ClamAV: A Free and Open Source An­tivirus Tool

ClamAV is a free and open source toolkit to de­tect mal­ware. It also performs Web/ email scan­ning and pro­vides gate­way se­cu­rity for Linux dis­tri­bu­tions, in par­tic­u­lar. Here’s a sim­ple guide on how to in­stall and use this tool.

OpenSource For You - - Contents -

We know that Linux is more se­cure than Win­dows, be­cause of which many peo­ple think that we don’t re­quire an­tivirus soft­ware in Linux. But the fact is that viruses and mal­ware do in­fil­trate Linux sys­tems too. Though, it is true that the risk is lower com­pared to Win­dows. Per­son­ally, I haven’t found any nox­ious in­trud­ers in my Linux box yet, but we can’t say that it will never hap­pen. So it’s bet­ter to take some pre­cau­tions to avoid any kind of at­tack.

When should ClamAV be used?

When you have very sen­si­tive data and hence don’t want to take any risks, ClamAV will pro­vide an ad­di­tional level of se­cu­rity. Use it when you want to do a sys­tem scan with­out boot­ing into the sys­tem, so that viruses and mal­ware do not get ac­ti­vated dur­ing the scan. When scan­ning ex­ter­nal mails for any mal­ware, since ClamAV is more help­ful as a gate­way scan­ner.

ClamAV in­stal­la­tion

As ClamAV is open source, many third par­ties have de­vel­oped dif­fer­ent ver­sions of it for dif­fer­ent op­er­at­ing sys­tems.

Let’s look at how we can in­stall it in Ubuntu. First, up­date the repos­i­tory pack­ets lists as fol­lows (this is op­tional):

sudo apt-get up­date

Is­sue the com­mand given be­low to in­stall ClamAV. It will in­stall clamav-fresh­clam also.

sudo apt-get in­stall clamav clamav-dae­mon

Now ClamAV is in­stalled in our sys­tem. The next step is to up­date the virus def­i­ni­tion data­base. This process is sim­i­lar to nor­mal up­dates done when in­struct­ing any an­tivirus soft­ware to fetch the lat­est virus re­lated in­for­ma­tion. Once we run the com­mand given be­low, two files -- main.cvd and daily. cvd --will be down­loaded and the virus data­base will be up­dated.

sudo freeclam

Fig­ure 3 in­di­cates an er­ror while up­dat­ing the virus data­base. This is be­cause af­ter the in­stal­la­tion of the ClamAV dae­mon, the freeclam process is al­ready run­ning; so we need to stop it or kill it be­fore run­ning the com­mand again.

The first time, it will take longer to up­date the data­base be­cause it is freshly in­stalled.

Now we will scan the /home direc­tory us­ing ClamAV. Run the com­mand given be­low to per­form the scan­ning:

clam­scan -r /home

By de­fault, it will up­date the fresh­clam dae­mon ev­ery hour (24 times). We can change this by us­ing the com­mand given be­low:

sudo dpkg­re­con­fig­ure clamav­fresh­clam

To check the ver­sion of ClamAV, use the fol­low­ing com­mand:

clamd­scan –V

We can also set a cron job for it, so that it will re­peat­edly scan the men­tioned drive/direc­tory as per the given time.

To do that, run the com­mand given be­low:

crontab –e

A crontab file will be opened and you can ap­pend the file in the given (be­low) link be­fore sav­ing the file:

0 0 1 * * clam­scan -r /lo­ca­tion

It will run the ClamAV ev­ery first day of the month at mid­night (12 a.m.).

Here is the crontab for­mat for ref­er­ence:

Minute Hour Day of Month Month

Day of Week Com­mand

(0-59) (0-23) (1-31) (112 or Jan-Dec) (0-6 or Sun-Sat)

0 0 1 * * clam­scan -r /home

Till now, we have seen scan­ning us­ing CLI; we can do the same thing us­ing a GUI too. Run the com­mand given be­low to do so: sudo apt-get in­stall ClamTK

If you find any dif­fi­cul­ties dur­ing this step, please re­fer to the link given be­low for trou­bleshoot­ing.

http://askubuntu.com/ques­tions/ 378558/un­able-to-lo­cate-pack­age­while -try­ing-to-in­stall-pack­ageswith-apt

Sim­i­larly, we can in­stall ClamAV for Win­dows. Re­fer to the link that fol­lows to down­load the .msi file for the Win­dows ver­sion.

https://www.clamav.net/down­loads

There are many third party tools sup­ported by ClamAV, though ClamAV it­self does not pro­vide any sup­port for those tools.

You can re­fer to the of­fi­cial site of ClamAV at https://www.clamav.net for more in­for­ma­tion. By: Maulik Parekh The au­thor has an M. Tech de­gree in cloud com­put­ing from VIT Univer­sity, Chen­nai. He can be reached at Web­site: maulik­parekh2@ gmail.com. https://www.linkedin. com/in/maulik­parekh2

Fig­ure 2: In­stalling ClamAV

Fig­ure 1: Up­dat­ing the repos­i­tory

Fig­ure 4: Up­dat­ing virus data­base

Fig­ure 5: Virus data­base up­date com­pleted

Fig­ure 3: Er­ror while up­dat­ing virus data­base

Fig­ure 6: Scan­ning a par­tic­u­lar direc­tory

Fig­ure 10: GUI prompt ClamTK

Fig­ure 8: Sched­ul­ing a cron job

Fig­ure 7: Scan­ning re­sults

Fig­ure 9: Mod­i­fied crontab file

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.