Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
linux_wiki:clamav [2018/03/23 15:28] billdozor [Operation] |
linux_wiki:clamav [2018/04/09 00:46] billdozor [Service] |
||
---|---|---|---|
Line 5: | Line 5: | ||
ClamAV is "an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats." | ClamAV is "an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats." | ||
- | Official Site: [[http:// | + | * Official Site: [[http:// |
+ | * Virus Database Mail List Archives: http:// | ||
+ | * User Mailing List Archives: http:// | ||
**Checklist** | **Checklist** | ||
Line 14: | Line 16: | ||
====== Installation ====== | ====== Installation ====== | ||
+ | |||
+ | Installing ClamAV. | ||
* Add the [[linux_wiki: | * Add the [[linux_wiki: | ||
- | * Install ClamAV< | + | * Install ClamAV |
+ | * EL 6<code bash> | ||
+ | * EL 7<code bash>yum install clamav clamav-update</ | ||
+ | * Install ClamAV' | ||
+ | * EL 6<code bash>yum install clamd</ | ||
+ | * EL 7<code bash> | ||
---- | ---- | ||
====== Configuration ====== | ====== Configuration ====== | ||
+ | |||
+ | Configuring ClamAV. | ||
+ | |||
+ | ---- | ||
===== freshclam ===== | ===== freshclam ===== | ||
Line 49: | Line 62: | ||
====== Operation ====== | ====== Operation ====== | ||
+ | Using ClamAV. | ||
+ | ---- | ||
===== Application Users ===== | ===== Application Users ===== | ||
Line 62: | Line 77: | ||
* Freshclam runs as: clamupdate | * Freshclam runs as: clamupdate | ||
* Clamd runs as: clamscan | * Clamd runs as: clamscan | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ===== Service ===== | ||
+ | |||
+ | Freshclam is NOT a service. It is run via a daily cron script. | ||
+ | |||
+ | \\ | ||
+ | Clamd (the scanning daemon) is run as a service. It does not scan anything by itself unless "on access scanning" | ||
+ | * To scan certain directories regularly, either enable on access scanning, or create a cron that runs clamdscan against directories. | ||
+ | |||
+ | **Enable On Boot** | ||
+ | |||
+ | Service is enabled on boot | ||
+ | * EL6<code bash> | ||
+ | * EL7<code bash> | ||
+ | |||
+ | **Service Status** | ||
+ | |||
+ | * EL6<code bash> | ||
+ | * EL7<code bash> | ||
+ | |||
+ | **Service Start** | ||
+ | |||
+ | * EL6<code bash> | ||
+ | * EL7<code bash> | ||
+ | |||
+ | **Service Stop** | ||
+ | |||
+ | * EL6<code bash> | ||
+ | * EL7<code bash> | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ===== Log Files ===== | ||
+ | |||
+ | Log files are located: | ||
+ | * Freshclam | ||
+ | * EL 6: / | ||
+ | * EL 7: / | ||
+ | * Clamd | ||
+ | * EL 6: / | ||
+ | * EL 7: / | ||
+ | |||
+ | ===== Other Files ===== | ||
+ | |||
+ | * **Freshclam (Virus Definitions Database Updater)** | ||
+ | * Application: | ||
+ | * Configuration: | ||
+ | * Auto Update job: / | ||
+ | |||
+ | * **Scanning Daemon (clamd)** | ||
+ | * Configuration: | ||
+ | * EL 6: / | ||
+ | * EL 7: / | ||
+ | |||
+ | * **ClamAV Databases**: | ||
+ | * bytecode.cvd - detailed bytecode signatures database for virus detection | ||
+ | * daily.cld - daily definition database from deltas build throughout the day | ||
+ | * main.cvd - main database of definitions | ||
---- | ---- |