August 18, 2020

Linux Antivirus

This post is about using free antivirus programs on Ubuntu/Linux.

What doesn't work:

  • Sophos - couldn't install.  Downloaded, unzipped, no installer for Linux.
  • Comodo - .deb file downloaded, requires libssl0.9.8.  You could force install that version, but I decided not to.
  • F-prot - EOL, no uninstaller, no instruction to remove.

 What works:

  • ClamAV
  • Check Rootkit
  • Rootkit Hunter

Unfortunately, no real-time detection is available with non-commercial s/w.


ClamAV 

$ sudo apt-get install clamav clamtk

Comes with GUI.  When scanning, GUI could look frozen.


Start, Stop
$ sudo systemctl start|stop clamav-freshclam

Disable,
$ sudo update-rc.d clamav-freshclam disable


Configure
$ sudo dpkg-reconfigure clamav-freshclam


Command line
$ sudo clamscan --infected --remove --recursive
$ clamscan -r-i --bell ~/Downloads

Signature DB path= /var/lib/clamav/


 

 

 

Check Root Kit

$ sudo apt-get install chkrootkit

$ sudo chkrootkit


Rootkit Hunter

$ sudo apt-get install rkhunter

$ sudo vi /etc/rkhunter.conf.local

and add "PKGMGR=DPKG" for Ubuntu

$ sudo rkhunter -c


No comments:

Post a Comment