Background
Need an AntiVirus on my CentOS box.
AntiVirus
ClamAV is free and works on CentOS.
Outline
- Package
- Verify
- ClamAV
- yum
- yum list installed
- dnf
- dnf list installed
- yum
- ClamAV
- Install
- Identify Artifacts
- Install Artifacts
- Review
- Review Packages
- Verify
- Configure ClamAV
- Configure SELinux
- Configure Services
- List of Services
- clamd@.service
- freshclam.service
- Configure Service
- Start Service
- Review Service Status
- List of Services
Tasks
Package
Verify
ClamAV
yum – list
Syntax
yum list installed
Sample
yum list installed | grep -i 'clamav'
Output – Image
Output – Text
>yum list installed | grep -i clamav >
dnf – list
Syntax
dnf list installed
Sample
dnf list installed | grep -i 'clamav'
Output – Image
Output – Text
Explanation
- An empty list means clamav is not yet installed
Install
ClamAV
yum – list
Info
- The command “yum list available”
- Lists available packages
- It seems that once a package is installed, it is no longer included as part of the available list
Syntax
yum list available
Sample
yum list available | egrep -i 'clamav|clamd'
Output – Image
Output – Text
>yum list available | grep -i 'clamav' clamav.x86_64 0.102.4-1.el8 epel clamav-data.noarch 0.102.4-1.el8 epel clamav-devel.x86_64 0.102.4-1.el8 epel clamav-filesystem.noarch 0.102.4-1.el8 epel clamav-lib.x86_64 0.102.4-1.el8 epel clamav-milter.x86_64 0.102.4-1.el8 epel clamav-unofficial-sigs.noarch 7.0.1-5.el8 epel clamav-update.x86_64 0.102.4-1.el8 epel >
yum – install
Syntax
yum install [package]
Sample
yum -y install clamd yum -y install clamav yum -y install clamav-data yum -y install clamav-devel yum -y install clamav-filesystem yum -y install clamav-lib yum -y install clamav-milter yum -y install clamav-unofficial-sigs yum -y install clamav-update
Output – Image
Output – Text
Last metadata expiration check: 2:04:51 ago on Thu 19 Nov 2020 11:52:54 AM PST. Dependencies resolved. ================================================================================ Package Architecture Version Repository Size ================================================================================ Installing: clamav x86_64 0.102.4-1.el8 epel 454 k Installing dependencies: clamav-data noarch 0.102.4-1.el8 epel 200 M clamav-filesystem noarch 0.102.4-1.el8 epel 42 k clamav-lib x86_64 0.102.4-1.el8 epel 825 k libprelude x86_64 5.2.0-1.el8 epel 326 k Transaction Summary ================================================================================ Install 5 Packages Total download size: 201 M Installed size: 206 M Downloading Packages: (1/5): clamav-filesystem-0.102.4-1.el8.noarch.r 80 kB/s | 42 kB 00:00 (2/5): clamav-0.102.4-1.el8.x86_64.rpm 516 kB/s | 454 kB 00:00 (3/5): libprelude-5.2.0-1.el8.x86_64.rpm 266 kB/s | 326 kB 00:01 (4/5): clamav-lib-0.102.4-1.el8.x86_64.rpm 364 kB/s | 825 kB 00:02 (5/5): clamav-data-0.102.4-1.el8.noarch.rpm 1.4 MB/s | 200 MB 02:25 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Total 1.4 MB/s | 201 MB 02:25 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Running scriptlet: clamav-filesystem-0.102.4-1.el8.noarch 1/5 Installing : clamav-filesystem-0.102.4-1.el8.noarch 1/5 Installing : clamav-data-0.102.4-1.el8.noarch 2/5 Installing : libprelude-5.2.0-1.el8.x86_64 3/5 Running scriptlet: libprelude-5.2.0-1.el8.x86_64 3/5 Installing : clamav-lib-0.102.4-1.el8.x86_64 4/5 Installing : clamav-0.102.4-1.el8.x86_64 5/5 Running scriptlet: clamav-0.102.4-1.el8.x86_64 5/5 Verifying : clamav-0.102.4-1.el8.x86_64 1/5 Verifying : clamav-data-0.102.4-1.el8.noarch 2/5 Verifying : clamav-filesystem-0.102.4-1.el8.noarch 3/5 Verifying : clamav-lib-0.102.4-1.el8.x86_64 4/5 Verifying : libprelude-5.2.0-1.el8.x86_64 5/5 Installed products updated. Installed: clamav-0.102.4-1.el8.x86_64 clamav-data-0.102.4-1.el8.noarch clamav-filesystem-0.102.4-1.el8.noarch clamav-lib-0.102.4-1.el8.x86_64 libprelude-5.2.0-1.el8.x86_64 Complete! Last metadata expiration check: 2:07:32 ago on Thu 19 Nov 2020 11:52:54 AM PST. Package clamav-data-0.102.4-1.el8.noarch is already installed. Dependencies resolved. Nothing to do. Complete! Last metadata expiration check: 2:07:34 ago on Thu 19 Nov 2020 11:52:54 AM PST. Dependencies resolved. ======================================================================================================================================================================== Package Architecture Version Repository Size ======================================================================================================================================================================== Installing: clamav-devel x86_64 0.102.4-1.el8 epel 50 k Installing dependencies: clamav-update x86_64 0.102.4-1.el8 epel 128 k keyutils-libs-devel x86_64 1.5.10-6.el8 BaseOS 48 k krb5-devel x86_64 1.17-18.el8 BaseOS 549 k libcom_err-devel x86_64 1.45.4-3.el8 BaseOS 38 k libselinux-devel x86_64 2.9-3.el8 BaseOS 199 k libsepol-devel x86_64 2.9-1.el8 BaseOS 86 k libverto-devel x86_64 0.3.0-5.el8 BaseOS 18 k openssl-devel x86_64 1:1.1.1c-15.el8 BaseOS 2.3 M pcre2-devel x86_64 10.32-1.el8 BaseOS 605 k pcre2-utf16 x86_64 10.32-1.el8 BaseOS 228 k pcre2-utf32 x86_64 10.32-1.el8 BaseOS 220 k zlib-devel x86_64 1.2.11-16.el8_2 BaseOS 57 k Transaction Summary ======================================================================================================================================================================== Install 13 Packages Total download size: 4.5 M Installed size: 8.3 M Downloading Packages: (1/13): libcom_err-devel-1.45.4-3.el8.x86_64.rpm 199 kB/s | 38 kB 00:00 (2/13): keyutils-libs-devel-1.5.10-6.el8.x86_64.rpm 173 kB/s | 48 kB 00:00 (3/13): libselinux-devel-2.9-3.el8.x86_64.rpm 926 kB/s | 199 kB 00:00 (4/13): libsepol-devel-2.9-1.el8.x86_64.rpm 358 kB/s | 86 kB 00:00 (5/13): libverto-devel-0.3.0-5.el8.x86_64.rpm 160 kB/s | 18 kB 00:00 (6/13): krb5-devel-1.17-18.el8.x86_64.rpm 816 kB/s | 549 kB 00:00 (7/13): pcre2-devel-10.32-1.el8.x86_64.rpm 1.2 MB/s | 605 kB 00:00 (8/13): pcre2-utf32-10.32-1.el8.x86_64.rpm 821 kB/s | 220 kB 00:00 (9/13): zlib-devel-1.2.11-16.el8_2.x86_64.rpm 867 kB/s | 57 kB 00:00 (10/13): pcre2-utf16-10.32-1.el8.x86_64.rpm 300 kB/s | 228 kB 00:00 (11/13): clamav-devel-0.102.4-1.el8.x86_64.rpm 188 kB/s | 50 kB 00:00 (12/13): clamav-update-0.102.4-1.el8.x86_64.rpm 523 kB/s | 128 kB 00:00 (13/13): openssl-devel-1.1.1c-15.el8.x86_64.rpm 876 kB/s | 2.3 MB 00:02 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Total 1.2 MB/s | 4.5 MB 00:03 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : clamav-update-0.102.4-1.el8.x86_64 1/13 Running scriptlet: clamav-update-0.102.4-1.el8.x86_64 1/13 Installing : zlib-devel-1.2.11-16.el8_2.x86_64 2/13 Installing : pcre2-utf32-10.32-1.el8.x86_64 3/13 Installing : pcre2-utf16-10.32-1.el8.x86_64 4/13 Installing : pcre2-devel-10.32-1.el8.x86_64 5/13 Installing : libverto-devel-0.3.0-5.el8.x86_64 6/13 Installing : libsepol-devel-2.9-1.el8.x86_64 7/13 Installing : libselinux-devel-2.9-3.el8.x86_64 8/13 Installing : libcom_err-devel-1.45.4-3.el8.x86_64 9/13 Installing : keyutils-libs-devel-1.5.10-6.el8.x86_64 10/13 Installing : krb5-devel-1.17-18.el8.x86_64 11/13 Installing : openssl-devel-1:1.1.1c-15.el8.x86_64 12/13 Installing : clamav-devel-0.102.4-1.el8.x86_64 13/13 Running scriptlet: clamav-devel-0.102.4-1.el8.x86_64 13/13 Verifying : keyutils-libs-devel-1.5.10-6.el8.x86_64 1/13 Verifying : krb5-devel-1.17-18.el8.x86_64 2/13 Verifying : libcom_err-devel-1.45.4-3.el8.x86_64 3/13 Verifying : libselinux-devel-2.9-3.el8.x86_64 4/13 Verifying : libsepol-devel-2.9-1.el8.x86_64 5/13 Verifying : libverto-devel-0.3.0-5.el8.x86_64 6/13 Verifying : openssl-devel-1:1.1.1c-15.el8.x86_64 7/13 Verifying : pcre2-devel-10.32-1.el8.x86_64 8/13 Verifying : pcre2-utf16-10.32-1.el8.x86_64 9/13 Verifying : pcre2-utf32-10.32-1.el8.x86_64 10/13 Verifying : zlib-devel-1.2.11-16.el8_2.x86_64 11/13 Verifying : clamav-devel-0.102.4-1.el8.x86_64 12/13 Verifying : clamav-update-0.102.4-1.el8.x86_64 13/13 Installed products updated. Installed: clamav-devel-0.102.4-1.el8.x86_64 clamav-update-0.102.4-1.el8.x86_64 keyutils-libs-devel-1.5.10-6.el8.x86_64 krb5-devel-1.17-18.el8.x86_64 libcom_err-devel-1.45.4-3.el8.x86_64 libselinux-devel-2.9-3.el8.x86_64 libsepol-devel-2.9-1.el8.x86_64 libverto-devel-0.3.0-5.el8.x86_64 openssl-devel-1:1.1.1c-15.el8.x86_64 pcre2-devel-10.32-1.el8.x86_64 pcre2-utf16-10.32-1.el8.x86_64 pcre2-utf32-10.32-1.el8.x86_64 zlib-devel-1.2.11-16.el8_2.x86_64 Complete! Last metadata expiration check: 2:07:44 ago on Thu 19 Nov 2020 11:52:54 AM PST. Package clamav-filesystem-0.102.4-1.el8.noarch is already installed. Dependencies resolved. Nothing to do. Complete! Last metadata expiration check: 2:07:45 ago on Thu 19 Nov 2020 11:52:54 AM PST. Package clamav-lib-0.102.4-1.el8.x86_64 is already installed. Dependencies resolved. Nothing to do. Complete! Last metadata expiration check: 2:07:46 ago on Thu 19 Nov 2020 11:52:54 AM PST. Dependencies resolved. ======================================================================================================================================================================== Package Architecture Version Repository Size ======================================================================================================================================================================== Installing: clamav-milter x86_64 0.102.4-1.el8 epel 123 k Installing dependencies: sendmail-milter x86_64 8.15.2-32.el8 AppStream 82 k Transaction Summary ======================================================================================================================================================================== Install 2 Packages Total download size: 205 k Installed size: 355 k Downloading Packages: (1/2): sendmail-milter-8.15.2-32.el8.x86_64.rpm 256 kB/s | 82 kB 00:00 (2/2): clamav-milter-0.102.4-1.el8.x86_64.rpm 224 kB/s | 123 kB 00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Total 149 kB/s | 205 kB 00:01 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : sendmail-milter-8.15.2-32.el8.x86_64 1/2 Running scriptlet: sendmail-milter-8.15.2-32.el8.x86_64 1/2 Running scriptlet: clamav-milter-0.102.4-1.el8.x86_64 2/2 Installing : clamav-milter-0.102.4-1.el8.x86_64 2/2 Running scriptlet: clamav-milter-0.102.4-1.el8.x86_64 2/2 Verifying : sendmail-milter-8.15.2-32.el8.x86_64 1/2 Verifying : clamav-milter-0.102.4-1.el8.x86_64 2/2 Installed products updated. Installed: clamav-milter-0.102.4-1.el8.x86_64 sendmail-milter-8.15.2-32.el8.x86_64 Complete! Last metadata expiration check: 2:07:52 ago on Thu 19 Nov 2020 11:52:54 AM PST. Dependencies resolved. ======================================================================================================================================================================== Package Architecture Version Repository Size ======================================================================================================================================================================== Installing: clamav-unofficial-sigs noarch 7.0.1-5.el8 epel 60 k Transaction Summary ======================================================================================================================================================================== Install 1 Package Total download size: 60 k Installed size: 241 k Downloading Packages: clamav-unofficial-sigs-7.0.1-5.el8.noarch.rpm 164 kB/s | 60 kB 00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Total 82 kB/s | 60 kB 00:00 Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : clamav-unofficial-sigs-7.0.1-5.el8.noarch 1/1 Running scriptlet: clamav-unofficial-sigs-7.0.1-5.el8.noarch 1/1 Verifying : clamav-unofficial-sigs-7.0.1-5.el8.noarch 1/1 Installed products updated. Installed: clamav-unofficial-sigs-7.0.1-5.el8.noarch Complete! Last metadata expiration check: 2:07:56 ago on Thu 19 Nov 2020 11:52:54 AM PST. Package clamav-update-0.102.4-1.el8.x86_64 is already installed. Dependencies resolved. Nothing to do. Complete! >
yum – info
Syntax
yum info [package]
Sample
yum info clamd
Output – Image
Output – Text
>yum info clamd Last metadata expiration check: 23:09:57 ago on Thu 19 Nov 2020 12:37:06 PM PST. Installed Packages Name : clamd Version : 0.102.4 Release : 1.el8 Architecture : x86_64 Size : 243 k Source : clamav-0.102.4-1.el8.src.rpm Repository : @System From repo : epel Summary : The Clam AntiVirus Daemon URL : https://www.clamav.net/ License : GPLv2 Description : The Clam AntiVirus Daemon : See the README file how this can be done with a minimum of effort. : This package contains a generic system wide clamd service which is : e.g. used by the clamav-milter package.
Review
Package
Using “yum info”, let us review the packages we just installed.
| Package | Description |
|---|---|
| clamd | This package contains a generic system wide clamd service which is used by other applications and packages such as the clamav-milter package. |
| clamav | Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. The virus database is based on the virus database from OpenAntiVirus, but contains additional signatures (including signatures for popular polymorphic viruses, too) and is KEPT UP TO DATE. |
| clamav-data | This package contains the virus-database needed by clamav. This database should be updated regularly; the ‘clamav-update’ package ships a corresponding cron-job. Use this package when you want a working (but perhaps outdated) virus scanner immediately after package installation. |
| clamav-devel | This package contains headerfiles and libraries which are needed to build applications using clamav. |
| clamav-filesystem | This package provides the filesystem structure and contains the user-creation scripts required by clamav. |
| clamav-lib | This package contains dynamic libraries shared between applications using the Clam Antivirus scanner. |
| clamav-milter | This package contains files which are needed to run the clamav-milter. |
| clamav-unofficial-sigs | This package contains scripts and configuration files that provide the capability to download, test, and update the 3rd-party signature databases provide by Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, INetMsg and ScamNailer. |
| clamav-update | This package contains programs which can be used to update the clamav anti-virus database automatically. It uses the freshclam(1) utility for this task. To activate it use, uncomment the entry in /etc/cron.d/clamav-update. Use this package when you go updating the virus database regulary and do not want to download a >160MB sized rpm-package with outdated virus definitions. |
Configure ClamAV
Outline
- Files
- Daemon
- /etc/clamd.d/scan.conf
- Database
- /etc/freshclam.conf
- Daemon
/etc/clamd.d/scan.conf
Outline
- In file /etc/clamd.d/scan.conf
- Backup
- Create Backup Folder
- Backup File
- Entries
- LocalSocket
- TCPSocket
- Backup
Tasks
Task – Create Backup Folder
Syntax
mkdir -p /etc/clamd.d/backup/[TS]
Sample
mkdir -p /etc/clamd.d/backup/20201119.0330PM
Output – Image
Output – Text
mkdir -p /etc/clamd.d/backup/20201119.0330PM
Task – Backup File
Syntax
sudo cp /etc/clamd.d/scan.conf /etc/clamd.d/backup/[TS]
Sample
sudo cp /etc/clamd.d/scan.conf /etc/clamd.d/backup/20201119.0330PM
Output – Image
Output – Text
>sudo cp /etc/clamd.d/scan.conf /etc/clamd.d/backup/20201119.0330PM [sudo] password for dadeniji: >
Review Socket Choice
Decide between LocalSocket or TCPSocket
- LocalSocket
- TCPSocket
Review Socket Choice
Syntax
cat /etc/clamd.d/scan.conf | egrep -i 'LocalSocket |TCPSocket '
Output – Text
>cat /etc/clamd.d/scan.conf | egrep -i 'LocalSocket |TCPSocket ' #LocalSocket /run/clamd.scan/clamd.sock #TCPSocket 3310
Output – Image
Make Socket Choice
Using an editor such as vi, please edit /run/clamd.scan, and uncomment out the entry per your choice.
Editor – Contents – Visual
Editor – Contents – Text
# The daemon can work in local mode, network mode or both. # Due to security reasons we recommend the local mode. # Path to a local socket file the daemon will listen on. # Default: disabled (must be specified by a user) # dadeniji 2020-11-19 03:58 PM #LocalSocket /run/clamd.scan/clamd.sock LocalSocket /run/clamd.scan/clamd.sock
Explanation
- In our case, chose local socket ( LocalSocket ) over TCP/IP
/etc/freshclam.conf
Outline
- file /etc/freshclam.conf
- Review File
- Create Backup Folder
- Backup File
- Comment out Example Tag
Review File
Command – grep
Syntax
cat /etc/freshclam.conf
Sample
sudo cat /etc/freshclam.conf | egrep -i 'Example '
Output – Image
Output – Text
sudo cat /etc/freshclam.conf | egrep -i 'Example '
Explanation
In our case, the Example Tag is already commented out and so we will skip this step.
Configure SE-Linux
Outline
- Get SE-Linux Configuration
- Set SE-Linux Configuration
Get SE-Linux Configuration
Outline
Please review the following items:
- antivirus_can_scan_system
- antivirus_use_jit
getsebool
Syntax
sudo getsebool
Sample
sudo getsebool -a | grep antivirus
Output – Image
Output – Text
>sudo getsebool -a | grep antivirus antivirus_can_scan_system --> off antivirus_use_jit --> off >
Explanation
- antivirus_can_scan_system => OFF
- antivirus_use_jit => OFF
Set SE-Linux Configuration
Outline
Please adjust the following items:
- antivirus_can_scan_system
- antivirus_use_jit
setsebool
Syntax
sudo setsebool -P <item> <value>
Item – antivirus_can_scan_system
Sample
sudo setsebool -P antivirus_can_scan_system 1
Output – Image
Output – Text
>sudo setsebool -P antivirus_can_scan_system 1 [sudo] password for dadeniji: >
Item – antivirus_use_jit
Sample
sudo setsebool -P antivirus_use_jit 1
Output – Image
Output – Text
sudo setsebool -P antivirus_use_jit 1 [sudo] password for dadeniji:
Explanation
Within SE-Linux the following settings are enabled:-
- antivirus_can_scan_system
- antivirus_use_jit
Configure Services/Daemons
Outline
- List of CLAMAV Services
- clamd@.service
- freshclam.service
- Configure CLAMAV Services
- Start Service
- Review Service Status
- Review CLAMAV Services
- Issue systemctl
List of Services
- clamd@.service
- ClamAV daemon
- freshclam.service
- Get the latest ClamAV Antivirus signatures
clamd@.service
Outline
- Enable Service
- Start Service
- Review Service Status
systemctl
systemctl – enable
Syntax
sudo systemctl enable [service]
Sample
sudo systemctl enable clamd@
Output – Image
Output – Text
>sudo systemctl enable clamd@ Created symlink /etc/systemd/system/multi-user.target.wants/clamd@.service → /us r/lib/systemd/system/clamd@.service.
Explanation
- clamd@
- Registered as a system daemon ( service )
systemctl – start
Syntax
sudo systemctl start [service]
Sample
sudo systemctl start clamd@scan
Output – Image
Output – Text
>sudo systemctl start clamd@scan >
Explanation
- clamd@scan
- Successfully started service
systemctl – status
Syntax
sudo systemctl status [service]
Sample
sudo systemctl status clamd@scan
Output – Image
Output – Text
>sudo systemctl status clamd@scan ● clamd@scan.service - clamd scanner (scan) daemon Loaded: loaded (/usr/lib/systemd/system/clamd@.service; disabled; vendor preset: disabled) Active: active (running) since Thu 2020-11-19 18:22:45 PST; 3min 23s ago Docs: man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/ Process: 69509 ExecStart=/usr/sbin/clamd -c /etc/clamd.d/scan.conf (code=exited, status=0/SUCCESS) Main PID: 69512 (clamd) Tasks: 2 (limit: 23516) Memory: 1.1G CGroup: /system.slice/system-clamd.slice/clamd@scan.service └─69512 /usr/sbin/clamd -c /etc/clamd.d/scan.conf Nov 19 18:22:41 dbLinux clamd[69512]: ELF support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: Mail files support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: OLE2 support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: PDF support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: SWF support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: HTML support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: XMLDOCS support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: HWP3 support enabled. Nov 19 18:22:41 dbLinux clamd[69512]: Self checking every 600 seconds. Nov 19 18:22:45 dbLinux systemd[1]: Started clamd scanner (scan) daemon. >
Explanation
- clamd@scan
- List supported features
- ELF
- OLE2
- SWF
- HTML
- XMLDOCS
- HWP3
- List supported features
freshclam.service
Outline
- Enable Service
- Start Service
- Review Service Status
systemctl
systemctl – enable
Syntax
sudo systemctl enable [service]
Sample
sudo systemctl enable clamav-freshclam.service
Output – Image
Output – Text
>sudo systemctl enable clamav-freshclam.service Created symlink /etc/systemd/system/multi-user.target.wants/clamav-freshclam.service → /usr/lib/systemd/system/clamav-freshclam.service. >
Explanation
- clamav-freshclam.service
- Registered as a system daemon ( service )
systemctl – start
Syntax
sudo systemctl start [service]
Sample
sudo systemctl start clamav-freshclam.service
Output – Image
Output – Text
>sudo systemctl start clamav-freshclam.service [sudo] password for dadeniji:
Explanation
- clamav-freshclam
- Service successfully started
systemctl – status
Syntax
sudo systemctl status [service]
Sample
sudo systemctl status clamav-freshclam.service
Output – Image
Output – Text
>sudo systemctl status clamav-freshclam.service ● clamav-freshclam.service - ClamAV virus database updater Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: disabled) Active: active (running) since Thu 2020-11-19 21:51:37 PST; 6min ago Docs: man:freshclam(1) man:freshclam.conf(5) https://www.clamav.net/documents Main PID: 74426 (freshclam) Tasks: 1 (limit: 23516) Memory: 3.1M CGroup: /system.slice/clamav-freshclam.service └─74426 /usr/bin/freshclam -d --foreground=true Nov 19 21:51:37 dbLinux systemd[1]: Started ClamAV virus database updater. Nov 19 21:51:37 dbLinux freshclam[74426]: ClamAV update process started at Thu Nov 19 21:51:37 2020 Nov 19 21:51:37 dbLinux freshclam[74426]: daily.cld database is up to date (version: 25993, sigs: 4346475, f-level: 63, builder: raynman) Nov 19 21:51:37 dbLinux freshclam[74426]: main.cvd database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr) Nov 19 21:51:37 dbLinux freshclam[74426]: bytecode.cvd database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg) >
Explanation
- clamav-freshclam
- Is running as a system daemon ( service )
- Service Info
- ClamAV virus database updater
CLAMAV Services Status
- systemctl
- Options
- list-unit-files
- Options
systemctl
systemctl – list-unit-files
Syntax
sudo systemctl list-unit-files --all
Sample
sudo systemctl list-unit-files --all | grep 'clam'
Output – Image
Output – Text
>systemctl list-unit-files --all | grep 'clam' clamav-freshclam.service enabled clamav-milter.service disabled clamav-unofficial-sigs.service disabled clamd@.service enabled clamonacc.service disabled clamav-unofficial-sigs.timer disabled
Explanation
- Services
- Enabled
- clamav-freshclam
- clamd@
- Enabled
Summary
A lot to cover in a single blog post.
Will come back and clean it up on subsequent posts.
Moral of the Story
Don’t wait forever to install an AntiVirus.
Learning in the Open 