Monday, June 06, 2005
Virus scanning with ClamAV
To date, Linux has experienced only a small number of viruses. Some of these viruses exist but aren't active, and they certainly don't propagate like viruses for Windows. As Linux on the desktop reaches critical mass, there's a possibility that more viruses will appear, but that may still be a long ways off. This being the case, you may wonder why Linux has so many virus scanners.
Linux plays a critical role in server systems and mixed platform environments. Thus, virus scanners for Linux are essential when serving e-mail or files to Windows clients. If you can remove the viral threat before it hits the Windows clients, those clients become safer and less prone to infection.
One open source virus scanner that deserves mentioning is ClamAV. You can plug ClamAV directly into e-mail servers, and it will scan for viruses as the e-mail arrives--before it's delivered to users' mailboxes. It also performs routine scans on files that are served up to Windows clients via Samba sharing. ClamAV even has plugins for scanning files on the fly as they are accessed via Samba.
Most Linux distributions ship with ClamAV, so using this tool is often as simple as installing a pre-packed archive. Another option is to download it from the ClamAV Web site, which provides additional links to ClamAV scanners built for Windows and Mac OS X.
ClamAV works as a client/server system, but you can use it as a stand-alone scanner as well. To initiate the simplest invocation of ClamAV, run the following command:
$ clamscan -r -l scan.log /home/user
This will tell ClamAV to perform a recursive scan on the /home/user directory for any viruses, and it will save the scan results in the file scan.log. If you're a Linux administrator, be sure to include ClamAV in your security arsenal.
Linux plays a critical role in server systems and mixed platform environments. Thus, virus scanners for Linux are essential when serving e-mail or files to Windows clients. If you can remove the viral threat before it hits the Windows clients, those clients become safer and less prone to infection.
One open source virus scanner that deserves mentioning is ClamAV. You can plug ClamAV directly into e-mail servers, and it will scan for viruses as the e-mail arrives--before it's delivered to users' mailboxes. It also performs routine scans on files that are served up to Windows clients via Samba sharing. ClamAV even has plugins for scanning files on the fly as they are accessed via Samba.
Most Linux distributions ship with ClamAV, so using this tool is often as simple as installing a pre-packed archive. Another option is to download it from the ClamAV Web site, which provides additional links to ClamAV scanners built for Windows and Mac OS X.
ClamAV works as a client/server system, but you can use it as a stand-alone scanner as well. To initiate the simplest invocation of ClamAV, run the following command:
$ clamscan -r -l scan.log /home/user
This will tell ClamAV to perform a recursive scan on the /home/user directory for any viruses, and it will save the scan results in the file scan.log. If you're a Linux administrator, be sure to include ClamAV in your security arsenal.