Clamav - Linux Antivirus

 

Windows users are used to using antivirus software, as a computer technician I always communicate with people the importance of keeping your system up to date, safe and ready to work. There is a great debate on the real importance of using these types of programs, I'll leave this subject for a future occasion, for now we will keep the focus on the use of antivirus on Linux.

ClamAV is an open source antivirus developed by Cisco Systems, one of the largest companies in IT and network solutions. Anyone who has had the opportunity to handle one of their equipment knows the quality and efficiency of this company's products. Not to mention their certifications, and importance in the tech scene.

The solution offered by Cisco is multiplatform, having versions for several systems, such as: Windows, Linux, BSD and macOS. As you can see on its official website.

ClamAV can either be used entirely via the command line or via a graphical interface.

Do I need antivirus on Linux?

Antivirus is a sensitive issue, there are technicians and users who are in favor and others against. Mainly because of the way it works, it won't be difficult to see someone mentioning that they never used antivirus, whether on Windows or whatever the system. Just be aware and cautious where you browse and which files open that the subject is closed. However, this control does not always depend only on the user of the machine itself, and in specific cases it can be interesting to use an antivirus on Linux.

Watch the video below and understand a little more about the topic: viruses for Linux, Windows and Android.

One of the scenarios you might consider using antivirus in your distro is if you have dualboot with Windows. Another case is if you constantly work with incoming files from other users or from the internet itself and make it available to other Windows users, or usually do maintenance and scans on client machines. After all, infecting virtual pests can be more difficult on Linux, however, sometimes your system cannot be infected, but you may be opening the door to malicious people on someone's computer. “Security is never too much”, and even though it is not routine in the life of Linux users, the use of some program like ClamAV has its value.

How to install ClamAV on Ubuntu, Mint and derivatives

The interesting thing about ClamAV is its versatility, allowing it to be used either via a terminal or with a frontend called ClamTk. You can purchase ClamAV directly from the Ubuntu store, Mint and derivatives. Just search for: “ClamTk” and install the antivirus.

Another way is to install the program via terminal, with the command:

sudo apt install clamav clamav-daemon clamtk

With that you'll be able to handle the application with an interface not so difficult to understand. But, if your intention is to use it via the command line, just install ClamAV plus the “clamav-daemon” package.

sudo apt install clamav clamav-daemon

Another interesting package, if you use compressed files in RAR format, is the “libclamunrar” library. Currently on Ubuntu, it is at version 7. If you want this "plus" on your system, you can install either from the command line or with the help of a software such as Synaptic, GNOME Software currently does not install some packages (in Mint, just search directly in the store).

sudo apt install libclamunrar7

For ClamAV users with a graphical interface, there is the option to always get the latest security updates, either automatically or manually. If for some reason you can't get it through the interface, you can proceed in the same way as those who use it via the terminal (that's why we installed the package “clamav-daemon” along with the graphical interface). First we will stop the clamav-freshclam process (just in case):

sudo systemctl stop clamav-freshclam.service

Then update the definitions file from your database:

sudo freshclam

Using ClamAV Antivirus

Using ClamAV is very simple, to scan a directory looking for viruses, malware, trojans and other threats. Use the command “sudo clamscan -r” with the path just ahead. For example:

clamscan -r /home/henriquead/my_folder/

In the case above, I didn't even use root, rarely any file on the home will need elevated privileges, however, I advise using “sudo” to avoid major problems. For the more attentive you will notice that I used the “-r” parameter, providing a recursive search in my directories. There are many more options, use “clamscan –help” and read all the possibilities. Citing a very curious one is the “-i” parameter, which emits a sound for each identified threat.

Users who have installed ClamTk, further explanation is unnecessary. With a few minutes browsing and reading each section (Settings, White List, Network, Scheduler, History, Quarantine, Update, Update Assistant, Scan a file, Scan a directory and Analysis), you will soon identify and learn how the tool works.