How To Install and Use ClamAV Antivirus Software In Linux, Ubuntu, Debian, Mint, Kali, Fedora, CentOS, RHEL – POFTUT

How To Install and Use ClamAV Antivirus Software In Linux, Ubuntu, Debian, Mint, Kali, Fedora, CentOS, RHEL

by

Linux distributions like Ubuntu, Debian, Mint, Kali, Fedora, CentOs, RHEL are considered as virus free and advertised by open source advocates. This is a bit false but generally true assumption. Linux environment have very little viruses against Windows and MacOS. But Linux environment is not fully secure against. In this tutorial we will examine how to install ClamAV and use it to scan, find and destroy viruses in Linux.

Install

We will look how to install different distributions families. This will install command line tools to update virus database signatures and scanner.

Ubuntu, Debian, Mint, Kali

As always we start with the deb based distributions.

$ sudo apt install clamav clamtk
Ubuntu, Debian, Mint, Kali
Ubuntu, Debian, Mint, Kali

Fedora

The recent versions start to use only dnf as package manager. So we will use dnf package manager in order to install clamav

$ sudo dnf install clamav clamtk

RHEL, CentOS

As old friend we will use yum package manager in order to install clamav

$ sudo yum install clamav clamtk

Clamtk Graphical User Interface

As stated previously we also installed the clamtk package which provides GUI for ClamAV. It provides following basic configurations about ClamAV

  • Configuration
  • History
  • Updates
  • Analysis

Update Virus Database Signatures

One of the most important thing about antivirus software is updating virus database we can update virus database from updates like below.

Update Virus Database Signatures
Update Virus Database Signatures

Scan A File

We will start the action by scanning a file which can be done from ,Scan a file` menu.

Scan A File
Scan A File

As we can see ClamAV have found nothing.

Scan A File
Scan A File

Scan A Directory

We can also scan a directory for viruses. We will just select the directory we want to scan. In this example we will scan the Downloads directory which provides external and suspicious files downloaded from web.

LEARN MORE  Yara - Identify and Classify Malware Samples
Scan A Directory
Scan A Directory

Historical Scans

We can list and see information about historical scans. We will click History which will list dates in the past like below.

Historical Scans
Historical Scans

then we will select the date we want to list and click View which will open following window.

Historical Scans
Historical Scans

Quarantine

If in the previous scans any malware or virus are detected they will be put in to Quarantine . We can list and view them by clicking Quarantine which is empty for now.

Quarantine
Quarantine

Leave a Comment