特殊:Badtitle/NS100:ClamAV:修订间差异
小无编辑摘要 |
小无编辑摘要 |
||
(未显示同一用户的4个中间版本) | |||
第3行: | 第3行: | ||
[http://www.clamav.net/ ClamAV] is a command line virus scanner. It can only detect viruses; it cannot remove them from files. It detects viruses on all platforms, but due to the popularity of the platform, it primarily detects Windows viruses and malware. | [http://www.clamav.net/ ClamAV] is a command line virus scanner. It can only detect viruses; it cannot remove them from files. It detects viruses on all platforms, but due to the popularity of the platform, it primarily detects Windows viruses and malware. | ||
Others antivirus running on Ubuntu can be found [[UbuntuHelp:Antivirus|here]]. | Others antivirus running on Ubuntu can be found [[UbuntuHelp:Antivirus|here]]. | ||
=== Installing | === Installing ClamAV === | ||
* '''Ubuntu 8.04''': ClamAV is in the Universe repository. (If you do not have Universe enabled, see [[UbuntuHelp:AddingRepositoriesHowto|AddingRepositoriesHowto]]). | |||
[ | * '''Ubuntu 8.10 and up''': ClamAV is in the Main repository, so no repositories need to be added. To read more about the differences between Main and Universe, see [http://www.ubuntu.com/community/ubuntustory/components Ubuntu Components]. | ||
ClamAV has two modes of operation; a program that loads into memory only when you want to scan a file, or for more regular use (such as scanning all incoming e-mail), a program that connects to a [http://www.wlug.org.nz/Daemon daemon] that is always running. | |||
Database updates can also be downloaded automatically . | Database updates can also be downloaded automatically . | ||
* For manual use: install the package <code><nowiki>clamav</nowiki></code>. | * For manual use: install the package <code><nowiki>clamav</nowiki></code>. | ||
* For automated use: install the package <code><nowiki>clamav-daemon</nowiki></code>. | * For automated use: install the package <code><nowiki>clamav-daemon</nowiki></code>. | ||
Both methods will also install <code><nowiki>clamav-freshclam</nowiki></code>, the updater. | Both methods will also install <code><nowiki>clamav-freshclam</nowiki></code>, the updater. | ||
After installing, you may be asked some questions about how to get virus signature updates. Select the download site closest to you. | After installing, you may be asked some questions about how to get virus signature updates. Select the download site closest to you. ClamAV updates are a very small download and it is well worth scheduling them to happen automatically. | ||
=== | If you see a message about ClamAV engine being outdated, most likely you aren't running the latest stable Ubuntu. | ||
For example on a hardy LTS machine... | |||
<pre><nowiki> | |||
root@hevelius:~# /etc/init.d/clamav-daemon restart | |||
* Stopping ClamAV daemon clamd [ OK ] | |||
* Starting ClamAV daemon clamd | |||
LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** | |||
LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** | |||
LibClamAV Warning: *********************************************************** | |||
[ OK ] | |||
</nowiki></pre> | |||
=== Installing ClamAV from the PPA === | |||
Updated packages are usually available from the Ubuntu-clamav team, | |||
[https://launchpad.net/~ubuntu-clamav/+archive/ppa https://launchpad.net/~ubuntu-clamav/+archive/ppa]. Note that the packages may not be completely functional and are supported by the community only. ClamAV has official support in Ubuntu for packages installed from the Main repository, since Ubuntu 8.10 (Intrepid). It takes some time to get them tested. The package for 0.95.1 that was initially released was somewhat broken (clamav-milter was non-functional). The Ubuntu-clamav team notes we are probably one more update away from having that sorted out. Once we have a solid package for Jaunty we'll start working on backports. | |||
To install the updated PPA packages on Ubuntu 8.04 (Hardy): | |||
<ol><li>Edit your sources.list, ie. "nano -w /etc/apt/sources.list" to include: <pre><nowiki> | |||
deb http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu hardy main | |||
</nowiki></pre> | |||
</li><li>Or add the repository via the graphical interface as shown at [[UbuntuHelp:Repositories/Ubuntu#Adding|Other Repositories|https://help.ubuntu.com/community/Repositories/Ubuntu#Adding Other Repositories]]. | |||
</li><li>Add the package's OpenPGP key to your keyring, so the package(s) can be authenticated, then update your packages list: <pre><nowiki> | |||
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xf80220d0e695a455e651ac4d8ab767895adc2037 | |||
sudo apt-get update | |||
sudo apt-get upgrade | |||
</nowiki></pre></li></ol> | |||
The code "0xf80..." must be entered on the same line as the "sudo apt-get" command. It may not be shown that way in your browser due to the text wrapping. | |||
The update process will detect an existing ClamAV install and update it with more recent versions from the PPA. | |||
=== Using ClamAV === | |||
'''How can I...''' | '''How can I...''' | ||
==== Update my virus definitions? ==== | ==== Update my virus definitions? ==== | ||
第34行: | 第62行: | ||
* To check all files on the computer, displaying the name of each file: <code><nowiki>clamscan -r / </nowiki></code> | * To check all files on the computer, displaying the name of each file: <code><nowiki>clamscan -r / </nowiki></code> | ||
* To check all files on the computer, but only display infected files and ring a bell when found: <code><nowiki>clamscan -r --bell -i /</nowiki></code> | * To check all files on the computer, but only display infected files and ring a bell when found: <code><nowiki>clamscan -r --bell -i /</nowiki></code> | ||
When | When ClamAV has scanned all the files you asked it to, it will report a summary: | ||
<pre><nowiki> | <pre><nowiki> | ||
----------- SCAN SUMMARY ----------- | ----------- SCAN SUMMARY ----------- | ||
第45行: | 第73行: | ||
Time: 20.831 sec (0 m 20 s) | Time: 20.831 sec (0 m 20 s) | ||
</nowiki></pre> | </nowiki></pre> | ||
https://help.ubuntu.com/community/IconsPage?action=AttachFile&do=get&target=info.png ClamAV can only read files that the user running it can read. If you want to check all files on the system, use the <code><nowiki>sudo</nowiki></code> command (see UsingSudo for more information). | |||
==== Run | ==== Run ClamAV as a daemon? ==== | ||
Install <code><nowiki>clamav-daemon</nowiki></code>. You can then use <code><nowiki>clamdscan</nowiki></code> where you would previously have used <code><nowiki>clamscan</nowiki></code>. | Install <code><nowiki>clamav-daemon</nowiki></code>. You can then use <code><nowiki>clamdscan</nowiki></code> where you would previously have used <code><nowiki>clamscan</nowiki></code>. | ||
Lots of programs, especially e-mail servers, can connect to a | Lots of programs, especially e-mail servers, can connect to a ClamAV daemon. This speeds up virus scanning as the program is always in memory. | ||
The <code><nowiki>clamav-daemon</nowiki></code> package creates a 'clamav' user; in order to allow | The <code><nowiki>clamav-daemon</nowiki></code> package creates a 'clamav' user; in order to allow ClamAV to scan system files, such as your mail spool, you can add clamav to the group that owns the files. | ||
==== Tell if clamav-daemon is running? ==== | ==== Tell if clamav-daemon is running? ==== | ||
Look for it in the processt list, or use this handy shortcut: <code><nowiki>ps ax | grep [c]lamd</nowiki></code> | Look for it in the processt list, or use this handy shortcut: <code><nowiki>ps ax | grep [c]lamd</nowiki></code> | ||
==== Remove files infected with viruses? ==== | ==== Remove files infected with viruses? ==== | ||
You can add --remove to the clamscan or clamdscan commandline. | You can add --remove to the clamscan or clamdscan commandline. | ||
https://help.ubuntu.com/community/IconsPage?action=AttachFile&do=get&target=warning.png ''Note'': No virus scanner is 100% accurate. It is always best to manually check the files you delete, if you are not totally sure that this is what you want to do. | |||
==== Find out what version of | ==== Find out what version of ClamAV I have? ==== | ||
Use <code><nowiki>clamdscan - | Use <code><nowiki>clamdscan -V</nowiki></code>: | ||
<pre><nowiki> | <pre><nowiki> | ||
user@ubuntu:/etc/clamav # clamdscan -V | user@ubuntu:/etc/clamav # clamdscan -V | ||
第63行: | 第91行: | ||
==== Learn about other options? ==== | ==== Learn about other options? ==== | ||
Try <code><nowiki>man clamscan</nowiki></code>. | Try <code><nowiki>man clamscan</nowiki></code>. | ||
==== Schedule | ==== Schedule ClamAV to run automatically? ==== | ||
You can use the <code><nowiki>at</nowiki></code> command to schedule clamscan or freshclam. For example: | You can use the <code><nowiki>at</nowiki></code> command to schedule clamscan or freshclam. For example: | ||
<pre><nowiki> | <pre><nowiki> | ||
at 3:30 tomorrow | at 3:30 tomorrow | ||
at>clamscan -i /home/user | at>clamscan -i /home/user | mail [email protected] | ||
at> <CTRL-D> | at> <CTRL-D> | ||
job 3 at 2005-04-28 03:30 | job 3 at 2005-04-28 03:30 | ||
</nowiki></pre> | </nowiki></pre> | ||
You have now scheduled a | You have now scheduled a ClamAV scan to happen on your home directory at 3:30 AM tomorrow. The output (showing only infected files) will be sent to you by e-mail. | ||
---- | ---- | ||
[[category:CategorySecurity]] | [[category:CategorySecurity]] | ||
[[category:UbuntuHelp]] | [[category:UbuntuHelp]] |
2010年5月19日 (三) 21:53的最新版本
文章出处: |
{{#if: | {{{2}}} | https://help.ubuntu.com/community/ClamAV }} |
点击翻译: |
English {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/af | • {{#if: UbuntuHelp:ClamAV|Afrikaans| [[::ClamAV/af|Afrikaans]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ar | • {{#if: UbuntuHelp:ClamAV|العربية| [[::ClamAV/ar|العربية]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/az | • {{#if: UbuntuHelp:ClamAV|azərbaycanca| [[::ClamAV/az|azərbaycanca]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/bcc | • {{#if: UbuntuHelp:ClamAV|جهلسری بلوچی| [[::ClamAV/bcc|جهلسری بلوچی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/bg | • {{#if: UbuntuHelp:ClamAV|български| [[::ClamAV/bg|български]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/br | • {{#if: UbuntuHelp:ClamAV|brezhoneg| [[::ClamAV/br|brezhoneg]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ca | • {{#if: UbuntuHelp:ClamAV|català| [[::ClamAV/ca|català]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/cs | • {{#if: UbuntuHelp:ClamAV|čeština| [[::ClamAV/cs|čeština]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/de | • {{#if: UbuntuHelp:ClamAV|Deutsch| [[::ClamAV/de|Deutsch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/el | • {{#if: UbuntuHelp:ClamAV|Ελληνικά| [[::ClamAV/el|Ελληνικά]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/es | • {{#if: UbuntuHelp:ClamAV|español| [[::ClamAV/es|español]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/fa | • {{#if: UbuntuHelp:ClamAV|فارسی| [[::ClamAV/fa|فارسی]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/fi | • {{#if: UbuntuHelp:ClamAV|suomi| [[::ClamAV/fi|suomi]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/fr | • {{#if: UbuntuHelp:ClamAV|français| [[::ClamAV/fr|français]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/gu | • {{#if: UbuntuHelp:ClamAV|ગુજરાતી| [[::ClamAV/gu|ગુજરાતી]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/he | • {{#if: UbuntuHelp:ClamAV|עברית| [[::ClamAV/he|עברית]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/hu | • {{#if: UbuntuHelp:ClamAV|magyar| [[::ClamAV/hu|magyar]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/id | • {{#if: UbuntuHelp:ClamAV|Bahasa Indonesia| [[::ClamAV/id|Bahasa Indonesia]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/it | • {{#if: UbuntuHelp:ClamAV|italiano| [[::ClamAV/it|italiano]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ja | • {{#if: UbuntuHelp:ClamAV|日本語| [[::ClamAV/ja|日本語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ko | • {{#if: UbuntuHelp:ClamAV|한국어| [[::ClamAV/ko|한국어]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ksh | • {{#if: UbuntuHelp:ClamAV|Ripoarisch| [[::ClamAV/ksh|Ripoarisch]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/mr | • {{#if: UbuntuHelp:ClamAV|मराठी| [[::ClamAV/mr|मराठी]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ms | • {{#if: UbuntuHelp:ClamAV|Bahasa Melayu| [[::ClamAV/ms|Bahasa Melayu]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/nl | • {{#if: UbuntuHelp:ClamAV|Nederlands| [[::ClamAV/nl|Nederlands]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/no | • {{#if: UbuntuHelp:ClamAV|norsk| [[::ClamAV/no|norsk]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/oc | • {{#if: UbuntuHelp:ClamAV|occitan| [[::ClamAV/oc|occitan]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/pl | • {{#if: UbuntuHelp:ClamAV|polski| [[::ClamAV/pl|polski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/pt | • {{#if: UbuntuHelp:ClamAV|português| [[::ClamAV/pt|português]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ro | • {{#if: UbuntuHelp:ClamAV|română| [[::ClamAV/ro|română]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/ru | • {{#if: UbuntuHelp:ClamAV|русский| [[::ClamAV/ru|русский]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/si | • {{#if: UbuntuHelp:ClamAV|සිංහල| [[::ClamAV/si|සිංහල]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/sq | • {{#if: UbuntuHelp:ClamAV|shqip| [[::ClamAV/sq|shqip]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/sr | • {{#if: UbuntuHelp:ClamAV|српски / srpski| [[::ClamAV/sr|српски / srpski]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/sv | • {{#if: UbuntuHelp:ClamAV|svenska| [[::ClamAV/sv|svenska]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/th | • {{#if: UbuntuHelp:ClamAV|ไทย| [[::ClamAV/th|ไทย]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/tr | • {{#if: UbuntuHelp:ClamAV|Türkçe| [[::ClamAV/tr|Türkçe]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/vi | • {{#if: UbuntuHelp:ClamAV|Tiếng Việt| [[::ClamAV/vi|Tiếng Việt]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/yue | • {{#if: UbuntuHelp:ClamAV|粵語| [[::ClamAV/yue|粵語]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/zh | • {{#if: UbuntuHelp:ClamAV|中文| [[::ClamAV/zh|中文]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/zh-hans | • {{#if: UbuntuHelp:ClamAV|中文(简体)| [[::ClamAV/zh-hans|中文(简体)]]}}|}} {{#ifexist: {{#if: UbuntuHelp:ClamAV | UbuntuHelp:ClamAV | {{#if: | :}}ClamAV}}/zh-hant | • {{#if: UbuntuHelp:ClamAV|中文(繁體)| [[::ClamAV/zh-hant|中文(繁體)]]}}|}} |
{{#ifeq:UbuntuHelp:ClamAV|:ClamAV|请不要直接编辑翻译本页,本页将定期与来源同步。}} |
{{#ifexist: :ClamAV/zh | | {{#ifexist: ClamAV/zh | | {{#ifeq: {{#titleparts:ClamAV|1|-1|}} | zh | | }} }} }} {{#ifeq: {{#titleparts:ClamAV|1|-1|}} | zh | | }}
ClamAV is a command line virus scanner. It can only detect viruses; it cannot remove them from files. It detects viruses on all platforms, but due to the popularity of the platform, it primarily detects Windows viruses and malware. Others antivirus running on Ubuntu can be found here.
Installing ClamAV
- Ubuntu 8.04: ClamAV is in the Universe repository. (If you do not have Universe enabled, see AddingRepositoriesHowto).
- Ubuntu 8.10 and up: ClamAV is in the Main repository, so no repositories need to be added. To read more about the differences between Main and Universe, see Ubuntu Components.
ClamAV has two modes of operation; a program that loads into memory only when you want to scan a file, or for more regular use (such as scanning all incoming e-mail), a program that connects to a daemon that is always running. Database updates can also be downloaded automatically .
- For manual use: install the package
clamav
. - For automated use: install the package
clamav-daemon
.
Both methods will also install clamav-freshclam
, the updater.
After installing, you may be asked some questions about how to get virus signature updates. Select the download site closest to you. ClamAV updates are a very small download and it is well worth scheduling them to happen automatically.
If you see a message about ClamAV engine being outdated, most likely you aren't running the latest stable Ubuntu.
For example on a hardy LTS machine...
root@hevelius:~# /etc/init.d/clamav-daemon restart * Stopping ClamAV daemon clamd [ OK ] * Starting ClamAV daemon clamd LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** LibClamAV Warning: *********************************************************** [ OK ]
Installing ClamAV from the PPA
Updated packages are usually available from the Ubuntu-clamav team, https://launchpad.net/~ubuntu-clamav/+archive/ppa. Note that the packages may not be completely functional and are supported by the community only. ClamAV has official support in Ubuntu for packages installed from the Main repository, since Ubuntu 8.10 (Intrepid). It takes some time to get them tested. The package for 0.95.1 that was initially released was somewhat broken (clamav-milter was non-functional). The Ubuntu-clamav team notes we are probably one more update away from having that sorted out. Once we have a solid package for Jaunty we'll start working on backports. To install the updated PPA packages on Ubuntu 8.04 (Hardy):
- Edit your sources.list, ie. "nano -w /etc/apt/sources.list" to include:
deb http://ppa.launchpad.net/ubuntu-clamav/ppa/ubuntu hardy main
- Or add the repository via the graphical interface as shown at Other Repositories|https://help.ubuntu.com/community/Repositories/Ubuntu#Adding Other Repositories.
- Add the package's OpenPGP key to your keyring, so the package(s) can be authenticated, then update your packages list:
sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xf80220d0e695a455e651ac4d8ab767895adc2037 sudo apt-get update sudo apt-get upgrade
The code "0xf80..." must be entered on the same line as the "sudo apt-get" command. It may not be shown that way in your browser due to the text wrapping. The update process will detect an existing ClamAV install and update it with more recent versions from the PPA.
Using ClamAV
How can I...
Update my virus definitions?
Use freshclam
.
You will see an output like this:
user@ubuntu:/etc/clamav # freshclam ClamAV update process started at Wed Apr 27 00:06:47 2005 main.cvd is up to date (version: 31, sigs: 33079, f-level: 4, builder: tkojm) daily.cvd is up to date (version: 855, sigs: 714, f-level: 4, builder: ccordes)
Proxy
If you are using a http proxy to connect to the internet you will have to edit the file /etc/clamav/freshclam.conf adding:
HTTPProxyServer serveraddress HTTPProxyPort portnumber
Scan files for viruses using clamav?
Use clamscan
.
Examples:
- To check files in the all users home directories:
clamscan -r /home
- To check all files on the computer, displaying the name of each file:
clamscan -r /
- To check all files on the computer, but only display infected files and ring a bell when found:
clamscan -r --bell -i /
When ClamAV has scanned all the files you asked it to, it will report a summary:
----------- SCAN SUMMARY ----------- Known viruses: 33840 Scanned directories: 145 Scanned files: 226 Infected files: 1 Data scanned: 54.22 MB I/O buffer size: 131072 bytes Time: 20.831 sec (0 m 20 s)
ClamAV can only read files that the user running it can read. If you want to check all files on the system, use the sudo
command (see UsingSudo for more information).
Run ClamAV as a daemon?
Install clamav-daemon
. You can then use clamdscan
where you would previously have used clamscan
.
Lots of programs, especially e-mail servers, can connect to a ClamAV daemon. This speeds up virus scanning as the program is always in memory.
The clamav-daemon
package creates a 'clamav' user; in order to allow ClamAV to scan system files, such as your mail spool, you can add clamav to the group that owns the files.
Tell if clamav-daemon is running?
Look for it in the processt list, or use this handy shortcut: ps ax | grep [c]lamd
Remove files infected with viruses?
You can add --remove to the clamscan or clamdscan commandline. Note: No virus scanner is 100% accurate. It is always best to manually check the files you delete, if you are not totally sure that this is what you want to do.
Find out what version of ClamAV I have?
Use clamdscan -V
:
user@ubuntu:/etc/clamav # clamdscan -V ClamAV 0.83/855/Tue Apr 26 06:40:32 2005
Learn about other options?
Try man clamscan
.
Schedule ClamAV to run automatically?
You can use the at
command to schedule clamscan or freshclam. For example:
at 3:30 tomorrow at>clamscan -i /home/user | mail [email protected] at> <CTRL-D> job 3 at 2005-04-28 03:30
You have now scheduled a ClamAV scan to happen on your home directory at 3:30 AM tomorrow. The output (showing only infected files) will be sent to you by e-mail.