Protect your system with ClamAV in Linux

Yes that’s right, you can get viruses in Linux. While Linux users using a desktop environment are at little risk, the risk is still there. More and more Linux systems are being targeted each day due to the amount of dependency for Linux-based technology. It is just as important to run an anti-virus on your server. Here we will be installing one of them: ClamAV.

ClamAV is one of the more popular open source anti-virus software out there. They also have a Windows version which you can get here. First we are going to install ClamAV by doing the following:

CentOS:

sudo yum -y install clamav clamd clamav-update

Note: You will need to enable the epel repository before installing it by running “sudo yum -y install epel-release”.

Debian/Ubuntu:

sudo apt-get install clamav clamd clamav-update

After you’re done with the installation, we will need to update it first.

sudo freshclam

ClamAV will now update its virus definitions. You can also run it like this:

/usr/bin/freshclam

Now we can start scanning for viruses manually. In order to do that, run the following shell command:

sudo clamscan -i -r /home/*
ClamAV

This will scan the entire /home/ directory for potentially infected files with the -i argument and then remove any with -r as well. Once its done, the following results is displayed:

----------- SCAN SUMMARY -----------
Known viruses: 6723732
Engine version: 0.101.5
Scanned directories: 1
Scanned files: 6
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 18.593 sec (0 m 18 s)

We can make it so that clamAV scans the directory on a daily basis with cron.

sudo crontab -e

Then, insert the following into crontab:

@daily /usr/bin/clamscan -i -r /home/* >> /home/$USERHERE/clamscan.log

Save and exit, ClamAV will now scan the /home/ directory for viruses on a daily basis. It will also write the results to a new file called clamscan.log every time.

Your Linux system is now better protected from viruses.