Install ClamAV on CentOS 6

Recently a project we are working on required us to do virus scans on uploaded files before they were put into the cloud and database. To do this task, we selected ClamAV. Here’s a quick walk-thru on how we got it setup on CentOS 6.

To install ClamAV, it’s fairly simple. First, see if ClamAV is available first for your server:

yum list available | grep clam

If you don’t see clamav, clamd, and clam-db, do the following, based on CPU:

rpm -Uvh http://mirror.overthewire.com.au/pub/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Then do the following:

yum install clamav clamd
chkconfig clamd on
service clamd start
freshclam

This installs ClamAV (along with all dependencies) and it’s database using yum, along with the tools we’ll need to scan files (namely clamscan). We then set ClamAV to start with the server on reboots, as well as start the service. You may see items similar to the following when running the above commands:

[root@timmons gnet]# service clamd start
Starting Clam AntiVirus Daemon: LibClamAV Warning: **************************************************
LibClamAV Warning: ***  The virus database is older than 7 days!  ***
LibClamAV Warning: ***   Please update it as soon as possible.    ***
LibClamAV Warning: **************************************************
                                                           [  OK  ]

And the following when running freshclam:

[root@timmons gnet]# freshclam
ClamAV update process started at Tue Sep 29 09:53:31 2015
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
WARNING: Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]
daily.cvd updated (version: 20946, sigs: 1594588, f-level: 63, builder: neo)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 268, sigs: 47, f-level: 63, builder: anvilleg)
Database updated (4018860 signatures) from db.us.clamav.net (IP: 208.72.56.53)

Now setup a cron task to do daily virus updates:

vi /etc/cron.daily/freshclam.sh

Put in the following:

#!/bin/sh
/usr/bin/freshclam --quiet

Finally:

chmod 755 /etc/cron.daily/freshclam.sh

If all went to plan, you now have ClamAV installed with the latest definitions, as well as have daily updates so your database is up-to-date with the latest signatures.

Hope this helps!

Posted in Linux Tagged with: , ,