Skip to content

[Linux] Installation And Use Of Open Source Anti-virus Tool: ClamAV

Last Updated on 2023-11-20 by Clay

Introduction

Although Linux is reputed to be less susceptible to viruses distributed by hackers, it still remains a highly valuable and economically efficient operating system, particularly as a stable server or development environment. Consequently, Linux is not immune to malware or hacker attacks, albeit less frequent than in Windows systems.

ClamAV is an open-source antivirus software. Similar to most antivirus programs on the market, it can detect various types of malware, viruses, and threats, and is capable of scanning files or emails... essentially, it possesses all the necessary functionalities.


Installation

In Debian/Ubuntu-based Linux distributions, we can install it using the following commands:

sudo apt update
sudo apt install clamav clamav-daemon


After installation, it's advisable to immediately update the virus definition database, as the field of cybersecurity is constantly evolving.

sudo freshclam



How to Use

To perform a complete system scan using clamav, the following command can be used:

sudo clamscan -r --bell -i /


This command starts scanning from the root directory (/), only reports infected files (-i), and emits an alert sound when a virus is detected (--bell).

How do we set up this tool for scheduled scans? It's simple; we can pair it with the scheduling tool crontab.

crontab -e


Then schedule daily scans and log them.

0 1 * * * /usr/bin/clamscan -r --bell -i / > /home/<username>/clamav.log

Removal

Finally, if we no longer use clamav, the following command can be used to completely remove the tool and all its configurations.

sudo apt remove --purge clamav clamav-daemon

Reference


Read More

Tags:

Leave a Reply