Difference between revisions of "Clamav"
Jump to navigation
Jump to search
(Created page with "``` apt-get install -y clamav clamav-daemon systemctl stop clamav-freshclam freshclam systemctl start clamav-freshclam systemctl enable clamav-freshclam ls /var/lib/clamav/ mk...") |
|||
| (6 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | |||
| + | # Install on Ubuntu/Debian | ||
| + | |||
| + | install-clamav.sh | ||
``` | ``` | ||
| − | apt-get install -y clamav clamav-daemon | + | test_dir=/tmp/test |
| + | sudo apt-get install -y clamav clamav-daemon | ||
systemctl stop clamav-freshclam | systemctl stop clamav-freshclam | ||
| − | freshclam | + | sudo freshclam |
| − | systemctl start clamav-freshclam | + | sudo systemctl start clamav-freshclam |
| − | systemctl enable clamav-freshclam | + | sudo systemctl enable clamav-freshclam |
ls /var/lib/clamav/ | ls /var/lib/clamav/ | ||
| − | mkdir | + | mkdir $test_dir |
| − | echo | + | echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > $test_dir/malware-sig-test-eicar.txt |
| − | + | sudo clamscan --infected --remove --recursive $test_dir | tee -a /var/log/clamscan.log | |
| − | |||
``` | ``` | ||
| + | |||
| + | vim /etc/clamav/freshclam.conf | ||
| + | ``` | ||
| + | # Check for new database 24 times a day | ||
| + | Checks 24 | ||
| + | ``` | ||
| + | |||
| + | # Run every night at 3am | ||
| + | |||
| + | /etc/cron.d/clamscan | ||
| + | ``` | ||
| + | 0 3 * * * root scandir=/; sudo clamscan --infected --remove --recursive $scandir | tee -a /var/log/clamscan.log | ||
| + | ``` | ||
| + | |||
| + | # In Memory on Supported versions Windows | ||
| + | - https://docs.clamav.net/manual/Usage/Scanning.html#process-memory-scanning | ||
| + | - Note: This feature requires Windows and ClamAV version 0.105 or newer. You must also be running ClamAV as Administrator. | ||
| + | ``` | ||
| + | clamscan --memory | ||
| + | ``` | ||
| + | |||
| + | |||
| + | # Ref: | ||
| + | - https://www.howtoforge.com/tutorial/configure-clamav-to-scan-and-notify-virus-and-malware/ | ||
| + | - https://www.clamav.net/downloads/production | ||
| + | - https://www.atlantic.net/vps-hosting/how-to-install-clamav-on-ubuntu-20-04-and-scan-for-vulnerabilities/ | ||
Latest revision as of 00:26, 10 November 2021
Install on Ubuntu/Debian
install-clamav.sh
test_dir=/tmp/test sudo apt-get install -y clamav clamav-daemon systemctl stop clamav-freshclam sudo freshclam sudo systemctl start clamav-freshclam sudo systemctl enable clamav-freshclam ls /var/lib/clamav/ mkdir $test_dir echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > $test_dir/malware-sig-test-eicar.txt sudo clamscan --infected --remove --recursive $test_dir | tee -a /var/log/clamscan.log
vim /etc/clamav/freshclam.conf
# Check for new database 24 times a day Checks 24
Run every night at 3am
/etc/cron.d/clamscan
0 3 * * * root scandir=/; sudo clamscan --infected --remove --recursive $scandir | tee -a /var/log/clamscan.log
In Memory on Supported versions Windows
- https://docs.clamav.net/manual/Usage/Scanning.html#process-memory-scanning
- Note: This feature requires Windows and ClamAV version 0.105 or newer. You must also be running ClamAV as Administrator.
clamscan --memory