Site icon VPS Windows

Instructions to install and use ClamAV on Linux to scan for viruses/malware/trojans

Technicals Windows
Instructions to install and use ClamAV

Instructions to install and use ClamAV 2

When the Server is infected with viruses/trojans/malware, we need software to detect and remove viruses, and ClamAV is one of the most popular and effective software. The following article will guide you on Instructions to install and use ClamAV on Linux to scan for viruses/malware/trojans

 

What is ClamAV?

ClamAV (Clam Anti Virus) is an open source engine (software core) dedicated to detecting trojans, viruses, malware and other threats.

AntiVirus programs all depend on a database containing virus identification signs such as: signature, checksum…, so we need to regularly update the database of Anti-Virus programs to increase the effectiveness of virus detection and killing.

Instructions to install and use ClamAV on Linux to scan for viruses/malware/trojans

Instructions to install ClamAV on Linux to scan for viruses/malware/trojans

  1. Log in to VPS via SSH

You need a VPS running Ubuntu 20.4, register for a free account and buy VPS Ubuntu 20.4 here.

  1. Install ClamAV on Linux

+ Centos/RHEL

# yum install -y clamav clamd

#yum install -y clamav-server clamav-server-systemd clamav-scanner-systemd clamav-data clamav-update clamav-filesystem clamav clamav-devel clamav-lib

+ Debian/Ubuntu

# apt-get install -y clamav clamav-daemon

# clamscan --version

 

Instructions to use ClamAV on Linux to scan for viruses/malware/trojans

  1. Start the ClamAV service

Normally, ClamAV is only used for normal scanning. But when activating the service mechanism, ClamAV will be loaded into RAM and other services can access the ClamAV service port to use the virus scanning feature quickly.

The ClamAV service (clamd or clam-daemon), is often used for advanced operations such as scanning incoming emails for viruses. So do we need to start this service?! The answer is no, if you do not use the advanced features combined. But how to start this service?

+ Init system (CentOS/RHEL 6 Ubuntu 14.04)

# /etc/init.d/clamd start

# chkconfig clamd on

+ Systemd system (CentOS/RHEL 7 Ubuntu 16.04

# systemctl start clamd

# systemctl enable clamd

  1. Update Virus sample databases

As mentioned at the beginning of the article, you need to regularly update the database containing virus/malware identification samples so that ClamAV can scan and detect them, we use the following command:

# freshclam

The updated database files will be saved at:

/var/lib/clamav/daily.cvd

/var/lib/clamav/main.cvd

  1. Proceed to use ClamAV Scan Virus

‘Clamscan’ is the main binary program of ClamAV used to scan for malware. To see the usage options of ‘clamscan‘, use the option ‘–help‘.

# clamscan –help

ClamAV can scan one or more specified files or an entire specified directory.

# clamscan eicar

# clamscan --recursive=yes --infected --exclude-dir='^/etc' /

#clamscan -r <path you want to scan>

Notes:

  1. Download a Virus Sample

This is a sample that contains only common signatures and no malware.

# wget –O- http://www.eicar.org/download/eicar.com.txt | clamscan -

You can write a shell script to automatically scan for viruses at a specific time of day using the “cron” service.

  1. Configure ClamAV cronjobs

To configure the system to scan for malware periodically by cronjob, do the following:

# crontab -e

0 0 * * * clamscan --recursive=yes --infected /home/

With the above cronjob configuration, every day at 00:00 in the morning, the ClamAV program will scan for malware and trojans in the /home/ directory

The above are instructions for installing ClamAV on Linux to scan for viruses/malware/trojans. Wish you a successful operation.

If you have any questions about VPS services, please contact us for advice and register for a free VPS account.

Exit mobile version