linux_wiki:clamav

This is an old revision of the document!

Clamav

General Information

ClamAV is “an open source antivirus engine for detecting trojans, viruses, malware and other malicious threats.”

Official Site: http://www.clamav.net/index.html

Checklist

  • Distro: Enterprise Linux 6.x
  • Repo: EPEL

Installation

Add the EPEL repo 

yum -y install epel-release

Install ClamAV 

yum -y install clamav

Configuration

freshclam

Virus definition updater for ClamAV.

  • Config: /etc/freshclam.conf
  • Daily Cron: /etc/cron.daily/freshclam

/etc/freshclam.conf - Ensure Database Mirrors are correct 

DatabaseMirror db.us.clamav.net
DatabaseMirror db.local.clamav.net

If you have a Squid proxy 

HTTPProxyServer myserverhostname
HTTPProxyPort 3128

Run manual virus updates 

freshclam

Operation

clamscan

Clamscan is the utility that scans files and directories for viruses.

Scan a single file 

clamscan myfile

Scan the current working directory 

clamscan

Scan a directory recursively 

clamscan -r /home/rjones

Scan a stream 

cat myfile | clamscan -

Clamscan return codes

  • 0 ⇒ no virus found
  • 1 ⇒ virus(es) found
  • 2 ⇒ Some error(s) occured
  • linux_wiki/clamav.1444352961.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)