ClamAv is a command line virus scanner. It runs on all the major platforms, Windown,Linux, and OSX. You can download the source and install it from there, or you can follow these simple steps to install it using MacPorts.
To install ClamAv check the ports including clam by listing these:
port search clam
Then to install the files issue:
sudo port install clamav clam-server clamsmtp p5-mail-clamav
Once the ports are installed you'll need to configure ClamAv. The following is an extract from the port installation echo:
To configure clamd and freshclam look for the following files:
/opt/local/etc/clamd.conf
/opt/local/etc/freshclam.conf
If these files do not exist you can copy the sample conf files into place:
sudo cp /opt/local/etc/clamd.conf.sample /opt/local/etc/clamd.conf
sudo cp /opt/local/etc/freshclam.conf.sample /opt/local/etc/freshclam.conf
Edit /opt/local/etc/clamd.conf to your liking, example:
# Comment out 'Example' near the top if it exists
#Example
LogFile /opt/local/var/log/clamav/clamd.log
PidFile /opt/local/var/run/clamav/clamd.pid
LocalSocket /opt/local/var/run/clamav/clamd.socket
TCPSocket 3310
TCPAddr 127.0.0.1
Foreground yes
Edit /opt/local/etc/freshclam.conf to your liking, example:
# Comment out 'Example' near the top if it exists
#Example
UpdateLogFile /opt/local/var/log/clamav/freshclam.log
PidFile /opt/local/var/run/clamav/freshclam.pid
NotifyClamd /opt/local/etc/clamd.conf
The important thing when editing these configuration files, is that the directories for clams and freshclam points to the same directories. I let mine point to:
/opt/local/var/log/clamav/
/opt/local/var/run/clamav/
And, make sure that the TCPSocket and TCPAddr are set, enabling you to use ClamAv from within other programs. After installation you'll need to create an entry in the ports share directory. The reason for this is that ClamAv runs in this directory and the directory is not created on installation. Create it like this:
sudo mkdir -p /opt/local/share/clamav
sudo chown clamav:clamav /opt/local/share/clamav
Now you're ready to create a fresh clam, issue:
sudo freshclam -v
Current working dir is /opt/local/share/clamav
Max retries == 3
ClamAV update process started at Thu Mar 24 00:01:09 2016
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 632
Software version from DNS: 0.99.1
main.cvd version from DNS: 57
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
daily.cvd version from DNS: 21470
daily.cld is up to date (version: 21470, sigs: 83891, f-level: 63, builder: neo)
bytecode.cvd version from DNS: 275
bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
ClamAv will generate a new virus signature file. When it is done, you're ready to scan your box. This is done by:
clamscan -ro ~/
----------- SCAN SUMMARY -----------
Known viruses: 4297361
Engine version: 0.99.1
Scanned directories: 132235
Scanned files: 595659
Infected files: 0
Total errors: 4
Data scanned: 72096.62 MB
Data read: 136687.80 MB (ratio 0.53:1)
Time: 22133.709 sec (368 m 53 s)
It'll take loads of time to finish. As, almost, all other codlin tools --help or man clamscan displays all the options you can pass to the program. Next, you'll need to get ClamAv running automatically. Following the installation instructions, another extract:
Two launchd startup items have been installed.
To load clamd and freshclam do the following:
sudo launchctl load -w /Library/LaunchDaemons/org.macports.clamd.plist
sudo launchctl load -w /Library/LaunchDaemons/org.macports.freshclam.plist
To unload clamd and freshclam do the following:
sudo launchctl unload -w /Library/LaunchDaemons/org.macports.clamd.plist
sudo launchctl unload -w /Library/LaunchDaemons/org.macports.freshclam.plist
Issue both of the commands that loads the deamons, then check that the clamd is running.
ps -aef | grep clamd
The result should look somewhat like this:
0 25965 1 0 4:52PM ?? 0:07.78 /opt/local/sbin/clamd
If your are using Thunderbird and Firefox you can use ClamAv to scan your downloads and your mails. Install the firefox add-on Fireclam, and the Thunderbird add-on clamdrip LIN.
The clam drip LIN extension if meant for Linux only, but it's all runnable using the port version of ClamAv. simply press the: Download for Linux anyway link anyhu!
Next, go to the Thunderbird add on, and select the clam drib preferences. Configure it to listen to the clamd available on localhost:3310.
Now, all you have to do to verify that ClamAv is running, is to check your mail.
No comments:
Post a Comment