ClamAV antivirus

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats.

Install from the RPMs

1. Move to install directory:

cd /usr/src

2. Download the ClamAV installation package, ClamAV database, ClamAV development libraries and ClamAV daemon for your operating system type (32 bit of 64 bit):

For 32 bit:

wget http://pkgs.repoforge.org/clamav/clamav-0.97.1-1.el6.rf.i686.rpm http://pkgs.repoforge.org/clamav/clamav-db-0.97.1-1.el6.rf.i686.rpm http://pkgs.repoforge.org/clamav/clamav-devel-0.97.1-1.el6.rf.i686.rpm http://pkgs.repoforge.org/clamav/clamd-0.97.1-1.el6.rf.i686.rpm

For 64 bit:

wget http://pkgs.repoforge.org/clamav/clamav-0.97.1-1.el6.rf.x86_64.rpm http://pkgs.repoforge.org/clamav/clamav-db-0.97.1-1.el6.rf.x86_64.rpm http://pkgs.repoforge.org/clamav/clamav-devel-0.97.1-1.el6.rf.x86_64.rpm http://pkgs.repoforge.org/clamav/clamd-0.97.1-1.el6.rf.x86_64.rpm

3. Install ClamAV

rpm -Uvh clam*

‘[OR]’

Install via epel repository.

1. Install the EPEL package

cd /usr/local/src
wget http://ftp.riken.jp/Linux/fedora/epel/6/i386/epel-release-6-7.noarch.rpm  // for centos 6
rpm -ivh epel-release-6-7.noarch.rpm
[or]
wget http://ftp.riken.jp/Linux/fedora/epel/5/i386/epel-release-5-4.noarch.rpm  // for centos 5
rpm -ivh epel-release-5-4.noarch.rpm

2. Install ClamAV

yum install clamd

Updating the ClamAV

Run Freshclam to download the newest pattern files:

/usr/bin/freshclam -v

Setting up the cronjob

1. Create the log file.

touch /var/log/freshclam.log
chmod 600 /var/log/freshclam.log
chown clamav /var/log/freshclam.log

2. Create /etc/cron.daily/clamav-scan with the following contents.

/usr/bin/freshclam
/usr/bin/clamscan -ri /

3. Set the permissions.

chmod +x /etc/cron.weekly/clamav-scan

Now you have installed ClamAV in your server and setup a cronjob that will update the ClamAV and scan the server everyday.