Free Clam AntiVirus.
Clam AntiVirus is a free open source antivirus program and licensed under the GNU General Public License (GPL). The program is written for non-interactive use and scanning mail on a mail server or equivalent but not limited to it.
ClamAV can identify, relocate or delete files on Linux systems, that have been infected by viruses, but not remove any viruses from infected files. Also ClamAV doesn't protect you in realtime and their on-access using clamd seems to be non-reliable.
ClamAV is a registered trademark of Cisco Systems. (C) 2015 Cisco and / or its subsidiaries.
Note: In tests conducted by AV-TEST Lab 09/2015, ClamAV showed a detection rate of 15.3% when tested against Windows-based threats and 66.1% for Linux-based threats.
Despite this extremely worrying result, it is recommended on several Linux forums online that private users should install ClamAV.
Running this on your server:
Expect some false positives. Do not delete the files that are flagged positive, download them instead on a protected Linux machine and do a scan with one of the top three AV-vendors, plus upload the file/s to VirusTotal for an extra check.
It is the one of the remaining "Free Antivirus" for Linux in 2023 that I could download from the developers website.
In the case of malicious code specifically targeting Linux, attackers assume that the user is making errors and either runs as "Root" all the time or installs software from third party insecure sources.
The latest version at the time of writing is 0.105.0, released 2022-05-03 and it comes without a GUI ( Graphical User Interface ).
Note: I only recommend you use this software if you can't afford a paid Antivirus / EndPoint solution for your Debian 11 / LMDE5 Linux desktop or server.
Size: 14,1MB
To get the latest version download here.
I am assuming you are saving your downloads in the "Downloads" folder.
Open a terminal window and type:
cd Downloads
Enter.
sudo dpkg -i clamav-0.105.0.linux.x86_64.deb
Enter.
In case of an error:
sudo apt-get install -f
Enter.
If you want to install from Debians repository:
Version:0.103.6+dfsg-0+deb11u1
How to install via a terminal window:
sudo apt-get install clamav
Enter.
In case of an error:
sudo apt-get install -f
Enter.
Default setting for virus signature update:
By default ClamAV signature database is updated automatically every hour, but If you want, you can change this in freshclam configuration file:
/etc/clamav/freshclam.conf
ClamAV use three virus definitions files:
- bytecode.cvd
- daily.cvd
- main.cvd
The definition files are located here:
/var/lib/clamav
CLI - Usage Commands for ClamAV:
Before updating the database, you must first stop the clamav-freshclam service ( auto update ).
sudo systemctl stop clamav-freshclam
Enter.
Then to manually update the virus signatures:
sudo freshclam
Enter.
Now start running freshclam as a service ( auto update ):
sudo systemctl start clamav-freshclam
Enter,
To check that the freshclam service is up and running:
systemctl | grep clam
Enter.
Now to scan your current directory ex. ( /home ):
sudo clamscan
Hit Enter and wait a little bit.
----------- SCAN SUMMARY -----------
Known viruses: 8616625
Engine version: 0.103.6
Scanned directories: 1
Scanned files: 19
Infected files: 0
Data scanned: 1.09 MB
Data read: 0.75 MB (ratio 1.45:1)
Time: 22.185 sec (0 m 22 s)
Start Date:
End Date:
------------------------------------------------
To scan all files and folders in current directory ( /home ):
clamscan -r /home
Scan a single file:
clamscan filename.ending
To scan your /home folder and remove any infected files:
clamscan --infected --remove --recursive /home
Enter.
Note: If you have several user accounts and just want to scan one, add /username after /home.
Apache Web server:
To scan your web server and everything in the standard Apache document root looking for PUA = Potentially Unwanted Application.
sudo clamscan --infected --detect-pua=yes --recursive /var/www/html/
Enter.
For more information visit the clamscan manual or the developers website.
How to uninstall clamav from commandline:
sudo apt-get remove clamav
Enter,
Uninstall clamav and its dependencies:
sudo apt-get remove --auto-remove clamav
Enter.
If you want a GUI for ClamAV - Use ClamTK ( 6.14 ) or later:
Then open a terminal window:
cd Downloads
Enter.
sudo dpkg -i clamtk_6.14-1_all.deb
Enter, done.
- Title: Free Clam AntiVirus
- Posted by:
- Date: 10:05 AM
- Tags: Antivirus & Firewalls
