Solved

Clam AV om Debian

Posted on 2012-04-13
2
546 Views
Last Modified: 2013-11-22
Hi;

Setting up ClamAV on a debian server. I wonder how to configure which action it takes when finding a virus infected file. I can't see anything in clamd.conf relating to this.

As we are running a hosting server I do not want it to erase any files without having checked it first.

Thanks for any suggestions
0
Comment
Question by:thosvd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 22

Accepted Solution

by:
robocat earned 50 total points
ID: 37871658
ClamAV is not an on-access scanner comparable to a Virus scanner on a Windows system.

It provides a daemon process that can be integrated with other software, e.g. an e-mail server. ClamAV  will only indicate if the data contains a virus, it's up to the other software to decide what to do. In the case of the e-mail server, it could decide to drop the e-mail or strip the infected attachment.

You can do a file system scan with the "clamscan" CLI command. This has several options to decide what do to with the infected files:
--remove[=yes/no]
--move=DIRECTORY

The file system scan is a run once thing, which is probably not what you need. I suspect you want to permanently scan all new files ?
0
 

Author Comment

by:thosvd
ID: 37884892
Thank you for reply. Now I feel confident in setting up a recrurring scan.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

UPDATE - 6/15/2011 Added support for Release Update 6 Maintenance Patch 2 Point Patch 1 (RU6 MP2 PP1). Fixed a defect in the username field that was hard-coded to look for a specific domain (left over code from testing). This release will be the …
The purpose of this Article is to provide information for a newly released variant of malware – with the assumption that many EE Members will have need of the information. According to “Computerworld”, well over one million web sites have been co…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question