Difference between revisions of "ClamAV"

From ArchWiki
Jump to: navigation, search
(Just a stub before, kinda is still but better, better organized, got the basics)
m
Line 1: Line 1:
 
{{i18n_links_start}}
 
{{i18n_links_start}}
{{i18n_entry|English|Install and configure Antivirus ClamAV}}
+
{{i18n_entry|English|ClamAV}}
 
{{i18n_entry|Español|Cómo instalar y configurar ClamAV Antivirus}}
 
{{i18n_entry|Español|Cómo instalar y configurar ClamAV Antivirus}}
 
{{i18n_links_end}}
 
{{i18n_links_end}}
Line 6: Line 6:
 
Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX.  It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates.  Because ClamAV's main use is on file/mail servers for Windows desktops it primarily detects Windows viruses and malware.
 
Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX.  It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates.  Because ClamAV's main use is on file/mail servers for Windows desktops it primarily detects Windows viruses and malware.
  
=Install=
+
==Installation==
 
+
 
Install with pacman by:
 
Install with pacman by:
 +
# pacman -Sy clamav
  
pacman -Sy clamav
+
==Configuration==
 
+
=Configure=
+
 
+
 
To run as a server edit {{Filename|/etc/clamav/clamd.conf}} and {{Filename|/etc/clamav/freshclam.conf}} and comment out the ''Example'' flag.  In {{Filename|/etc/conf.d/clamav}} change the start options from "no" to "yes".
 
To run as a server edit {{Filename|/etc/clamav/clamd.conf}} and {{Filename|/etc/clamav/freshclam.conf}} and comment out the ''Example'' flag.  In {{Filename|/etc/conf.d/clamav}} change the start options from "no" to "yes".
  
<pre># change these to "yes" to start
+
# change these to "yes" to start
START_FRESHCLAM="yes"
+
START_FRESHCLAM="yes"
START_CLAMD="yes"</pre>
+
START_CLAMD="yes"
  
 
* To start clamav at boot edit {{Filename|/etc/rc.conf}} and add clamav.
 
* To start clamav at boot edit {{Filename|/etc/rc.conf}} and add clamav.
  
=Update Database=
+
==Update Database==
 
+
 
The daemon needs to be running for the virus update to be updated:
 
The daemon needs to be running for the virus update to be updated:
 
+
  # /etc/rc.d/clamav start
  /etc/rc.d/clamav start
+
  
 
Then update the virus definitions with:
 
Then update the virus definitions with:
 +
# freshclam
  
freshclam
+
==Scan for Viruses==
 +
{{Codeline|clamscan}} can be used to scan certain files, home directory, or an entire system:
  
=Scan for Viruses=
+
$ clamscan myfile
 +
$ clamscan -r -i /home
 +
$ clamscan -r -i --exclude-dir=^/sys\|^/proc\|^/dev /
  
<code>clamscan</code> can be used to scan certain files, home directory, or an entire system:
+
If you'd like {{Codeline|clamscan}} to remove the infected file use the {{Codeline|--remove}} option in the command.
 
+
clamscan myfile
+
clamscan -r -i /home
+
clamscan -r -i --exclude-dir=^/sys\|^/proc\|^/dev /
+
 
+
If you'd like <code>clamscan</code> to remove the infected file use the <code>--remove</code> variable in the command.
+
 
+
=Troubleshooting=
+
  
 +
==Troubleshooting==
 
If you get the following messages after running freshclam:
 
If you get the following messages after running freshclam:
 +
WARNING: Clamd was NOT notified: Can't connect to clamd through
 +
/var/lib/clamav/clamd.sock connect(): No such file or directory
  
<pre>WARNING: Clamd was NOT notified: Can't connect to clamd through
+
Add a sock file for clamav:
/var/lib/clamav/clamd.sock connect(): No such file or directory </pre>
+
  # touch /var/lib/clamav/clamd.sock
 
+
  # chown clamav:clamav /var/lib/clamav/clamd.sock
Add a sock file for clamav
+
 
+
  touch /var/lib/clamav/clamd.sock
+
  chown clamav:clamav /var/lib/clamav/clamd.sock
+
  
 
If you get the next error when starting the daemon:
 
If you get the next error when starting the daemon:
<pre>LibClamAV Error: cli_loaddb(): No supported database files found
+
LibClamAV Error: cli_loaddb(): No supported database files found
in /var/lib/clamav ERROR: Not supported data format</pre>
+
in /var/lib/clamav ERROR: Not supported data format
 
   
 
   
 
Run freshclam as root:
 
Run freshclam as root:
  freshclam -v
+
  # freshclam -v

Revision as of 02:31, 9 June 2009

Template:I18n links start Template:I18n entry Template:I18n entry Template:I18n links end

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. Because ClamAV's main use is on file/mail servers for Windows desktops it primarily detects Windows viruses and malware.

Installation

Install with pacman by:

# pacman -Sy clamav

Configuration

To run as a server edit Template:Filename and Template:Filename and comment out the Example flag. In Template:Filename change the start options from "no" to "yes".

# change these to "yes" to start
START_FRESHCLAM="yes"
START_CLAMD="yes"

Update Database

The daemon needs to be running for the virus update to be updated:

# /etc/rc.d/clamav start

Then update the virus definitions with:

# freshclam

Scan for Viruses

Template:Codeline can be used to scan certain files, home directory, or an entire system:

$ clamscan myfile
$ clamscan -r -i /home
$ clamscan -r -i --exclude-dir=^/sys\|^/proc\|^/dev /

If you'd like Template:Codeline to remove the infected file use the Template:Codeline option in the command.

Troubleshooting

If you get the following messages after running freshclam:

WARNING: Clamd was NOT notified: Can't connect to clamd through 
/var/lib/clamav/clamd.sock connect(): No such file or directory

Add a sock file for clamav:

# touch /var/lib/clamav/clamd.sock
# chown clamav:clamav /var/lib/clamav/clamd.sock

If you get the next error when starting the daemon:

LibClamAV Error: cli_loaddb(): No supported database files found
in /var/lib/clamav ERROR: Not supported data format

Run freshclam as root:

# freshclam -v