Friday, December 16, 2011

ClamAV - Antivirus for Linux

Disclaimer: Flying through Linux and OpenSource. You might experience Freedom along with plenty of awesomeness.


In today's digital world, where access to electronic content is so convenient that it is almost taken for granted, there is a constant threat of malware infection.
While Linux computers a much less likely to be infected by a malware transmitted via sharing files via removable media or over the Internet, it is certainly not impossible. And while you yourself may not be too much concerned about getting your computer infected because of an infected file, you may unknowingly put the non-Linux users with whom you may share files at risk. These could be your family, friends, and colleagues, etc.

There are a few steps that one can take to prevent and minimize getting and spreading such infections and the most common one happens to be installing an antivirus software. Many antivirus software vendors today offer some paid as well as free versions for Linux computers. When I was a Window user, one of the first things I did after (re)installing the operating system on my computer was to install an antivirus on it. I hated using antivirus, especially the real-time scan features, since they slowed my computer, negatively affecting the overall experience. Ever since I made the switch to Linux few years ago I've not had that problem and I've gotten used to using my computers without any antivirus software installed. I changed my mind few weeks ago when I realized that malware were no longer restricted to the standard executable files. Malware authors are now exploiting vulnerabilities in popular software like Adobe PDF Reader and Flash Player etc. and packaging malware in pdf, swf, and other files. While Linux users should still be relatively safe from such infections, non-Linux users, especially Windows users are not. Therefore, in order to stop the malware from spreading out from your computer, it is essential that they be detected there first.

ClamAV is a popular open source antivirus that has been around for many years. Its website describes it as follows.
ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats. It is the de facto standard for mail gateway scanning. It provides a high performance mutli-threaded scanning daemon, command line utilities for on demand file scanning, and an intelligent tool for automatic signature updates.
It is available on many popular Linux distributions. On Ubuntu, it can be installed using the Software Center or any Package Manager. Just search for clamav. You will also need to install the virus definitions updater for ClamAV which is known as freshclam. Keep in mind that ClamAV does not install a graphical user interface and once you've installed clamav and freshclam, they would be only usable via the command line shell. There are however a few GUI tools available that can be used with clamav and one such tool is clam tk which could also be installed from the software manager. Once installed, clamtk will allow you to scan files and directories using clamav. It will also allow you to configure clamav using its Advanced -> Preferences menu entry.
  
If you are wondering what that Last infected file was, I used a test virus file, EICAR.COM, that is readily available over the Internet and can be used to test if the antivirus is in fact scanning and detecting infected files.

While you could use clamav from both command line as well as using the ClamTK gui, most modern graphical Linux distributions also allow you to add a menu entry on the right click context menu to scan a file or a folder using ClamAV. Here is a screen shot from my laptop which runs Kubuntu 11.10 showing the context menu entry.



While no antivirus software will make your computer 100% safe and secure, they will certainly help. ClamAV is the antivirus of choice by most Linux server administrators and computer users. At the end of the day however it boils down to how responsible and cautious you yourself are. I hope you found this article helpful.

This article is part of the series ClamAV - Antivirus for Linux:
ClamAV - Antivirus for Linux
ClamFS - Antivirus Filesystem for Linux

You may also like:
Filesystem Encryption under Linux - EncFS

2 comments:

  1. Good information. now i discussing about .. Antivirus For Linux for your consideration

    ReplyDelete
  2. thanks for share with us this linux version antivirus. its really helpfull. now this software also available for windows. for windows version antivirus, editor, all kind off free software just visit
    Antivirus

    ReplyDelete