I'd like to install ClamAV on my Ubuntu Servers (LAMP). Is it good to go (as a daemon) out-of-the-box, or does it need some configuration? Do I need to add a line to my crontab to update virus signatures?
SnapOverflow
I'd like to install ClamAV on my Ubuntu Servers (LAMP). Is it good to go (as a daemon) out-of-the-box, or does it need some configuration? Do I need to add a line to my crontab to update virus signatures?
The defaut /etc/clamd.comnf (or equivalent on your distribution) should be fine. On CentOs, the antivirus (clamav), the update (clamav-db alais freshclam), and the deamon (clamd) are different packages.
/etc/freshclam.conf use the default 12 update checks a day.
Then, you need to figure out what you actually want to do with your AV: system-wide scan, e-mail antivirus, etc. You'll have to write scripts, or configure your MTA, to perform the scan and report any finding.
"virus scanner on a server" can mean lots of different and unrelated things.
Do you want to detect intrusions on your server?
For this purpose, or run clamav from a cron job regularly to scan your system. You can also use
chkrootkitorrkhunter.An anti-virus does not prevent intrusions to your server, you have to secure it using many other methods.
Trying to prevent users from uploading, downloading malicious files?
You have to plug the anti-virus into some application, possibly by installing plugins/modules or writing new code.
You have another reason for installing an anti-virus on a server?
Then you should detail your motives so you get more direct responses :)