Questions tagged [clamav]

Antivirus for UNIX-like systems primarily for mailserver integration.

Clam AntiVirus is an open source (GPL) anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates. The core of the package is an anti-virus engine available in a form of shared library.

  • command-line scanner
  • fast, multi-threaded daemon with support for on-access scanning
  • milter interface for sendmail
  • advanced database updater with support for scripted updates and digital signatures
  • virus scanner C library
  • on-access scanning (Linux® and FreeBSD®)
  • virus database updated multiple times per day (see home page for total number of signatures)
  • built-in support for various archive formats, including Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others
  • built-in support for almost all mail file formats
  • built-in support for ELF executables and Portable Executable files compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others

Official site: www.clamav.net

154 questions
28
votes
3 answers

How should I test Clam Anti-Virus?

I have setup a new email server and now I need to test that Clam Antivirus is scanning messages correctly. How should I do this in a safe and controlled way?
karthick
  • 663
  • 3
  • 7
  • 13
10
votes
2 answers

Is there a way to know why a service is restarted and who did it?

Ubuntu 14.04 clamav 0.98.7 The problem is clamav-daemon is restarted nearly daily: Sep 1 06:30:00 x-master clamd[6778]: Pid file removed. clamd[6778]: --- Stopped at Tue Sep 1 06:30:00 2015 clamd[5979]: clamd daemon 0.98.7 (OS: linux-gnu, ARCH:…
quanta
  • 50,327
  • 19
  • 152
  • 213
9
votes
5 answers

Web Server Security Overkill?

I've been doing "extensive" research on securing a linux web server. On top of what is considered the "basics" (removing unused services, hardening ssh, iptables, etc.) is it wise to include anti-rootkits (Tripwire) and an anti-virus (ClamAV)? Are…
Aaron
  • 91
  • 2
9
votes
8 answers

Is it safe to disable clamd?

Clamd is taking up about 5% of my memory (2GB) on my dedicated server (running linux) and I'm wondering if I can disable it without any security risks. The server just hosts a few of my own websites. For the most part, email received and sent is…
mk1000
  • 255
  • 1
  • 3
  • 4
8
votes
3 answers

Is there a way to keep ClamAV updated on Debian 8?

Since upgrading to Debian 8 my syslog is full of ...freshclam[17851]: WARNING: Your ClamAV installation is OUTDATED! ...freshclam[17851]: WARNING: Local version: 0.98.7 Recommended version: 0.99 ...freshclam[17851]: DON'T PANIC! Read…
artfulrobot
  • 2,627
  • 11
  • 30
  • 56
6
votes
3 answers

How to make `clamdscan` exclude folders and only log `--infected`?

My server is centos 7.4, with clamav 0.101.1-1.el7. When I run clamscan -r --infected --exclude-dir="^/sys" / through terminal, I always wait more than 6 hours to get output. And if I close terminal, clamscan will stop. Then I want to use…
kittygirl
  • 855
  • 4
  • 10
  • 29
6
votes
5 answers

clamav error: mpool_malloc(): Attempt to allocate 8388608 bytes

Following error is showed when starting clamd; freshclam[26882]: [LibClamAV] mpool_malloc():Attempt to allocate 8388608 bytes. Please report to http://bugs.clamav.net I have lots of RAM memory unused on my linuxOS, but this error keeps showing…
george long
  • 71
  • 1
  • 2
  • 4
6
votes
1 answer

Integrating ClamAV with NGINX

We're using NGINX as our main web server, after moving away from Apache. We recently decided to test ClamAV integration, to make sure files uploaded by users are thoroughly scanned prior to transfer to Amazon S3. I'm looking for an easy way to…
6
votes
2 answers

Is it possible to check the progress of of a currently running clamAV scan?

I have searched around but not found a possible solution to this so far. I have an ongoing scan which I thought would've been finished at certain time, but unfortunately it has not. So I am wondering if there's a way to check the scan progress of…
Dark Star1
  • 1,355
  • 6
  • 21
  • 37
6
votes
1 answer

Squid + ClamAV + i-cap: Scanning proxy for uploaded files?

I'm trying to configure a virus scanning proxy server specifically to scan files being uploaded. Scanning flies being downloaded seems to be the common use case, and seems to be well documented. Not being a squid or i-cap expert, I'm using…
5
votes
0 answers

Socket access for clamdscan

On fc29 I have clamd installed and clamd@scan.service is running fine. clamdscan runs for root but not for a regular user, even after addition to 'clamscan' group. dnf list installed | grep clam clamav.x86_64 …
hotkarl
  • 155
  • 1
  • 10
5
votes
6 answers

Debian 8: can't get ClamAV to listen on TCP 3310

I am trying to get Clamav-daemon running on a Debian 8 system so that it will listen on TCP port 3310. I have done the following: aptitude install clamav-daemon Then modified /etc/clamav/clamd.conf so that it now has the following at the top: #…
Doahh
  • 181
  • 1
  • 1
  • 5
5
votes
2 answers

Up to date ClamAV on Debian Wheezy (ClamAV installation is OUTDATED log message)

I've installed ClamAV on Debian Wheezy from the offical repositories, using apt. System is up to date and I don't get any updates via apt-get upgrade, but still I get this message in the logs: Your ClamAV installation is OUTDATED! My version is: $…
Sfisioza
  • 592
  • 2
  • 7
  • 18
5
votes
2 answers

avoid redundant writing of virus scan signatures in VMs on same disk

I have two VMs on the same disk that each have clamav installed. Both regularly run updates for the same virus scan signatures simultaneously which results in an unnecessary strain on the performance of the disk every time. Since those are the same…
schf1919
  • 59
  • 2
4
votes
2 answers

Scan the full filesystem in parallel with clamscan

I run a clamav scan weekly on my servers. There is one server with a raid6 cluster of 30TB of disk space where the scan take more than 24h to run. So I wonder how can I run clamscan on the whole filesystem, taking advantage of the several cores the…
azmeuk
  • 165
  • 1
  • 14
1
2 3
10 11