Install and configure ClamAV Antivirus on CentOS 6

Today we take a look at the ClamAV antivirus software and how to use it to protect your server or desktop. ClamAV is an open source antivirus software for detecting virus on Linux platform. It designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon.

Features

  • Licensed under the GNU General Public License, Version 2 ;
  • POSIX compliant, portable ;
  • Fast scanning ;
  • Supports on-access scanning (Linux and FreeBSD only).

The installation and Configuration guide will show you the steps to install and configure ClamAV.

Let us get started.

Note: In our installation guide we are using Centos 6.4 , 64bit. Before we can do proceed, you must ensure that you have the EPEL yum repository enabled. to do this..

a) Check architecture

# uname -a

b) Know OS version

# cat /etc/redhat-release

For more details to know about your distribution version and architecture, refer the following guide.

c) Now enable EPEL  repository

CentOS 6.x 32-bit:

# rpm –ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

CentOS 6.x 64-bit:

# rpm –ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

d) Check the repository list.

# yum repolist

Now Install ClamAV as shown below.

1 – Install required ClamAV packages

 # yum install clamav clamd

2 – Start the clamd service and set it to auto-start

# /etc/init.d/clamd on
# chkconfig clamd on
# /etc/init.d/clamd start

3 – Update the virus definitions database using command:

# /usr/bin/freshclam

Note: ClamAV will update automatically, as part of /etc/cron.daily/freshclam.)

4 – Set the cron job on a daily / hour / weekly to perform scan . In below example , we are going to create a cronjob on daily  to scan the folder /home/

# vi /etc/cron.daily/dailyscan
#!/bin/bash
SCAN_DIR="/home"
LOG_FILE="/var/log/clamav/dailyscan.log"
/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE

5 – Set the executable permission

# chmod +x /etc/cron.daily/dailyscan

Reference links: