[00:14] <amurray> good morning
[00:26] <tyhicks> hey amurray :)
[00:26] <sarnold> hey tyhicks, amurray :)
[00:26] <Unit193> Howdy, amurray, tyhicks, sarnold.
[00:27] <sarnold> hey Unit193 :)
[00:34] <tyhicks> hey there Unit193 :)
[10:31] <mdeslaur> good morning
[10:32] <ebarretto> o/
[11:58] <amurray> hey mdeslaur :)
[18:03] <IvanSpain> I know this is not a support forum but ... what security utility/software does ubuntu recommends for new users?
[18:04] <IvanSpain> by that I mean a tool to scan my drive for malwares
[18:05] <IvanSpain> I appologize if this kind of question is not intended for this room
[18:09] <sdeziel> IvanSpain: you could use clamav to scan files on demand (or on access if you wish)
[18:11] <IvanSpain> thanks sdeziel
[18:13] <IvanSpain> I just got started with Ubuntu and know on linux security depends mainly on the user being careful..
[18:14] <IvanSpain> but still. I brought a lot of files that were on a windows system so I want to be sure everything is ok with them
[18:14] <sdeziel> IvanSpain: being careful and applying updates quickly are indeed a good starting point
[18:14] <hmr4c> IvanSpain: or you can use Lynis.
[18:18] <IvanSpain> would you say clamav is easier to use than Lynis?
[18:18] <IvanSpain> for a non-sysadmin savvy guy
[18:19] <IvanSpain> and also do you know if any of those can detect windows viruses?
[18:19] <IvanSpain> or just linux viruses?
[18:19] <hmr4c> I think clamav is easier for non-root user.
[18:20] <sdeziel> IvanSpain: I don't konw Lynis but clamav should catch some viruses no matter what OS they target
[18:22] <IvanSpain> ok, it looks like i'll try Clamav then... 
[18:22] <IvanSpain> thanks a lot man
[18:23] <IvanSpain> it seems so hmr4c
[18:25] <IvanSpain> have a nice one you all
[19:06] <tomreyn> clamav for on access scanning isn't that easy to setup unfortunately, especially not with GUI integration.
[19:08] <tomreyn> it also has quite the performance impact, at least for some minutes after boot (i'm not sure why).
[19:09] <sarnold> it's also not super-useful for linux systems unless they're serving as shared storage for windows clients
[19:11] <tomreyn> right, there's the common use case where you'd exchange files which could possibly impact other systems with such systems, through email or messaging or other file sharing systems, and where you'd take have to take the blame for putting others at risk. not neccessarily a use case for on access scanning, but you might want to scan those before a copy leaves your system.
[19:12] <tomreyn> *possibly impact other system with such viruses
[19:14] <tomreyn> ideally such is then filtered out on the network / server it passes through, but that's not always the case, or you might still take the blame.
[19:15] <tomreyn> e.g. ms teams only does malware filtering on the more expensive subscriptions
[19:16] <sdeziel> I once had to deal with a system accepting file uploads and for which we needed to ensure it went through a virus scanner to avoid being distributed to others... ClamAV on-access scanning and blocking (using fanotify if I'm not mistaken) worked well enough to make the compliance folks happy ;)
[19:16] <sdeziel> eicar.com is the only virus the system ever caught mind you ;)
[19:29] <sarnold> :D
[23:35] <amurray> good morning
[23:37] <sarnold> hey amurray :)
[23:38] <amurray> morning sarnold :)
[23:39] <amurray> hmm re security software, has anyone looked at Microsoft Defender on Linux? I keep meaning to give it a try but never find the time...
[23:42] <sbeattie> I have not.
[23:43] <sarnold> hunh I thought I heard they were discontinuing that. now it's standard on win10 and available for linux? heh
[23:48] <hggdh> sarnold: coming soon to a theater, erm, Linux, near you
[23:48] <sarnold> hehe
[23:49] <hggdh> I have actually been thinking of installing it as part of the beta
[23:51] <sarnold> the "onboarding" process doesn't look like great fun; I wonder if that's actually necessary for it, or if that's only if you've got a network dsashboard thingy from them
[23:53] <hggdh> I think it mostly depends on the threat scenario, but I am still to receive auth to do it, so...