An Antivirus Program for Fedora

8, Dec 2010

Contents

Should you find yourself in a situation where you need to have an anti-virus system installed on a linux machine, one of the more common ones is ClamAV. Clam AV is an open source toolkit for UNIX, developed for email scanning and general anti-virus scanning. It is a command line based system with no GUI. The public virus database is hosted on the ClamAV servers, and is updated several times a day.

Installing the Required Packages

Installing ClamAV is quite simple, as it is available in the Fedora yum repositories. The following command will install all the necessary parts for the system:

sudo yum install clamav clamav-scanner clamav-server clamav-update

Configuring the freshclam.conf File

Settings for updating the anti-virus signatures database from ClamAV are contained in the /etc/freshclam.conf file. After the install has completed you'll have to make some minor changes to that file before you can download the most recent signatures.

Open the file in your editor (You'll need to do this through sudo). For the most basic setup, the only change you'll need to make is to comment out or delete line 8. Additionally, if you are behind a proxy you'll need to modify that section of the file (lines 96 to 99) to reflect your information. Once done, save and exit.

You should now be able to run

sudo freshclam

This will download the main and daily updates to the Anti-Virus database from the ClamAV servers. Ideally, you should be updating your signatures at least weekly. To actually run a scan on your system simply run the following:

clamscan -r /dir/to/scan

ClamAV will then check every file recursively in the directory path given and, once complete, will give you a list of the results, including any files that it found that may be infected. Of course, if your account does not have permissions to read that directory, you'll have to prefix that command with sudo.

Making a Cronjob for Automatic Updates

It can quickly become a pain to have to manually update the database signatures constantly. The easiest way to automate things like this is to create a cronjob for the system. Since freshclam needs to be run as root, you'll have to edit that user's crontab:

sudo crontab -e

Then add the following line to the file:

@daily /usr/bin/freshclam

This will run the freshclam command every day under the root user account. When done, save and exit the file to add the job.

Comments

This space intentionally left blank.

Have Something to Say?

Questions? Comments? Concerns? Let me know what you’re thinking.

  • You can use Markdown formatting here.