Installing ClamAV on CentOS / Red Hat Servers

Bare Metal Servers and Cloud Server Hosting

InetServices offers both Windows and Linux bare metal server hosting, and cloud server hosting for any small to medium size business. We also offer both PCI and HIPAA Compliant servers allowing you to achieve PCI or HIPAA Compliance without all the worries of figuring it out. InetServices offers much more than just dedicated servers and cloud servers, we offer you a complete solution to your hosting needs including Big Data, Disaster Recovery, and High Availability services.

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file

scanning, and an intelligent tool for automatic signature updates. The core ClamAV library provides numerous file format detection mechanisms, file unpacking support, archive support, and multiple signature languages for detecting threats. The core ClamAV library is utilized in Immunet 3.0, powered by ClamAV, which is a fast, fully featured Desktop AV solution for Windows.

ClamAV Install Steps:

You should know what bit version of os you running.

cat /etc/redhat-release
uname -a (x86 = 64 bit / i386 or i686 = 32 bit)
you should know we would only use clamscan and not clamd to scan for virus. If you like to learn more about the difference between the 2, you can check out

1.Change to your SRC install directory “cd /usr/src”

2.Download below Clamav files.

clamav-0.97.5-2.el5.rf.x86_64.rpm

clamav-db-0.97.5-2.el5.rf.x86_64.rpm

clamav-devel-0.97.5-2.el5.rf.x86_64.rpm

clamd-0.97.5-2.el5.rf.x86_64.rpm

http://www.rpmfind.net/linux/rpm2html/search.php?query=clamav

[root@inet1xxx src]# rpm -ivh clam*

warning: clamav-0.97.5-2.el5.rf.x86_64.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6

Preparing… ########################################### [100%]

1:clamav-db ########################################### [ 25%]

2:clamav ########################################### [ 50%]

3:clamav-devel ########################################### [ 75%]

4:clamd ########################################### [100%]

1.Run Freshclam to download the newest pattern files: “/usr/bin/freshclam -v”

The new pattern are download to /var/clamav.

if you get error below, then just create the file by “touch /var/run/clamav/clamd.sock” and “chown clamav:clamav /var/run/clamav/clamd.sock”

WARNING: Clamd was NOT notified: Can’t connect to clamd through /var/run/clamav/clamd.sock

2.Make sure have a script in /etc/cron.daily called freshclam so it will go update virus patterns every night. If not, put one in there “/usr/bin/freshclam –quiet”

3.Create a daily ClamAV scan schedule:

Run “vi /var/clamav/clamscan.sh” to create the file and add below into file. Just add the folders below and DO NOT just put “/” or else it would scan any new mount points. IE. NFS share. The would tell the system to scan the NFS shares and we all know how big the NFS shares. If all systems scan the NFS share for virus, we can bring the NFS server to a halt.

#!/bin/sh

/usr/bin/clamscan -ri /var /root /home –exclude-dir=/home/oracle >/var/clamav/scanout

cat /var/clamav/scanout | grep -v errors >>/var/clamav/mailbody.txt

#mail -s “Inetxxx Clamscan Results” mail@anyone.com </var/clamav/mailbody.txt

cp /var/clamav/mailbody.template /var/clamav/mailbody.txt

Note: Make sure you change the hostname of the server and the email address to the customer.

Create /var/clamav/mailbody.txt and mailbody.template and put below in both file.

Sample:

This daily clamav scan report is to keeping you informed about any virus found on your system.

NOTE: Below the line is the output of the virus scan results.

Bare Metal Servers and Cloud Server Hosting

Installing ClamAV on CentOS / Red Hat Servers
Home / CentOS / Installing ClamAV on CentOS / Red Hat Servers

Leave a Reply Cancel reply