Linux security – Antivirus

Just a quick note on scanning files on linux. By far the most popular AV program on Linux is ClamAV. To install (Debian):

apt-get install clamav clamav-daemon

run initial AV definition update:

# freshclam
ClamAV update process started at Sun Mar 27 13:55:19 2016
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99 Recommended version: 0.99.1
DON'T PANIC! Read http://www.clamav.net/support/faq
Empty script main-56.cdiff, need to download entire database
Downloading daily.cvd [100%]
daily.cvd updated (version: 21475, sigs: 83902, f-level: 63, builder: jesler)
Downloading bytecode-272.cdiff [100%]
Downloading bytecode-273.cdiff [100%]
Downloading bytecode-274.cdiff [100%]
Empty script bytecode-275.cdiff, need to download entire database
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
Database updated (4302737 signatures) from db.local.clamav.net (IP: 129.67.1.218)
Clamd successfully notified about the update.

Now to scan a folder and display list of infected files just run:

clamscan -r -i /folder/to/scan

Once the scan is completed scan summary will be displayed:

----------- SCAN SUMMARY -----------
Known viruses: 4297365
Engine version: 0.99
Scanned directories: 60
Scanned files: 318
Infected files: 0
Data scanned: 805.54 MB
Data read: 27979.70 MB (ratio 0.03:1)
Time: 55.183 sec (0 m 55 s)

Leave a Reply

Your email address will not be published. Required fields are marked *

3 × two =

This site uses Akismet to reduce spam. Learn how your comment data is processed.