Fedora 13
Sponsored Link

Anti-Virus - Clamav2010/06/02

  Install Clam AntiVirus to protect from virus.

06/02/2010 now, Clamav in Fedora repository is old.
So if you use latest Clamav, See the procedure [2].
If you use the package in Fedora repository, See the procedure [1].

[1] Install Clamav from Fedora repository
[root@mail ~]#
yum -y install clamav clamav-update


[root@mail ~]#
vi /etc/freshclam.conf


# line 8: make it comment

#
Example

[root@mail ~]#
freshclam
# update pattern files

ClamAV update process started at Wed Jun 2 21:54:37 2010
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.95.3 Recommended version: 0.96.1
DON'T PANIC! Read http://www.clamav.net/support/faq
main.cld is up to date (version: 52, sigs: 704727, f-level: 44, builder: sven)
daily.cvd is up to date (version: 11120, sigs: 85298, f-level: 51, builder: ccordes)
[2] Install latest Clamav from SRPM
[root@mail ~]#
yum -y install bzip2-devel curl-devel gmp-devel ncurses-devel zlib-devel sendmail-devel check-devel


[root@mail ~]#
wget http://packages.sw.be/clamav/clamav-0.96.1-1.el5.src.rpm


[root@mail ~]#
rpmbuild --rebuild clamav-0.96.1-1.el5.src.rpm

[root@mail ~]#
cd /root/rpmbuild/RPMS/x86_64

[root@mail x86_64]#
rpm -Uvh clamav-0.96.1-1.fc13.x86_64.rpm clamav-db-0.96.1-1.fc13.x86_64.rpm

Preparing...
################################ [100%]

   1:clamav-db
################################ [50%]

   2:clamav
################################ [100%]


# if you configure to run with Squid, install clamd too

[root@mail x86_64]#
rpm -Uvh clamd-0.96.1-1.fc13.x86_64.rpm

Preparing...
################################ [100%]

   1:clamd
################################ [100%]


[root@mail x86_64]#
[root@mail ~]#
vi /etc/freshclam.conf


# line 115: make it comment

#
NotifyClamd /etc/clamd.conf

[root@mail ~]#
freshclam
# update pattern files

ClamAV update process started at Mon May 31 23:03:34 2010
main.cvd is up to date (version: 52, sigs: 704727, f-level: 44, builder: sven)
daily.cvd is up to date (version: 11106, sigs: 84207, f-level: 51, builder: arnaud)
bytecode.cvd is up to date (version: 21, sigs: 3, f-level: 51, builder: nervous)
[3] Try to scan
[root@mail ~]#
clamscan --infected --remove --recursive /home


----------- SCAN SUMMARY -----------
Known viruses: 788232
Engine version: 0.96.1
Scanned directories: 83
Scanned files: 66
Infected files: 0
Data scanned: 2.04 MB
Data read: 1.98 MB (ratio 1.03:1)
Time: 4.027 sec (0 m 4 s)

# try to download trial virus

[root@mail ~]#
wget http://www.eicar.org/download/eicar.com


[root@mail ~]#
clamscan --infected --remove --recursive .

./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed.
# just detected


----------- SCAN SUMMARY -----------
Known viruses: 788232
Engine version: 0.96.1
Scanned directories: 1
Scanned files: 13
Infected files: 1
Data scanned: 24.85 MB
Data read: 24.75 MB (ratio 1.00:1)
Time: 5.320 sec (0 m 5 s)
Matched Content