Sunday, 31 August 2008

Install and use ClamAV for linux anti virus

Install Clamav with either Synaptic or apt-get/aptitude.

To update the definitions use:

sudo freshclam

scanning files is as simple then as calling clamscan with the -r or --recursive flag and a path, if the path is omitted then it will scan at the current path:

clamscan -r /home/subbass
or clamscan -r

If you would rather only see infected files then use the -i or --infected flag:

clamscan -ri /home/subbass
or clamscan -ri

If you wish to scan every file on the system you may have to run clamscan with sudo, as running without it clamscan can only read files the user running it can access.

sudo clamscan -ri /

This would check every file on the system recursively and report only infected files.

You can schedule clamscan using cron or for the odd one off scans using the "at" command, such as:
at 3:30 tomorrow
at>clamscan -i /home/user > mail
job 3 at 2005-04-28 03:30
This would perform the scan at 3:30am later that night and mail the results to the defined address. To add a regular cron job try the following:

nano crontab -e

Then enter the following line at the bottom of the file

00 00 * * * sudo clamscan -r /location_of_files_or_folders
Save the file and exit.

No comments: