Skip to content

Personal AntiVirus for Linux – ClamAV with Fedora 11

I'm providing the original text file for ease of use

Grab it here - ClamAV.on.Fedora
----------------------------------

Background:

This guide will use the ClamAV CLI scanner and the ClamAV-Update script (freshclam).
I wrote this to help all the HomeSOHO users (servers or desktops).
ClamAV has various tools/packages/plugins for email servers etc. but that's another story.

If you wish to learn more visit their home site: http://www.clamav.net/

Obviously, you can change anything you want, but this should get you going.

----------------------------------

Installation:

shell> sudo yum install -y clamav clamav-update
----------------------------------

Setup clamav-update:

shell> sudo vi /etc/freshclam.conf

Note: Change the following 2 items, then save and quit.

Example
to
#Example

#DatabaseDirectory /var/lib/clamav
to
DatabaseDirectory /var/lib/clamav

----------------------------------

In order for the freshclam cron script to work, we'll need to update /etc/sysconfig/freshclam

shell> sudo vi /etc/sysconfig/freshclam

Note: Change the following item, then save and quit.

FRESHCLAM_DELAY=disabled-warn
to
#FRESHCLAM_DELAY=disabled-warn

----------------------------------

Run the virus definition updates by hand (for testing):

shell> sudo /usr/bin/freshclam

Run a test scan on /sbin and /bin
(recursively and log to /tmp/clamscan.Month-Day-Year.log):

shell> sudo clamscan -r /sbin /bin 
--log=/tmp/clamscan.`date +%m-%d-%y`.log

----------------------------------

Script for auto-scans:

Note: Create the script and save under "root's" home.

shell> sudo su -
shell> cd ~
shell> vi virus-scan.sh

NOTE: Copy and paste the below info into the virus-scan.sh, then save and quit.

#!/bin/sh
#######################
# Create the log file if needed
#
CLAM_LOG="/var/log/clamscan.log"
if [ ! -f "$CLAM_LOG" ]; then
touch "$CLAM_LOG"
chmod 644 "$CLAM_LOG"
chown clamav.clamav "$CLAM_LOG"
fi
#
########################
# Setup paths to be scanned, these are based on my $PATH
#
COMMON_DIRS="/bin /sbin /usr/bin /usr/sbin /usr/local/bin 
/usr/local/sbin /usr/kerberos/bin /usr/kerberos/sbin 
/usr/lib/qt* /home /tmp"
#
########################
# Start the scan and mail to root (change as needed)
#
/usr/bin/clamscan -ri $COMMON_DIRS --log="$CLAM_LOG" 
| mail -s virus-scan.`date +%m-%d-%y` [email protected]
#
########################

Set the script to be executable and test:

shell> chmod +x virus-scan.sh
shell> ./virus-scan-sh &

Once it's complete, check roots mail and/or the log file, if all is well, let's set up a cron job.

----------------------------------

There are many ways to use cron, this example is using the /etc/cron.d structure.

shell> cd /etc/cron.d
shell> vi virus-scan

NOTE: Copy and paste the following into the virus-scan file, the save and quit.

# The following will run our script at 2am every day of the week.
# Obviously you'll need to adjust this based on workload, uptimes etc.
00 02 * * * root /root/virus-scan.sh > /dev/null 2>&1

----------------------------------

I'm providing the original text file for ease of use

Grab it here - ClamAV.on.Fedora

Follow my post on Fedoraforums - ClamAV on Fedora 11

Published inLinuxSecurity

Be First to Comment

    Leave a Reply

    %d bloggers like this: