Install and configure ClamAV to scan for viruses on a local machine
The distribution in this walkthrough will be based on Ubuntu 16.04, there shouldn't however be any issues with new distributions.
Compared to an operating system like Windows, malicious software isn't all that common - they do however exist. Very often, valuable assets are placed on Linux based operating systems, it is, therefore, a good idea to install some form of anti-virus software to routinely scan form malicious content.
Compared to the typical Windows-based antivirus software, ClamAV will not constantly run in the background and therefore use less system resources (such as RAM, etc...).
The needed dependencies for ClamAV will be available in the Ubuntu repository, and can therefore simply be installed with aptitude.
$ sudo apt install clamav
Update the local threat database
To make sure the signature database ClamAV uses are up-to-date, we will start by updating the local database. Once the service has started, the update daemon will run quietly in the background and it shouldn't be necessary to manually update the database again later.
If we want to update the database manually, we need to temporally stop the ClamAV service
$ sudo systemctl stop clamav-freshclam
Now we run
freshclam to update the local virus definitions
$ sudo freshclam
After that is completed, we need to start the service again.
$ sudo systemctl start clamav-freshclam
ClamAV should now be updated and the daemon should be running in the background
ClamAV has alot of different command-line options, by using a set of different paraments you can display the information you find relevant.
By using the command
clamscan --help you can see some of the possible parameters
In this example, I will be running clamscan with the following parameters
$ clamscan -i -r --max-scansize=4000M --max-filesize=4000M ~/Downloads
- -i Tells ClamAV to take the resoult of the scan and only disply infected files
- -r Will make the scan recursive
- --max-scansize= This is the maximum amount of data we will allow ClamAV to scan through, in our case we set it to 4000MB
- --max-filesize= This is the maximum file size for each individual file, in our perameter we set the limit to 4000MB