Table of Contents
ClamAV
ClamAV (also called “Clam AntiVirus”) is an Open Source anti-virus toolkit, normally used on Unix-like systems.
This page does only provide rudimentary information, enough to use ClamAV on your desktop.1) But there are more professional use cases, for sure. If you need help about integrating ClamAV into other programs, have a look at the appropriate category on the ClamAV website
An anti-virus tool for Linux?!
Yes. Although viruses don't play a major role in the Unix-like world, think about:
- Linux-Mailservers, killing Windows viruses for the Windows clients. The integration with mail servers (→attachment scanning) is the main purpose of ClamAV.
- Heterogeneous Linux-Windows environments. It is nice to kill a Windows virus on your Linux machine before sending files to Windows users. Therefore ClamAV is also useful on a common Linux Desktop.
If you are not interested in exchanging data with Windows users, you probably do not need ClamAV or comparable software. It is “only” a rudimentary protection. Most commercial, proprietary scanners got better detection rates. Simply think about ClamAV as a nice first protective barrier to kill common malware, useful for all places where data between many unknown clients is exchanged.
Installation
Ubuntu
9.10 Karmic and above
Don't get confused about notices like “This version of the ClamAV engine is outdated.”. There is no problem with that, remember that Ubuntu is no rolling release. You'll get the newest virus signatures and everything is fine.
Simply install the following package(s):
clamav(universe)clamav-freshclam(universe) – needed to update the virus signatures
There are some additional packages, providing special functionality:
Usage
Scan
clamscan is the program used for scanning files and directories:
clamscan OPTIONS file/dir [dir2 dir3...]
Use clamscan --help or its manpage to get a list of available options.
To scan files of other users, execute it superuser privileges:
sudo clamscan OPTIONS /home/other-user/
If you want to use a (self-explanatory) GUI, install ClamTk (see installation notes above).
Update virus signatures
The freshclam daemon is used to update your virus signatures. This happens automatically from time to time (configurable via /etc/clamav/freshclam.conf on Debian/Ubuntu). To trigger an instant update, use
sudo freshclam
clamd (ClamAV Daemon) on Ubuntu
clamd provides a background service, including support for on-access scanning and an easy MTA integration. If you simply want to manually scan some files from time to time, you do not need this.
Simply install the following package(s):
clamav-daemon(universe)
Its config file (to configure scan options etc.) is /etc/clamav/clamd.conf. If you need help about integrating ClamAV into other programs, have a look at the appropriate category on the ClamAV website
