For Linux/Unix systems, an antivirus is also sometimes required. For example, to scan files on a hosting or to scan network traffic. The most common antivirus for nix systems is ClamAV. ClamAV is an open-source (GPL) anti-virus engine used in a variety of situations including email scanning, web scanning, and endpoint security. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command-line scanner and an advanced tool for automatic database updates.
- Command-line scanner
- Milter interface for sendmail
- Advanced database updater with support for scripted updates and digital signatures
- Virus database updated multiple times per day
- Built-in support for all standard mail file formats
- Built-in support for various archive formats, including Zip, RAR, Dmg, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others
- Built-in support for ELF executables and Portable Executable files packed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others
- Built-in support for popular document formats including MS Office and MacOffice files, HTML, Flash, RTF and PDF
We will guide you on how to install ClamAV on Ubuntu. The antivirus itself has a modular structure. Each module is responsible for its functions.
clamscan – for checking files.
clamav-daemon – for downloading anti-virus at system startup.
clamfs is a third-party module for checking FS on the fly.
havp is a third-party antivirus proxy for checking traffic on the fly.
You can install ClamAV from the package on Ubuntu repository.
sudo apt-get install clamav
After installation, you need to update the anti-virus database. This is done by the command:
After updating the databases, the antivirus is ready to use. Checking files and directories with antivirus is performed by the command:
clamscan –i –r directory
-i – display information only about infected files
-r – scan all subdirectories recursively
It is good to use this mechanism for manual scanning, but if you need a constant scan (for example, if the server is used as a file-sharing), then you need to install clamav-daemon
sudo apt–get install clamav–daemon
The daemon settings are located in the /etc/clamav/clamd.conf file.