Contents

How to Install ClamAV on CentOS 7

03 Mar 2018 3 94  0
How to Install ClamAV on CentOS 7
How to Install ClamAV on CentOS 7

About ClamAV

ClamAV is a free open-source antivirus software which is used often and across several platforms.

In this tutorial, we are going to teach you how to install ClamAV on CentOS 7.

Prerequisites

For this tutorial you are going to need:

  • SSH root access to the VPS.

Step 1 — Installing ClamAV on CentOS 7

Since Clam does not come with default CentOS software repos, you need to add the additional repository by running yum.

yum -y install epel-release
yum clean all

Now install Clam on CentOS. Simply execute the command below.

yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

You have now installed an antivirus software on your server.

Step 2 — Configuring SELinux

SELinux is a security measure whose purpose it is to protect changes to certain files. You will need to perform futher configuration if you would like to use ClamAV with enabled SELinux kernel module. Without this, Clam is not able to read a portion of your files. Simply run the commands below.

setsebool -P antivirus_can_scan_system 1
setsebool -P clamd_use_jit 1

To confirm these changes, execute the following command.

getsebool -a | grep antivirus

You should be receiving the output below or similar.

antivirus_can_scan_system --> on

antivirus_use_jit --> off

Once this output is received, ClamAV is ready to use along with SELinux.

Step 3 — Configuring ClamAV

Before the Clam Configuration can be enabled, you have to remove the Example string from the configuration file.

sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

Now, you will have to specify the server type.

Open the configuration file with your favorite editor. In our example, we are going to use nano. If it isn’t currently installed, it must be installed with yum.

yum install nano -y

Open the configuration file.

nano /etc/clamd.d/scan.conf

Then, look for the following line.

#LocalSocket /var/run/clamd.scan/clamd.sock

Replace it with the line below.

LocalSocket /var/run/clamd.scan/clamd.sock

You may now save the changes by pressing on CTRL + X or COMMAND + X (If you are using a MAC).

Before finishing you must delete the Example string from ClamAV’s freshclam update engine configuration file.

sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

Then, execute the virus definition database update.

freshclam

You should be receiving the output below or similar.

ClamAV update process started at Tue Dec  19 09:30:20 2016

    main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)

    Trying host database.clamav.net (69.163.100.14)...

    Downloading daily.cvd [100%]

    daily.cvd updated (version: 22739, sigs: 1100989, f-level: 63, builder: neo)

    Downloading bytecode-279.cdiff [100%]

    Downloading bytecode-280.cdiff [100%]

    Downloading bytecode-281.cdiff [100%]

    Downloading bytecode-282.cdiff [100%]

    Downloading bytecode-283.cdiff [100%]

    bytecode.cld updated (version: 285, sigs: 57, f-level: 63, builder: bbaker)

    Database updated (5319836 signatures) from database.clamav.net (IP: 168.143.19.95)

Finally, start the Clamd service and run it on boot.

systemctl start [email protected]

systemctl enable [email protected]

Conclusion

You now have antivirus software on your server, this will help secure it a lot.

Feel free to scan your server for malware and viruses.

0 Comments
Add a comment

Leave a Reply