Installing ClamAV on CentOS 5

There are few known viruses in Linux compared to Windows, but since users are uploading content to the Linux servers from time to time, it is better to be vigilant and to seek and destroy those on the server. We can install ClamAV on Linux servers since it is a fast, free and efficient.

Installing ClamAV (64-bit)
1. Download the file using wget
$ sudo wget http://pkgs.repoforge.org/clamav/clamav-0.97.3-1.el5.rf.x86_64.rpm
$ sudo wget http://pkgs.repoforge.org/clamav/clamav-db-0.97.3-1.el5.rf.x86_64.rpm

2. Install the packages
$ sudo rpm -ivh clamav-*.rpm

Now that we have it installed there are a few things we need to learn about it and do. First thing is to update the definitions. We achieve this by running the command freshclam. Freshclam requires and Internet connection to download and update the virus definitions. All you have to do is type the command, press enter and voila! We are up to date.

Running Antivirus Scanning Manually
To run antivirus and print infected files on /home:
clamscan -ri /home

To run antivirus and remove infected files on /home:
clamscan -ri –remove /home

Automating Antivirus Scanning
It is a good security practice to have regular antivirus scanning on the system.
To automate the scanning, just edit /etc/crontab and add the following at the bottom:

0 5 * * * root clamscan -ri /|mail -s “ClamScan Result for servernameyouremail@address.com

This will make ClamAV to run daily at 5.00 AM and send the scan result to youremail@address.com.
The anti virus database has been set to be updated daily  so there is no need to configure it.

Reference:
ClamAV on CentOS 5.5

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s