ClamAV

From Indie IT Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Introduction

Clam AntiVirus (ClamAV) is a free, cross-platform antivirus software tool-kit able to detect many types of malicious software, including viruses. One of its main uses is on mail servers as a server-side email virus scanner. The application was developed for Unix and has third party versions available for AIX, BSD, HP-UX, Linux, Mac OS X, OpenVMS, OSF (Tru64) and Solaris. As of version 0.96 ClamAV builds and runs on Microsoft Windows. Both ClamAV and its updates are made available free of charge.

http://en.wikipedia.org/wiki/Clam_AntiVirus

Installing

Manually

http://www.clamav.net/documents/installing-clamav

Gentoo

su - root
emerge clamav
rc-update add clamd default

A small tweak is required to /etc/init.d/clamd if you run your own DNS server...

depend() {
        use net
        provide antivirus
        after named
}

Ubuntu

Make sure you have enough free memory for this, and create a swapfile if needed!

https://www.digitalocean.com/community/tutorials/how-to-add-swap-on-ubuntu-14-04

sudo aptitude install clamav clamav-daemon clamav-freshclam

https://help.ubuntu.com/community/ClamAV

MailScanner

sudo usermod -a -G www-data clamav
sudo nano /etc/apparmor.d/usr.sbin.clamd
  /var/spool/MailScanner/** rw,
  /var/spool/MailScanner/incoming/** rw,
sudo /etc/init.d/apparmor reload
sudo start-stop-daemon -v --stop --pidfile /opt/MailScanner/var/MailScanner.pid

Updating

sudo nano /etc/clamav/freshclam.conf

DatabaseMirror db.GB.clamav.net

Then run a cron job on this command, or it will automatically start when clamd starts as a service...

sudo freshclam

Checking Installation

clamscan --version

Usage

clamscan /name/of/directory

FIX Excessive RAM Usage

Problem...

ERROR: daemonize() failed: Cannot allocate memory

Fix...

  1. perform the MySQL RAM tweak turning off performance_schema
  2. add a 1.5Gb /swapfile
  3. edit the /etc/clamd.conf settings to reduce the threads

https://forums.centos.org/viewtopic.php?t=45552