Anti-Virus - Clamav
2010/06/02 |
Install Clam AntiVirus to protect from virus. 06/02/2010 now, Clamav in Fedora repository is old. So if you use latest Clamav, See the procedure [2]. If you use the package in Fedora repository, See the procedure [1]. |
|
[1] | Install Clamav from Fedora repository |
[root@mail ~]# yum -y install clamav clamav-update [root@mail ~]# vi /etc/freshclam.conf # line 8: make it comment # Example[root@mail ~]# freshclam # update pattern files ClamAV update process started at Wed Jun 2 21:54:37 2010 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.95.3 Recommended version: 0.96.1 DON'T PANIC! Read http://www.clamav.net/support/faq main.cld is up to date (version: 52, sigs: 704727, f-level: 44, builder: sven) daily.cvd is up to date (version: 11120, sigs: 85298, f-level: 51, builder: ccordes) |
[2] | Install latest Clamav from SRPM |
[root@mail ~]# yum -y install bzip2-devel curl-devel gmp-devel ncurses-devel zlib-devel sendmail-devel check-devel [root@mail ~]# wget http://packages.sw.be/clamav/clamav-0.96.1-1.el5.src.rpm [root@mail ~]# rpmbuild --rebuild clamav-0.96.1-1.el5.src.rpm [root@mail ~]# cd /root/rpmbuild/RPMS/x86_64 [root@mail x86_64]# rpm -Uvh clamav-0.96.1-1.fc13.x86_64.rpm clamav-db-0.96.1-1.fc13.x86_64.rpm Preparing... ################################ [100%]  1:clamav-db ################################ [50%]  2:clamav ################################ [100%] # if you configure to run with Squid, install clamd too [root@mail x86_64]# rpm -Uvh clamd-0.96.1-1.fc13.x86_64.rpm Preparing... ################################ [100%]  1:clamd ################################ [100%] [root@mail x86_64]# [root@mail ~]# vi /etc/freshclam.conf # line 115: make it comment # NotifyClamd /etc/clamd.conf[root@mail ~]# freshclam # update pattern files ClamAV update process started at Mon May 31 23:03:34 2010 main.cvd is up to date (version: 52, sigs: 704727, f-level: 44, builder: sven) daily.cvd is up to date (version: 11106, sigs: 84207, f-level: 51, builder: arnaud) bytecode.cvd is up to date (version: 21, sigs: 3, f-level: 51, builder: nervous) |
[3] | Try to scan |
[root@mail ~]# clamscan --infected --remove --recursive /home ----------- SCAN SUMMARY ----------- Known viruses: 788232 Engine version: 0.96.1 Scanned directories: 83 Scanned files: 66 Infected files: 0 Data scanned: 2.04 MB Data read: 1.98 MB (ratio 1.03:1) Time: 4.027 sec (0 m 4 s) # try to download trial virus [root@mail ~]# wget http://www.eicar.org/download/eicar.com [root@mail ~]# clamscan --infected --remove --recursive . ./eicar.com: Eicar-Test-Signature FOUND ./eicar.com: Removed. # just detected ----------- SCAN SUMMARY ----------- Known viruses: 788232 Engine version: 0.96.1 Scanned directories: 1 Scanned files: 13 Infected files: 1 Data scanned: 24.85 MB Data read: 24.75 MB (ratio 1.00:1) Time: 5.320 sec (0 m 5 s) |