Clam AV-Linux AntiVirus

Clam Antivirus is a great, free and open source antivirus for Linux. It is licensed under GNU GPL; which, among other things, allows the use of free software in the non-private domain. It supports detection of malware, trojans, virus and other malicious files. It is widely used in mail servers for scanning of e-mails. Main features are,

  • Free Antivirus
  • Used in mail servers to stop spreading of trojans and viruses,
  • Built-in support for archive and compressed file scanning
  • Can be used from command line,
  • Provides virus signature updates on regular basis,
  • On-access file scanning.

Installation can be done in a variety of ways: through packet managers or sources.

Installation from Binaries

For operating systems that use Synaptic (such as Debian, Ubuntu, and derivatives), you can download the ready-to-use package by using the following command.

apt-cache search clamav
apt-get install clamav

Installation from Sources

For those who prefer to install the program by compiling the sources, it is necessary to check the presence of gcc, zlib and zlib-dev, bzip2 and bzip2-dev, GNU MP3 (not strictly necessary but strongly recommended).
Download the sources, put them in the /tmp folder. Let’s install it with commands, where x represents the version numbers of the antivirus.

tar xvzf clamav-x.xx.x.tar.gz
cd clamav-x.xx.x.tar.gz
./configure
make
make install

At this point, you must create a user to associate with the virus:

groupadd clamav
useradd -g clamav -s /bin/false -c “Clam Antivirus” clamav

Once you’ve created the user, you have to switch to the process that will turn in the background.
We open the /etc/clamd.conf file as root with an editor.

nano /etc/clamd.conf &

Uncomment the “Example” at eighth line by removing # off,

#Example

will become

Example

You must now edit the /etc/freshclam.conf file to allow viral signatures to be updated.

nano /etc/freshclam.conf

Uncomment the line DatabaseMirror db.xy.clamav.net. Replace xy with your country tld for updating of virus signatures from your country’s repository. you can find your country TLD from here.
Now you can save and close the file. Before testing the antivirus, it is good to update the definitions by issuing the command freshclam to activate the daemon that starts at each boot.

freshclam -d

However, you can force the definition update to this command:

freshclam

Once you have updated the software database with the latest available signatures, you can try the antivirus by typing on the command line.

clamscan -r /tmp/clamav-x.xx.x

You will need to find some viruses that are nothing but tests to test the correct functioning of the virus.
With the -r option you will also check the folders that have been typed in the row you typed, and with the -i option, only the infected files will be printed.

clamscan -ir tmp

It will search infected files in the tmp folder and in the sub-directories displaying only the infected files. There are a lot of graphical interfaces available for ClamAV, but in my opinion using the clamscan and freshclam commands, you will not feel the need for anything else.

If You Like Our Work on Smashing Lab, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own Virtual Private Server at ($5.00/month).

We are thankful for your never ending support.

Imran Yousaf

I am Imran Yousaf, a computer geek, founder of the site Smashinglab.com. I am a die hard fond of open-source software and Linux operating system. In addition to Linux, I am interested in everything related to information technology and modern science.

Your name can also be listed here. Got a tip? Submit it here to become a Smashing Lab author.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *