How to install ClamAV on Ubuntu 17.04
To install ClamAV on Ubuntu 17.04
Having your system and server affected by malicious elements is perhaps the last thing you would want. Installing a powerful anti-virus software could keep your system immune to those malicious elements like virus, malware, spyware, etc. Once such Anti-Virus known to have these properties is ClamAV.
ClamAV is free, open source, cross platform and command-line based antivirus software. One of the most notable features of ClamAV is its ability to function as a server side email virus scanner. We have already covered the installation of ClamAV on the previous versions of Ubuntu, now we' ll guide you through the installation of ClamAV on Ubuntu 17.04
Installing ClamAV
Begin the installation of ClamAV by running the following command.
root@linuxhelp1:~# apt install clamav -y
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
clamav-base clamav-freshclam libclamav7 libllvm3.9 libmspack0 libtfm1
Suggested packages:
clamav-docs libclamunrar7
The following NEW packages will be installed:
clamav clamav-base clamav-freshclam libclamav7 libllvm3.9 libmspack0 libtfm1
0 upgraded, 7 newly installed, 0 to remove and 56 not upgraded.
1 not fully installed or removed.
Need to get 12.3 MB of archives.
After this operation, 50.1 MB of additional disk space will be used.
Get:1 http://in.archive.ubuntu.com/ubuntu zesty/main amd64 libmspack0 amd64 0.5-1 [38.2 kB]
Get:2 http://in.archive.ubuntu.com/ubuntu zesty/main amd64 clamav-base all 0.99.2+dfsg-6 [57.8 kB]
.
.
.
Processing triggers for libc-bin (2.24-9ubuntu2.2) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for systemd (232-21ubuntu2) ...
Once the installation is done, invoke the following command to edit freshclam config.
root@linuxhelp1:~# sed -i -e " s/^NotifyClamd/#NotifyClamd/g" /etc/clamav/freshclam.conf
After that, stop the clam server and update the machine by running the following command.
root@linuxhelp1:~# /etc/init.d/clamav-freshclam stop [ ok ] Stopping clamav-freshclam (via systemctl): clamav-freshclam.service. root@linuxhelp1:~# freshclam ClamAV update process started at Mon Jun 19 23:41:10 2017 Downloading main.cvd [100%] main.cvd updated (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) WARNING: getfile: Unknown response from db.local.clamav.net (IP: 219.94.128.99) WARNING: Can' t download daily.cvd from db.local.clamav.net . . . Downloading daily.cvd [100%] daily.cvd updated (version: 23488, sigs: 1736840, f-level: 63, builder: neo) Downloading bytecode.cvd [100%] bytecode.cvd updated (version: 303, sigs: 59, f-level: 63, builder: anvilleg) Database updated (6303148 signatures) from db.local.clamav.net (IP: 27.96.54.66)
Now, you can start the ClamAV service as follows.
root@linuxhelp1:~# /etc/init.d/clamav-freshclam start
[ ok ] Starting clamav-freshclam (via systemctl): clamav-freshclam.service.
ClamAV is fully functional now. Start the scan by triggering the following command.
root@linuxhelp1:~# clamscan --infected --remove --recursive /home
----------- SCAN SUMMARY -----------
Known viruses: 6297599
Engine version: 0.99.2
Scanned directories: 82
Scanned files: 82
Infected files: 0
Data scanned: 3.77 MB
Data read: 2.86 MB (ratio 1.32:1)
Time: 15.577 sec (0 m 15 s)
Here in the scan, there isn' t any infected file. You can also download an infected virus file as shown below for testing
root@linuxhelp1:~# wget http://www.eicar.org/download/eicar.com
--2017-06-20 00:10:38-- http://www.eicar.org/download/eicar.com
Resolving www.eicar.org (www.eicar.org)... 213.211.198.62
Connecting to www.eicar.org (www.eicar.org)|213.211.198.62|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 68 [application/octet-stream]
Saving to: ‘ eicar.com’
eicar.com 100%[=========================================================================================> ] 68 --.-KB/s in 0s
2017-06-20 00:10:42 (10.7 MB/s) - ‘ eicar.com’ saved [68/68]
This file contains virus and it is for testing with ClamAV
Once the infected file is downloaded, run ClamAV scan again.
root@linuxhelp1:~# clamscan --infected --remove --recursive ./
./eicar.com: Eicar-Test-Signature FOUND
./eicar.com: Removed.
----------- SCAN SUMMARY -----------
Known viruses: 6297599
Engine version: 0.99.2
Scanned directories: 81
Scanned files: 83
Infected files: 1
Data scanned: 3.77 MB
Data read: 2.86 MB (ratio 1.32:1)
Time: 13.544 sec (0 m 13 s)
At the end of the scan, ClamAV finds the infected file and have removed it.
These are the steps involved in the installation of ClamAV on Ubuntu 17.04. ClamAV is a useful anti-virus application and comes with a command-line scanner, automatic database updater and a scalable multi-threaded daemon, running on an anti-virus engine.
Comments ( 1 )