Difference between revisions of "Virus Scan Shares"

From Amahi Wiki
Jump to: navigation, search
Line 16: Line 16:
  
 
==== Configure Daily Scan ====
 
==== Configure Daily Scan ====
In this example, we will configure a cronjob to scan the /home/ directory every day:
+
In this example, we will configure a cronjob to scan the Docs share every day:
 
* Create cron file:
 
* Create cron file:
 
  vim /etc/cron.daily/manual_clamscan
 
  vim /etc/cron.daily/manual_clamscan
 
* Add the following to the file above. Be sure to change SCAN_DIR to the directory that you want to scan:
 
* Add the following to the file above. Be sure to change SCAN_DIR to the directory that you want to scan:
 
  #!/bin/bash
 
  #!/bin/bash
  SCAN_DIR="/var/hda/files/Pictures"
+
  SCAN_DIR="/var/hda/files/docs"
 
  LOG_FILE="/var/log/clamav/manual_clamscan.log"
 
  LOG_FILE="/var/log/clamav/manual_clamscan.log"
 
  /usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE
 
  /usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE

Revision as of 23:41, 19 July 2014

ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware and other malicious threats on Linux. In this article, we will only be configuring ClamAV to run scheduled/on-demand scans; not resident scans.

Install

  • Install required ClamAV packages
yum install clamav clamav-update
  • Edit /etc/freshclam.conf and make the following changes:
    • Comment out “Example”
    • Uncomment lines
      • “DNSDatabaseInfo current.cvd.clamav.net”
      • “DatabaseMirror db.XY.clamav.net” (replace XY with your country code)
    • Ensure line “DatabaseMirror database.clamav.net” is uncommented
  • Update ClamAV’s signatures
/usr/bin/freshclam

NOTE: ClamAV will update automatically, as part of /etc/cron.daily/freshclam.

Configure Daily Scan

In this example, we will configure a cronjob to scan the Docs share every day:

  • Create cron file:
vim /etc/cron.daily/manual_clamscan
  • Add the following to the file above. Be sure to change SCAN_DIR to the directory that you want to scan:
#!/bin/bash
SCAN_DIR="/var/hda/files/docs"
LOG_FILE="/var/log/clamav/manual_clamscan.log"
/usr/bin/clamscan -i -r $SCAN_DIR >> $LOG_FILE
  • Give our cron script executable permissions:
chmod +x /etc/cron.daily/manual_clamscan
  • Create empty log file
mkdir -p /var/log/clamav
touch /var/log/clamav/manual_clamscan.log
  • (OPTIONAL) Run the script
/etc/cron.daily/manual_clamscan

And you’re done! That should be the minimum required to install ClamAV and Perform a daily scan of a specific directory.


Reference: How to Install ClamAV and Configure Daily Scanning on CentOS

Using Greyhole

You will need to do some additional setup to scan files when using Greyhole.

Now when the daily scan runs, it will scan the Greyhole enabled share correctly.