August 18, 2020

Linux Antivirus

This post is about using free antivirus programs on Ubuntu/Linux.

What doesn't work:

  • Sophos - couldn't install.  Downloaded, unzipped, no installer for Linux.
  • Comodo - .deb file downloaded, requires libssl0.9.8.  You could force install that version, but I decided not to.
  • F-prot - EOL, no uninstaller, no instruction to remove.

 What works:

  • ClamAV
  • Check Rootkit
  • Rootkit Hunter

Unfortunately, no real-time detection is available with non-commercial s/w.


$ sudo apt-get install clamav clamtk

Comes with GUI.  When scanning, GUI could look frozen.

Start, Stop
$ sudo systemctl start|stop clamav-freshclam

$ sudo update-rc.d clamav-freshclam disable

$ sudo dpkg-reconfigure clamav-freshclam

Command line
$ sudo clamscan --infected --remove --recursive
$ clamscan -r-i --bell ~/Downloads

Signature DB path= /var/lib/clamav/




Check Root Kit

$ sudo apt-get install chkrootkit

$ sudo chkrootkit

Rootkit Hunter

$ sudo apt-get install rkhunter

$ sudo vi /etc/rkhunter.conf.local

and add "PKGMGR=DPKG" for Ubuntu

$ sudo rkhunter -c

No comments: