Linux is generally considered to be more secure than other operating systems. However, it’s increasingly a target of attackers; as Linux systems are used for critical roles like web servers and internal file servers. In addition to being susceptible to Linux-based and cross-platform exploits, unprotected Linux machines can also become distribution points for Windows, Mac, and Android malware.
ClamAV is an open source antivirus solution that is used to detect viruses, trojans, and other malware. ClamAV is a command line interface (CLI) program but in this tutorial, we will learn to setup ClamAV with a graphic user interface (GUI) frontend known as ClamTk and we will also setup a daily scan of the Linux system, in this case Ubuntu.
ClamAV Installation on Ubuntu
- Open a terminal window and run the following command:
sudo apt-get install clamav
- Now to update the antivirus signature database, run the following command: sudo freshclam
Installing the Graphic User Interface (GUI) for ClamAV
- We will be using ClamTk as the graphic user interface (GUI) frontend for ClamAV, its lightweight & very easy to use. To install it on Ubuntu, run the following command: sudo apt-get install clamtk
Setting up a Daily Scan
To setup a daily scan, you can create a cron job that will be executed daily on systems. To do this:
- Create a file named ‘daily_scan’ under ‘/etc/cron.daily/’
- Then add /usr/bin/clamscan -i -r /home >> /var/log/ClamAV/daily_scan.logto the file
‘/home’ is the directory that will be scanned & ‘/var/log/ClamAV/daily_scan.log’ is the file where logs for the scan will be created. You can also execute the above mentioned command to start a scan from your terminal or if you want to start a scan using the GUI, use ClamTk.