderful world of securing what you got. Its a slippery slope when you consider:

  1. Securing your computer and reducing the attack surface (e.g. uninstall unneeded software and services).

  2. Managing what your computer shares (e.g. firewall, setting up web browswer privacty settings).

  3. Audit Computers state (e.g. using Antivirus and Lynis to see where your computer is at in relation to security standards.

LearnLinuxTV | Awesome Linux Tools: Lynis from CISOfy

I can tell you that I seem to be learning weekly about different techniques.

Question, what are you trying to secure (laptop, desktop or Server)?

In my case I tend to use portable devices like a laptop, so stuff I would consider:

  1. Usbguard to secure your USB ports.

  2. Firejail, to sandbox your applications.

  3. Disable Root from SSH.

There are 5 articles at Nullbyte with Videos which discuss various approaches (again I have experimented over the years … i would recommend you do the same).

1 Like

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.