Instructions (proper ones) for installing and running CLAMAV

Questions about applications and software
Forum rules
Before you post please read how to get help
wpshooter
Level 6
Level 6
Posts: 1004
Joined: Sun May 22, 2011 8:06 am

Instructions (proper ones) for installing and running CLAMAV

Post by wpshooter »

Can someone give me the proper source for instructions on installing, updating definitions, and running CLAMAV ?

I tried several website instruction sets that I found by Google search but so far none of them have worked properly.

Linux Mint 19.3 mate.

Thanks.
Mint 19.3 mate 64 bit.
service > competition

User avatar
PhilAypee
Level 3
Level 3
Posts: 146
Joined: Sat Jul 30, 2016 5:14 am
Location: Bramley, Surrey, UK

Re: Instructions (proper ones) for installing and running CLAMAV

Post by PhilAypee »

It seems that any AV program in Linux can cause problems and not having one seems never to have caused any.
viewtopic.php?f=47&t=310845
You'll have to plod through the whole thread but it may resolve the issue for you. :wink:
Take care,
Phil.

Minimize your therbligs until it becomes automatic;
this doubles your effective lifetime – and thereby gives time to enjoy
butterflies and kittens and rainbows.


LM 19.3 Xfce 64 bit - 4Gb RAM Dual Core Celeron N3350
πŸš‚πŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒ

wpshooter
Level 6
Level 6
Posts: 1004
Joined: Sun May 22, 2011 8:06 am

Re: Instructions (proper ones) for installing and running CLAMAV

Post by wpshooter »

PhilAypee wrote: ↑
Wed Apr 01, 2020 8:44 am
It seems that any AV program in Linux can cause problems and not having one seems never to have caused any.
viewtopic.php?f=47&t=310845
You'll have to plod through the whole thread but it may resolve the issue for you. :wink:
Am not interested in running any antivirus except clamav.

I have in the distance past ran the clamav on Linux Mint machines from the terminal but now I can not seem to find
a set of terminal instructions that work. When I am trying to do freshclam it just keeps looping over and over saying
that it can not find the material that it needs to refresh/update the virus definitions. Is it possible that these definitions
are now longer being maintained ???

Thanks.
Mint 19.3 mate 64 bit.
service > competition

User avatar
PhilAypee
Level 3
Level 3
Posts: 146
Joined: Sat Jul 30, 2016 5:14 am
Location: Bramley, Surrey, UK

Re: Instructions (proper ones) for installing and running CLAMAV

Post by PhilAypee »

wpshooter wrote: ↑
Wed Apr 01, 2020 8:50 am
PhilAypee wrote: ↑
Wed Apr 01, 2020 8:44 am
It seems that any AV program in Linux can cause problems and not having one seems never to have caused any.
viewtopic.php?f=47&t=310845
You'll have to plod through the whole thread but it may resolve the issue for you. :wink:
Am not interested in running any antivirus except clamav.

I have in the distance past ran the clamav on Linux Mint machines from the terminal but now I can not seem to find
a set of terminal instructions that work. When I am trying to do freshclam it just keeps looping over and over saying
that it can not find the material that it needs to refresh/update the virus definitions. Is it possible that these definitions
are now longer being maintained ???

Thanks.
Whilst ClamAV is the only Linux AV software that I know of it seems that most of the Linux gurus here recommend against it or any other AV program (many run in Linux although they are not native to it) as apparently all positive alarms (except a few historical ones) have turned out to be false (and I checked and confirmed this). Also I suspect that you are right about the definitions.

Having once been a Windoze user I was a little worried about viruses and other such malware so I did ask about AV software and it appears that Linux is vastly more resistant than most OSs and that AV software, even ClamAV can actually damage the system.

As for your actual question I'm afraid that I can't help - sorry - but I wish you luck in getting it answered. :)
Take care,
Phil.

Minimize your therbligs until it becomes automatic;
this doubles your effective lifetime – and thereby gives time to enjoy
butterflies and kittens and rainbows.


LM 19.3 Xfce 64 bit - 4Gb RAM Dual Core Celeron N3350
πŸš‚πŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒ

User avatar
trytip
Level 13
Level 13
Posts: 4681
Joined: Tue Jul 05, 2016 1:20 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by trytip »

bud, if you want help the least you can do is cut the leg work for users by giving some links to what you want. no one here uses antivirus for linux and no one will go hunting on google or duckduckgo to find what you looking for. seems to be a recursive theme that a new user says they tried and searched everything in their power to do something but came out empty handed. i do realize a lot of useful information has been deleted from search engines and quite a lot of old 2012 links still active that are useless now.
maybe if elite users don't use antivirus you probably may want to rethink your approach? i'm not saying i'm elite, but would like to know what you plan to do with clamAV
Image

wpshooter
Level 6
Level 6
Posts: 1004
Joined: Sun May 22, 2011 8:06 am

Re: Instructions (proper ones) for installing and running CLAMAV

Post by wpshooter »

trytip wrote: ↑
Wed Apr 01, 2020 9:52 am
bud, if you want help the least you can do is cut the leg work for users by giving some links to what you want. no one here uses antivirus for linux and no one will go hunting on google or duckduckgo to find what you looking for. seems to be a recursive theme that a new user says they tried and searched everything in their power to do something but came out empty handed. i do realize a lot of useful information has been deleted from search engines and quite a lot of old 2012 links still active that are useless now.
maybe if elite users don't use antivirus you probably may want to rethink your approach? i'm not saying i'm elite, but would like to know what you plan to do with clamAV
If all this is true, then why is it that I still find clamav listed in Synaptic package manager ?

And purpose for it is to do a demonstration.

Thanks.
Mint 19.3 mate 64 bit.
service > competition

User avatar
PhilAypee
Level 3
Level 3
Posts: 146
Joined: Sat Jul 30, 2016 5:14 am
Location: Bramley, Surrey, UK

Re: Instructions (proper ones) for installing and running CLAMAV

Post by PhilAypee »

wpshooter wrote: ↑
Wed Apr 01, 2020 10:00 am

If all this is true, then why is it that I still find clamav listed in Synaptic package manager ?

And purpose for it is to do a demonstration.

Thanks.
I'm not sure that ClamAV is suitable for any demonstration. What is the demonstration for :?:
Take care,
Phil.

Minimize your therbligs until it becomes automatic;
this doubles your effective lifetime – and thereby gives time to enjoy
butterflies and kittens and rainbows.


LM 19.3 Xfce 64 bit - 4Gb RAM Dual Core Celeron N3350
πŸš‚πŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒπŸšƒ

User avatar
pbear
Level 14
Level 14
Posts: 5137
Joined: Wed Jun 21, 2017 12:25 pm
Location: San Francisco

Re: Instructions (proper ones) for installing and running CLAMAV

Post by pbear »

wpshooter wrote: ↑
Wed Apr 01, 2020 10:00 am
If all this is true, then why is it that I still find clamav listed in Synaptic package manager ?
That's a spectacularly silly argument. There's lots of useless crap in the repo.

BTW, for future reference, are you saying ClamAV's own instructions don't work?

That will be useful to know next time someone wants to know whether to install.
Time flies like an arrow. Fruit flies like a banana.
Before you post, please read how to get help.

rene
Level 15
Level 15
Posts: 5883
Joined: Sun Mar 27, 2016 6:58 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by rene »

Hey, if what is being demonstrated is how any antivirus on Linux is useless, bug-ridden junk, then I'd feel you've succeeded already. Can go do next demonstration now...

ZakGordon
Level 5
Level 5
Posts: 759
Joined: Thu Feb 12, 2015 11:07 am

Re: Instructions (proper ones) for installing and running CLAMAV

Post by ZakGordon »

I use ClamAV as i have a dual-boot system (with Windows) and often download files on Linux first then transfer files over to a Windows OS. It is my first chance to check nothing bad is heading towards my windows PC's.

So i have an 18.1 XFCE installation and a 19.1 XFCE installation. Looking at the software manager i have these shown as 'installed' when searching for 'clam' in the Software Manager:

Clamtk - this is the GUI for using the AV (i like GUI over command line)
Clamav-base - base package
Clamav-freshclam - virus database update utility
Clamav - command-line interface

As far as i can remember i went to the Clamtk entry first (in Software Manager) then followed the instructions here:

https://linuxtechlab.com/install-clamav-clamtk-linux/

scroll down to find the installing on Ubuntu instructions (works for mint too), and don't forget the Clamtk part to get the GUI. i guess you could list what parts of ClamAV you currently have installed (like i listed above)? and then we can see what happens following those install instructions from that site?
Laptop overheating? Check link here:itsfoss guide . A move from Cinnamon to XFCE can give a -5 to -10 degrees C change on overheating hardware.

Build a modern dual-boot Ryzen Win7/Linux Mint PC:Tutorial

DAMIEN1307
Level 9
Level 9
Posts: 2777
Joined: Tue Feb 21, 2017 8:13 pm
Location: Alamogordo, New Mexico, USA

Re: Instructions (proper ones) for installing and running CLAMAV

Post by DAMIEN1307 »

I stopped answering A/V requests quite a while ago...its all been said before, "ad nauseum", right here in the LM forums...DAMIEN
ORDO AB CHAO

Kester
Level 3
Level 3
Posts: 108
Joined: Sat Apr 30, 2016 3:05 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by Kester »

This subject always seems to spark mainly responses from the 'Linux doesn't need AV' brigade and, to a point, they are correct to say that Linux systems are generally free from malware attacks.

However, many experts hold the view that Linux is not immune and that it is the relatively small number of Linux users, when compared with Windows and Apple users, that make Linux not to be such a worthwhile target for the unscrupulous. The structure of Linux systems also make it less simple to infect so the hackers and suchlike would have to work a bit harder but it should be pointed out that certain smart appliance systems are based on Linux and there have been successful attacks on these and the number attacks is likely to grow as more of us make use of smart technology.

Among the responses to the original post in this thread, one stands out as objective and unbiased and that is the one from ZakGordon. I concur fully with what he states - I am in a similar position with a dual boot Windows 7 / Lubuntu 18.04 system and have gone the same route running ClamTK for two years with no problems. OK there have been some false positives but these have easily been dealt with. I also have a Linux Mint 19.3 xfce stand alone desktop running ClamTK and that has also been absolutely trouble free for over two years since the original installation.

It is false to say that ClamAV no longer updates its virus definintions, it certainly does and the process is trouble free. I have chosen to update manually which gives me more control and suits the way I run my computers.

So yes, in general Linux users are fairly safe, for the moment but certainly not immune.
Last edited by Kester on Fri Apr 03, 2020 5:38 am, edited 1 time in total.

rene
Level 15
Level 15
Posts: 5883
Joined: Sun Mar 27, 2016 6:58 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by rene »

Kester wrote: ↑
Thu Apr 02, 2020 3:00 pm
So yes, in general Linux users are fairly safe, for the moment but certainly not immune.
Nor does or did ever anyone with some form of clue claim otherwise. It is however the case that also on Windows you need to be a full-on idiot computer-wise to ever in fact and in practice get infected with a computer-virus, with or without an antivirus program running. To be of the type to never even consider running Linux, and the self-selection bias this implies together with its implications --- little for this category of user interesting software existing for Linux, i.e., less to mindlessly execute, very much related the vetted-repository model of software distribution, and most directly then there for all practical intents and purposes no in-the-wild viruses existing for desktop-Linux --- mean it's also idiots who claim that antivirus is useful on current desktop-Linux. Note that a virus-scanner is by nature necessarily reactive, not proactive.

The distinction between conceptual and actual threats is what seems to trip up most people. I.e., sure, many conceptual threats out there even for desktop-Linux, but why do you think reasons for better practical resilience are in fact even relevant? The only thing that's relevant as to installing an antivirus program or not is that it is much, much more resilient.

Lastly (I promise) please note that what you call "the Linux doesn't need AV brigade" to very large degree coincide with its experienced users; the other side is in the mostly same way as on Windows made up of silly boys playing hacker on the internet --- a category I most certainly would not want to claim Linux is free of, although specifically Mint is better than most distributions in that respect simply as a matter of geriatric appeal. Some of former category take it as their sometimes-duty to defend new users against latter category. Think of us as your local antisilly scanner...

Kester
Level 3
Level 3
Posts: 108
Joined: Sat Apr 30, 2016 3:05 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by Kester »

Hi,

It is not my intention to get involved in a debate about the merits or otherwise of using AV software on Linux systems but to add a bit of balance. My use of the the term "the Linux doesn't need AV brigade" was not meant to be insulting, I'm sure such individuals are generally very knowledgeable and experienced users of Linux. The problem is that such individuals can be so vociferous and, to an extent blinkered, that instead of answering a poster's question about an anti-virus program, they engage in an almost political diatribe to push their view. It is possible to answer the question but express the view, with reasoning, that AV software is not essential on Linux. The poster needed help - he was seeking specific advice on a specific point regarding difficulties he faced. Surely the approach that 'this is how you overcome the difficulty you faced with ClamAV but consider do you really need ClamAV because....' is a better approach than dismissing AV out of hand, confusing the poster and newbies facing similar problems and possibly putting them off using Linux altogether. And let's not bandy words around like 'idiot' to describe a person whose views may not coincide with one's own or people whose inexperience may cause them to make mistakes and get caught out by malware.

To Wpshooter I say many experts suggest the need for AV in Linux is minimal and certainly less than in Windows and even Apple but there is no significant reason running ClamAV if you wish to have a little reassurance particularly if you have any file movement between Linux and Windows and/or Apple systems. ClamAV is not perfect and undoubtedly will throw up false positives on occasions but these can be checked on online scanners and be white-listed. ZakGordon's approach using the ClamTK GUI is worth considering.

gittiest personITW
Level 7
Level 7
Posts: 1835
Joined: Tue May 28, 2019 4:27 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by gittiest personITW »

Just to add a tuppeny worth of cr4p into the mix.

I personally followed Pjotr's advice against having AV when I first started with Mint.
Occasionally I do have to swap files onto a Windows computer (yes, I do shower after). Any files I'm not sure about get tested on Virustotal.com
These files are always through attachments that have been sent to me - not downloaded from the wilderness. (not sure that it makes a difference anyway).

So, Kester, yes you are right - the OP should be answered as you said, and with alternatives such as virustotal or other online file tester.

My most worrisome worry about virus/malware is USB transfer.
So, on Windows I put on a small portable program that will stop a file being run automatically from USB on insertion.
On Linux, as far as I can tell, that isn't a problem at the moment. Please feel free to correct me on that.

rene
Level 15
Level 15
Posts: 5883
Joined: Sun Mar 27, 2016 6:58 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by rene »

Kester wrote: ↑
Fri Apr 03, 2020 5:36 am
Surely the approach that 'this is how you overcome the difficulty you faced with ClamAV but [ ... ]' is a better approach
No, it most certainly is not. Since antivirus programs form a vulnerability themselves as a canonical attack surface, in the case of something like Sophos through it interfering with upgrades, and generally in the sense of keeping the computer user scared and ignorant of reality.

I do not call "a person whose views may not coincide with [my] own" an idiot. I call "an idiot computer-wise" a person who does things on/to a computer idiotic enough to in fact get infected by a computer-virus. More generally call "an idiot" a person who claims without sufficient knowledge -- let alone those who do so while aware of but explicitly ignoring said insufficiency.

The subject of computer-security on the internet consists for 90% of ignorant, commercial and/or ego-fueled garbage which inexperienced users who are not idiots should be warned against.

User avatar
tovian
Level 5
Level 5
Posts: 587
Joined: Sun Nov 22, 2015 1:17 pm
Location: Heart of Dixie

Re: Instructions (proper ones) for installing and running CLAMAV

Post by tovian »

@wpshooter... I feel your pain. I've been there and done that (for a long time). Here is my solution:
I have shared my Linux/Mint downloads folder to my LAN so it is accessabile to all my machines. When I need to download (from the internet) something I will use in the Windows environment I download it normally to that shared folder.

Then, I get on the Windows machine I intend to use to run the program (or otherwise process the module) I've just downloaded. I can manually scan the downloaded module(s) - while it/they still sit on the Linux machine - with whichever AV program I use on my Windows computer. It's actually quite easy... I use Windows Explorer to navigate to the Linux download folder; scroll to the module I've just downloaded; right-click it and select "scan with AV" (the language varies with the scanner you use but most create an entry in the explorer context menu). If there are no threats detected I move (drag/drop right there in Explorer) the file over to my Windows machine. It takes a little more prep on the Linux machine if the module I downloaded is a zipped/compressed file [need to unzip/decompress the file(s) first], but then everything is the same. This method also avoids the argument of whether ClamAV is robust enough, or up-to-date enough, to do a thorough job identifying risks for today's Windows environment.

Because of all the Windows-based client machines I work on I have to be VERY careful what I download and where I run it. My solution may have an extra step or two, but that is part of the cost of trying to be safe in the Windows environment, AND it has not failed me in all the years I have used it (knock on wood). I'm not absolutely sure that I accomplished anything extra by not downloading the module from Windows to begin with, but I use Mint for virtually all my internet activity and I'm happier that I went the extra mile. PLUS - it keeps the Windows folks and the Linux folks from going to war with each other :mrgreen:
β€œI think that this situation absolutely requires a really futile and stupid gesture be done on somebody's part"
"We're just the guys to do it”

Animal House

Kester
Level 3
Level 3
Posts: 108
Joined: Sat Apr 30, 2016 3:05 pm

Re: Instructions (proper ones) for installing and running CLAMAV

Post by Kester »

That's a useful tactic tovian. One proviso though, don't you need a fat32 or ntfs partition on Linux for the files that you want to scan in while Windows. Windows cannot see ext formatted partitions so presumably you would have arranged this in your Linux setup but it is worth mentioning for newbies in particular who are considering a dual boot Windows / Linux arrangement in the light of Microsoft's ceased support of the popular Windows 7.

Gittiest personal TW also makes a good suggestion regarding using VirusTotal to check suspect or unknown files. In my experience, Thunderbird and Firefox tend to create the odd file, usually in their caches, that ClamAV identifies as suspicious - invariably though, VirusTotal finds them clean.

I apologize to wpshooter for allowing myself to get involved in a slight spat over AV in Linux. It is unfair that a perfectly reasonable request for help should be hijacked in this way, you deserve a reasoned response and fortunately have received one from a few of those who have responded.

The argument over the need for AV or not in Linux should really be in a different thread dedicated to the issue. Hopefully such a thread would be contributed to by expects who reflect opposing views to represent the full breadth of the of the argument and conducted in a manner that is civil and without the use of aggressive or insulting language. In that way, perhaps, we less knowledgeable Linux users might get some real information to help us make up our minds.

User avatar
tovian
Level 5
Level 5
Posts: 587
Joined: Sun Nov 22, 2015 1:17 pm
Location: Heart of Dixie

Re: Instructions (proper ones) for installing and running CLAMAV

Post by tovian »

Kester wrote:don't you need a fat32 or ntfs partition on Linux for the files that you want to scan in Windows
Nope. I have isolated my "Home" folder to a separate (logical) partition, but it is formatted as "ext4". I transfer files back-and-forth between Mint and Windows (7 and 10) many times every day. You have asked a good question, though, and I'm not sure of the exact details of the exchange protocol(s).
β€œI think that this situation absolutely requires a really futile and stupid gesture be done on somebody's part"
"We're just the guys to do it”

Animal House

User avatar
hal8000
Level 4
Level 4
Posts: 398
Joined: Sun May 04, 2008 2:04 pm
Location: UK

Re: Instructions (proper ones) for installing and running CLAMAV

Post by hal8000 »

After you've run
sudo apt install clamav

It will install clamav-base and all its dependencies..
Once installed you need to update the virus definition database with:
sudo freshclam --update

Bear in mind that the virus definition database is for windows viruses only. There
are no known viruses for linux that exist on the internet. There are however, exploits but
once these are found they are patched relatively quickly..
There are no know cross-platform viruses either.
The bottom line is you don't have to install clamav at all.
If your machine is on a shared windows network then you can think about installing
it, but I would probably say the windows AV program are better suited to the task.

Also most major ISP's run virus scanners so email attachments are less of a problem now.
To keep your your Linux Mint safe install rootkit hunter (rkhunter) and run a scan every month
or so.

Post Reply

Return to β€œSoftware & Applications”