clamav
Table of Contents
If you want to send us your comments, please do so. Thanks
More on comments
ClamAV
Antivirus program
Can get data from: https://rsync.sanesecurity.com
Installation
Install clamav with aptitude
clamav clamav-daemon clamav-unofficial-sigs clamtk libclamunrar7
and the needed dependencies
Configuration
Run, whithout this ran Clamav does not work,
dpkg-reconfigure clamav-daemon
and answer the questions:
Question | Prefred answer | Remark |
---|---|---|
Handle the configuration file automatically? | Yes | |
Please choose the type of socket clamd will be listening on. | UNIX | |
Local (UNIX) socket clamd will listen on | /var/run/clamav/clamd.ctl | |
Group owner of clamd local (UNIX) socket | clamav | |
Creation mode for clamd local (UNIX) socket | 666 | |
Gracefully handle left-over UNIX socket files? | Yes | |
Do you want to enable mail scanning? | Yes | |
Do you want to enable archive scanning? | Yes | |
Maximum stream length (unit Mb) allowed | 25 | |
Maximum directory depth that will be allowed | 15 | |
Do you want the daemon to follow regular file symlinks? | No | |
Timeout for stopping the thread-scanner (seconds) | 180 | |
Number of threads for the daemon | 12 | Or the maximum number off thread your system can handle |
Number of pending connections allowed | 15 | |
Do you want to use the system logger? | No | |
Log file for clamav-daemon (enter none to disable) | /var/log/clamav/clamav.log | |
Do you want to log time information with each message? | Yes | |
Do you want to enable log rotation? | Yes | |
Do you want to enable on-access scanning? | No | |
Maximum file size to scan | 5M | |
Do you want to permit the use of the ALLMATCHSCAN command? | Yes | |
Do you want memory or nested map scans to dump the content to disk? | No | |
Do you want to completely turn off authenticode verification? | No | |
Do you want to enable scanning within SWF files? | Yes | |
Maximum size of a file to check for embedded PE | 1M | Original 10M. Warning: Note: disabling this limit or setting it too high may result in severe damage to the system |
Maximum size of a HTML file to normalize | 1M | Original 10M. Warning: Note: disabling this limit or setting it too high may result in severe damage to the system |
Maximum size of a normalized HTML file to scan | 1M | Original 2M. Warning: Note: disabling this limit or setting it too high may result in severe damage to the system |
Maximum size of a script file to normalize | 5M | Original 5M. Warning: Note: disabling this limit or setting it too high may result in severe damage to the system |
Maximum size of a ZIP file to reanalyze type recognition | 1M | Original 1M. Warning: Note: disabling this limit or setting it too high may result in severe damage to the system |
Delay in seconds between daemon self checks | 3600 | |
User to run clamav-daemon as | clamav | |
Groups for clamav-daemon (space-separated) | ||
Do you want to load bytecode from the database? | Yes | |
Security level to apply to the bytecode | TrustSigned | Alternatieve: Paranoid |
Bytecode execution timeout in milliseconds | 60000 |
cli commands
clamscan --max-filesize=10M --max-scansize=10M --exclude-dir=/sys/* --bell --infected --recursive /home/user/Downloads/
--infected : Only print infected files
Main subjects on this wiki: Linux, Debian, HTML, Microcontrollers, Privacy
RSS
Disclaimer
Privacy statement
Bugs statement
Cookies
Copyright © : 2014 - 2024 Webevaluation.nl and the authors
Changes reserved.
clamav.txt · Last modified: 21-12-2021 14:54 by wim