ClamAV is an open source (GPL) antivirus engine designed for detecting
Trojans, viruses, malware and other malicious threats. It is the de
facto standard for mail gateway scanning. It provides a high
performance mutli-threaded scanning daemon, command line utilities for
on demand file scanning, and an intelligent tool for automatic signature
updates. The core ClamAV library provides numerous file format
detection mechanisms, file unpacking support, archive support, and
multiple signature languages for detecting threats.
1. groupadd clamav
2. useradd -g clamav clamav
3. mkdir /var/clamav
4. chown clamav:root /var/clamav
5. mkdir /var/log/clamav/
6. chown clamav:root /var/log/clamav/
7. mkdir /usr/local/share/clamav
8. chown clamav:clamav /usr/local/share/clamav
9. wget http://dl.sourceforge.net/sourceforge/clamav/clamav-0.93.3.tar.gz
11. cd clamav-0.93.3
12. ./configure –disable-clamuko –enable-milter –with-dbdir=/usr/local/share/clamav
13. Basically, on distributions Red Hat based, when trying to compile clamav we see an error from incompatibility with zlib. You have the choise to install both zlib and zlib-devel packages with
If there are erros, like configure: error: The installed zlib version may contain a security bug. Please upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this check with –disable-zlib-vcheck but DO NOT REPORT any stability issues then!
we write the command:
15.The chance to get error still exist so it is safe to run:
After we run, for both cases:
18.We need a file named clamav.conf. We edit it in /etc:
Write the following lines:
Save and close the file.
19. Now tell your startup script to load the ClamAV daemon:
22. chown clamav:clamav /var/log/clam-update.log
24. chown clamav:root /tmp/clamd.log
25. mkdir /var/milter
26. chown clamav:root /var/milter/
27. cd /usr/local/etc/
We can modify some configuration files in the directory /etc:
28. cd /etc
30. wget ftp://ftp.ro-design.net/pub/freshclam.conf
31. mkdir /var/lib/clamav
32. chown clamav:root /var/lib/clamav/ /usr/local/bin/freshclam -l /var/log/clam-update.log
33. cp /usr/local/sbin/clamd /etc/init.d/
clamscan -irv your desired location
Steps for installation
2. useradd -g clamav clamav
3. mkdir /var/clamav
4. chown clamav:root /var/clamav
5. mkdir /var/log/clamav/
6. chown clamav:root /var/log/clamav/
7. mkdir /usr/local/share/clamav
8. chown clamav:clamav /usr/local/share/clamav
9. wget http://dl.sourceforge.net/sourceforge/clamav/clamav-0.93.3.tar.gz
10. tar xzvf clamav-0.93.3.tar.gz
11. cd clamav-0.93.3
12. ./configure –disable-clamuko –enable-milter –with-dbdir=/usr/local/share/clamav
13. Basically, on distributions Red Hat based, when trying to compile clamav we see an error from incompatibility with zlib. You have the choise to install both zlib and zlib-devel packages with
yum install zlib zlib-devel
If there are erros, like configure: error: The installed zlib version may contain a security bug. Please upgrade to 1.2.2 or later: http://www.zlib.net. You can omit this check with –disable-zlib-vcheck but DO NOT REPORT any stability issues then!
we write the command:
14.yum update zlib zlib-devel
15.The chance to get error still exist so it is safe to run:
./configure –disable-clamuko –enable-milter –with-dbdir=/usr/local /share/clamav –disable-zlib-vcheck
After we run, for both cases:
16. make
17. make install
vi /etc/clamav.conf
Write the following lines:
#/etc/clamav.conf
LogTime
LogSyslog
LogFile /var/log/clam/clamd.log
PidFile /var/run/clam/clamd.pid
LocalSocket /var/run/clam/clamd.sock
FixStaleSocket
MaxThreads 50
ThreadTimeout 600
MaxDirectoryRecursion 15
FollowFileSymlinks
SelfCheck 600
User clamav
ScanMail
ScanArchive
ArchiveMaxFileSize 10M
ArchiveMaxRecursion 5
ArchiveMaxFiles 1000
Save and close the file.
19. Now tell your startup script to load the ClamAV daemon:
echo “/usr/local/sbin/clamd” >> /etc/rc.d/rc.local
echo “/usr/local/sbin/clamav-milter -l -o -q /var/milter/clmilter.sock” >> /etc/rc.d/rc.local
echo “/usr/local/sbin/clamav-milter -l -o -q /var/milter/clmilter.sock” >> /etc/rc.d/rc.local
20. cp /etc/clamav.conf /usr/local/etc/
21. touch /var/log/clam-update.log
22. chown clamav:clamav /var/log/clam-update.log
23. touch /tmp/clamd.log
24. chown clamav:root /tmp/clamd.log
25. mkdir /var/milter
26. chown clamav:root /var/milter/
27. cd /usr/local/etc/
We can modify some configuration files in the directory /etc:
28. cd /etc
29. wget ftp://ftp.ro-design.net/pub/clamd.conf
30. wget ftp://ftp.ro-design.net/pub/freshclam.conf
31. mkdir /var/lib/clamav
32. chown clamav:root /var/lib/clamav/ /usr/local/bin/freshclam -l /var/log/clam-update.log
33. cp /usr/local/sbin/clamd /etc/init.d/
34./etc/init.d/clamd restart
Usage
clamscan -irv your desired location
Eg: clamscan -irv /home
If you need scan results into a file, try this command
clamscan -irv location > file name
Eg: clamscan -irv /home > scan.log
