Anti-virus
Linux is a very good operating system. However, it's not unbreakable and it might be infected by some virus. One of the best open-source anti virus is clamAv. This is the most popular and the one I choose to use.
- Note -
There are a lot of pros and cons to the anti-virus. Some sysadmin are NOT using them and they are happy about it. So, unlike the firewall, you can live WITHOUT an anti-virus.
Contents
Installation of ClamAV
apt-get install clamav-daemon clamav-freshclam clamav-docs libclamunrar6
The daemon will protected your computer in real time, while freshclam will get the updates of virus and threats definitions.
>> During the installation, you might get a warning about an out-of-date version. Don't panic! This is normal, it means that the virus definition within the package is not up-to-date.
Update ClamAV definitions
To finish the installation, you need to update the definitions
freshclam
Set the definition update rate
By default, freshclam will check for updates every hours. You can change this parameter:
vim /etc/clamav/freshclam.conf
Put the following
# Check for new database 24 times a day
Checks 24 ## Edit this value as you wish. It will automatically calculate the time
Then, you need to restart freshclam
/etc/init.d/clamav-freshclam restart
Manual scan of the hard drive
If you want, you can scan your hard drive.
> I advise you to do this right after the installation.
clamscan -r /
<syntaxhighlight lang="bash">
Notes:
* You can also scan for specific folders or drives with the same option (-r)
* To improve the lisibility, use the infected only option (it display only the wrong files):
<syntaxhighlight lang="bash">
clamscan -r / -i
Set automatic scans of the hard drive
For a server, it's a good idea to often check for virus. You just have to update your crontab.
crontab -u root -e
Add the following line to scan each day the full disk, at 02:30
<syntaxhighlight lang="bash"> 30 02 * * * clamscan -r -i --exclude-dir=^/sys / <syntaxhighlight lang="bash">
Note: I exclude the /sys folder because of specific errors on my OVH distribution.