Last Updated on 2023-11-20 by Clay
Introduction
Although Linux is reputed to be less susceptible to viruses distributed by hackers, it still remains a highly valuable and economically efficient operating system, particularly as a stable server or development environment. Consequently, Linux is not immune to malware or hacker attacks, albeit less frequent than in Windows systems.
ClamAV is an open-source antivirus software. Similar to most antivirus programs on the market, it can detect various types of malware, viruses, and threats, and is capable of scanning files or emails... essentially, it possesses all the necessary functionalities.
Installation
In Debian/Ubuntu-based Linux distributions, we can install it using the following commands:
sudo apt update
sudo apt install clamav clamav-daemon
After installation, it's advisable to immediately update the virus definition database, as the field of cybersecurity is constantly evolving.
sudo freshclam
How to Use
To perform a complete system scan using clamav, the following command can be used:
sudo clamscan -r --bell -i /
This command starts scanning from the root directory (/
), only reports infected files (-i
), and emits an alert sound when a virus is detected (--bell
).
How do we set up this tool for scheduled scans? It's simple; we can pair it with the scheduling tool crontab
.
crontab -e
Then schedule daily scans and log them.
0 1 * * * /usr/bin/clamscan -r --bell -i / > /home/<username>/clamav.log
Removal
Finally, if we no longer use clamav, the following command can be used to completely remove the tool and all its configurations.
sudo apt remove --purge clamav clamav-daemon
Reference
- ClamAV Official Website: ClamAV.net
- ClamAV Official Documentation: ClamAV Documentation
- Ubuntu Community Help Wiki: Ubuntu Community Help Wiki