Tuesday, June 11, 2013

Install Clamav antivirus on Centos

Clamav is a much misunderstood software, at least from the response of people I know.

This is a follow up of previous posting http://tboxmy.blogspot.com/2011/06/open-source-software-antivirus-called.html

A simple to read manual can be found at
http://www.clamav.net/doc/latest/clamdoc.pdf

However, here are steps I took for the installation on Centos 6.3 and Centos 5.6

Step 1: Install required repository for clamav
http://tboxmy.blogspot.com/2013/06/install-yum-repo-for-centos.html

Step 2: Install the clamav software
yum install clamd clamav clamav-db

Step 3: Edit the configuration files with your own preferences
/etc/clamd.conf
/etc/freshclam.conf

Step 4: Test the scan with an example directory [/tmp/samples] and save the results in [output.scan]
clamscan -r -l output.scan /tmp/samples

You should notice a warning that the virus database is outdated.

Step 5: Update the virus database. Make sure the server has internet access, then type
freshclam

By default update is done daily, but can be changed by moving the /etc/cron.daily/freshclam to another cron folder.

Step 6: Schedule the scan with crontab
Use the command in step 4 as an example

Step 7: Manage how files detected as virus are handled

e.g. use perl-File-Scan-ClamAV



No comments: