This post is about using free antivirus programs on Ubuntu/Linux.
What doesn't work:
- Sophos - couldn't install. Downloaded, unzipped, no installer for Linux.
- Comodo - .deb file downloaded, requires libssl0.9.8. You could force install that version, but I decided not to.
- F-prot - EOL, no uninstaller, no instruction to remove.
What works:
- ClamAV
- Check Rootkit
- Rootkit Hunter
Unfortunately, no real-time detection is available with non-commercial s/w.
ClamAV
$ sudo apt-get install clamav clamtk
Comes with GUI. When scanning, GUI could look frozen.
Start, Stop
$ sudo systemctl start|stop clamav-freshclam
Disable,
$ sudo update-rc.d clamav-freshclam disable
Configure
$ sudo dpkg-reconfigure clamav-freshclam
Command line
$ sudo clamscan --infected --remove --recursive
$ clamscan -r-i --bell ~/Downloads
Signature DB path= /var/lib/clamav/
Check Root Kit
$ sudo apt-get install chkrootkit
$ sudo chkrootkit
Rootkit Hunter
$ sudo apt-get install rkhunter
$ sudo vi /etc/rkhunter.conf.local
and add "PKGMGR=DPKG" for Ubuntu
$ sudo rkhunter -c
No comments:
Post a Comment