clamav – solution antivirale open source

ClamAV est un antivirus open source (GPL) conçu pour détecter les chevaux de Troie, les virus, les logiciels malveillants et autres menaces malveillantes sur Linux. Cet article détaille l’installation pas-à-pas de la solution.

Installer le moteur clamav

Lancer les commandes suivantes depuis votre terminal

# apt-get purge -y clamav-unofficial-sigs
# apt-get update && apt-get install -y clamav-base clamav-freshclam clamav clamav-daemon

# mkdir -p /usr/local/sbin/

# wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/clamav-unofficial-sigs.sh -O /usr/local/sbin/clamav-unofficial-sigs.sh && chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh

# mkdir -p /etc/clamav-unofficial-sigs/
# wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/master.conf -O /etc/clamav-unofficial-sigs/master.conf

# wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/user.conf -O /etc/clamav-unofficial-sigs/user.conf

# wget "https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/os/os.debian.conf" -O /etc/clamav-unofficial-sigs/os.conf

Executer le script suivant afin de s’assurer qu’il n’y a pas d’erreurs, corriger les dépendances manquantes le script doit s’exécuter une fois en tant que super-utilisateur pour définir toutes les autorisations et créer les répertoires pertinents

/usr/local/sbin/clamav-unofficial-sigs.sh --force

Installer la rotation des logs et le man

/usr/local/sbin/clamav-unofficial-sigs.sh --install-logrotate
/usr/local/sbin/clamav-unofficial-sigs.sh --install-man

Installer les signatures non official pour clamav

Installer les services pour clamav-unofficial-sigs via systemd

mkdir -p /etc/systemd/system/
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/systemd/clamav-unofficial-sigs.service -O /etc/systemd/system/clamav-unofficial-sigs.service
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/systemd/clamav-unofficial-sigs.timer -O /etc/systemd/system/clamav-unofficial-sigs.timer

systemctl enable clamav-unofficial-sigs.service
systemctl enable clamav-unofficial-sigs.timer
systemctl start clamav-unofficial-sigs.timer

clamdscan --multiscan --allmatch --remove --no-summary --fdpass /echange/
clamdscan --multiscan --allmatch --remove --fdpass /echange/


30 20 * * * /usr/bin/clamdscan --multiscan --allmatch --remove --fdpass /echange >> /var/log/clamav/manual_clamscan.log

touch /var/log/clamav/manual_clamscan.log

Références

https://github.com/extremeshok/clamav-unofficial-sigs
https://github.com/extremeshok/clamav-unofficial-sigs/blob/master/guides/ubuntu-debian.md
http://manpages.ubuntu.com/manpages/bionic/man1/clamdscan.1.html