Loading...
Latest news
HTTP2 Support and Install – Part 2
HTTP2 Support and Install – Part 1
Goaccess
CMS Master Slave Rules
Apache 2.4 with PHP-FPM
Real Time Concepts

ClamAV

Laxman -

Overview
ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats

Installation

RHEL / Cent

  • ### Requires EPEL
  •  yum install clamav clamav-update -y
  •    sed -i “/^Example/d” /etc/freshclam.conf

Ubuntu

  • apt-get update
  • apt-get install clamav -y

Usage

  • screen
  • freshclam
  • clamscan –infected –recursive /var/www –log=/var/log/clamscan.log
  • CTRL+A+D
  • screen -ls

Gotchas
Control Panel DirectAdmin and MTA Exim can be using ClamAV by default. If you remove ClamAV, Exim will error out with:

malware acl condition: clamd: unable to connect to UNIX socket /var/run/clamav/clamd.sock (Permission denied) 451 Temporary local problem – please try later

To stop Exim using ClamAV, hash out the line:

  • # ClamAV
  • # av_scanner = clamd:/var/run/clamav/clamd.sock

Official Documentation Links

Vendor Site: https://www.clamav.net/
ClamAV Github FAQ – https://github.com/Cisco-Talos/clamav-faq
Ubuntu ClamAV Documentation – https://help.ubuntu.com/community/ClamA

Leave a Reply

Your email address will not be published. Required fields are marked *