ClamAV Antivirus
ClamAV is a free, open-source antivirus engine for Linux.
Installation
# Debian/Ubuntu
sudo apt install clamav clamav-daemon
# RHEL/CentOS
sudo dnf install clamav clamav-update clamd
# Update virus definitions
sudo freshclamManual Scanning
# Scan directory
clamscan /home/user
# Recursive scan
clamscan -r /var/www
# Scan with output only infected
clamscan -ri /home
# Scan and remove infected
clamscan -ri --remove /path/to/scan
# Scan with summary
clamscan -ri --bell --log=/var/log/clamav-scan.log /homeDaemon Mode
# Start clamd
sudo systemctl start clamav-daemon
# Scan using daemon (faster)
clamdscan /home/user
# Check daemon status
sudo systemctl status clamav-daemonAutomated Scanning
# /etc/cron.daily/clamscan
#!/bin/bash
LOGFILE="/var/log/clamav/daily-scan.log"
clamscan -ri --exclude-dir="^/sys" / > $LOGFILE 2>&1
# Email if infected
INFECTED=$(grep "Infected files:" $LOGFILE | cut -d: -f2 | tr -d ' ')
if [ "$INFECTED" -gt 0 ]; then
mail -s "ClamAV: Infections Found" [email protected] < $LOGFILE
fiDefinition Updates
# Manual update
sudo freshclam
# Auto-update service
sudo systemctl enable clamav-freshclam
sudo systemctl start clamav-freshclam
# Check definition date
sigtool --info /var/lib/clamav/main.cvdScan Options
| Option | Effect |
|---|---|
| -r | Recursive |
| -i | Show infected only |
| --remove | Delete infected |
| --move=DIR | Move infected to DIR |
| --exclude-dir | Skip directory |
| --log=FILE | Log to file |
- clamav
- antivirus
- malware
- virus scanner
- security