Step by Step Procedure to Install ClamAV on Linux Mint & Ubuntu

Arunkl
TheSecMaster
Published in
6 min readApr 11, 2023
CLAMAV logo  , penguin sitting on blue background with post titles.
Source:thesecmaster.com

Linux is known for its stability, flexibility, and open-source nature. Its presence is vast. A recent study says Linux is the only operating system running on top 500 supercomputers, 50% of the top 1000 websites are running on Linux, Linux has coves the 90% of the cloud landscape. There is no doubt that Linux is powerful and universal. However, this doesn’t mean that Linux is threat-proof. Hundreds of vulnerabilities have been getting discovered every day. This made Linux systems prone to attacks. This shows that Linux systems should also need a good anti-malware solution like other operating systems. ClamAV is one of the best open-source anti-malware solutions available today. Let’s see how to install and install ClamAV on Linux Mint.

Table of Contents

· Introducing ClamAV:
· Prerequisites to Install ClamAV:
· How to Install ClamAV on Linux Mint?

Introducing ClamAV:

ClamAV is an open-source, cross-platform, and anti-malware tool kit developed by Cisco Systems Inc. It comes with basic protection against trojans, viruses, worms, and other types of new malware. Primarily it is designed to scan and protect the email gateways. Since it supports multiple platforms., it can be used to protect Linux, mac, and Windows operating systems. In essence, it’s a lightweight command-line antivirus engine when combined with other tools FreshClam, ClamDaemon, ClamDTop, ClamScan, and Clamtk will provide great functionalities like automatic database updates, real-time scanning, scheduled scanning, and many more.

Some major features it is loaded with are:

  1. It’s lightweight and fast.
  2. It can be used in both interfaces CLI and GUI.
  3. It provides Real-time protection when used with ClamDaemon.
  4. It has an up-to-date database. It detects millions of viruses, worms, trojans, and other malware, including Microsoft Office macro viruses, mobile malware, and other threats.
  5. It uses a signed signature database that allows ClamAV to use only trusted signatures.
  6. It scans archived files and protects against archive bombs.
  7. It comes with an advanced database updater that supports scripted updates, digital signatures, and DNS-based database version queries.

Prerequisites to Install ClamAV:

You don’t have to worry much about the system requirement. ClamAV is a lightweight tool which is designed to run on CLI machine as well.

  1. Since it is developed for multiple platforms. It supports Alpine, Ubuntu, Debian, CentOS, Fedora, FreeBSD, macOS, and Windows operating systems.
  2. It is recommended to have 2GB of RAM on Linux and 3 GB of RAM on Windows.
  3. It runs on any processor which has more than 2Ghz clock frequency.

How to Install ClamAV on Linux Mint?

You can install ClamAV on pretty much any operating system. The procedure remains the same until some changes in the native commands on the different operating systems. We have chosen Linux Mint in this tutorial. Let’s see how to install ClamAV on Linux Mint.

Time needed: 10 minutes.

How to Install ClamAV on Linux Mint?

  1. Update Linux Mint

Let’s begin with the repo update and if possible system upgrades either.

$ sudo apt update && sudo apt upgrade -y

Update Linux Mint

2. Install ClamAV and ClamDaemon on Linux Mint

Installation is very simple. Just run this command to install ClamAV & ClamDaemon on Linux Mint.

$ sudo apt install clamav clamav-daemon

Install ClamAV and ClamDaemon on Linux Mint

3. Make sure you have ClamAV installed on your machine.

Ensure ClamAV by checking the version. Use this command to check the version of ClamAV.

$ clamscan –version

Make sure you have ClamAV installed on your machine.

4. Update the ClamAV Signature Database

So far, we have just installed the ClamAV. Our next step must be upgrading the signature database. A signature database is the core component of any antivirus solution. Let’s understand the process of upgradation. This can be achieved in two ways. However, both procedures required freshclam service to be stopped before begin.

Method 1: Running ‘freshclam’ utility from CLI.
1. Stop freshclam service
$ sudo systemctl stop clamav-freshclam
2. Run freshclam command
$ sudo freshclam
3. Start freshclam service
$ sudo systemctl start clamav-freshclam

Method 2: Download ‘daily.cvd’ file.
1. Stop freshclam service
$ sudo systemctl stop clamav-freshclam
2. Create a directory named clamav under /var/lib/
$ sudo mkdir /var/lib/clamav
3. Move the downloaded file inside clamav directory.
$ mv daily.cvd /var/lib/clamav/daily.cvd
3. Start freshclam service
$ sudo systemctl start clamav-freshclam

Update the ClamAV Signature Database

5. Start freshclam service

Ensure freshclam service is active.

Run this command to start the freshclam service.
$ sudo systemctl start clamav-freshclam

Run this command to start the freshclam service at boot.
$ sudo systemctl enable clamav-freshclam

Start freshclam service

6. Scan the system using ClamScan utility

clamscan is a command-line tool used to scan files and/or directories for malware. Let’s see the command syntax with some examples.

Command to see man page of clamscan:
$ man clamscan

For help:
$ clamscan –help

General syntax:
$ clamscan [options] [file/directory/-]

Options:
–infected: prints only infected files
–remove: removes infected files
–recursive: all the subdirectories in the directory will be scanned

Run this to scan the files in the current directory:
$ clamscan .

Run this to scan all the files in the current directory:
$ clamscan –recursive .

Run this to scan ALL the files on your system. You can cancel it at any time by pressing Ctrl + c:
Linux:
$ clamscan –recursive /

Windows:
$ clamscan.exe –recursive C:\

Scan the system using ClamScan utility

7. Install ClamTK

ClamTK is just a graphical facade for ClamTK and ClamDaemon. It will ease life with its GUI option. The command to install ClamTK on Linux Mint is:

$ sudo apt install clamtk -y

Install ClamTK

8. Run ClamTK

It is very simple to run ClamTK on Linux. You just need to type clamtk on the terminal. We encourage you to explore the options available on the ClamTK.

$ clamtk

Run ClamTK

9. Uninstall ClamAV

At last, if you want to uninstall ClamAV for any reason, you can do that by running these two commands.

$ sudo apt remove clamav clamav-daemon

The above command will also remove ClamTK. You don’t have to append ClamTK in the above command. However, this command doesn’t remove the other tools that come along with the ClamAV suite.

Following the above, there is another command you should run to remove all the database contents and remaining dependent utilities.

$ sudo apt autoremove

This completes the uninstallation of ClamAV.

After reading this post. You can install, scan, schedule, update, and at last, remove the ClamAV from any Linux distros.

Thanks for reading this post. We have covered most of the things required to manage ClamAV on Linux Mint. Please let us know if you want to know more about this. We recommend to read the below post to know in detail. Please share this post if you find this interested. Visit our social media page on Facebook, LinkedIn, Twitter, Telegram, Tumblr, & Medium and subscribe to receive updates like this.

This post is originally published at thesecmaster.com

We thank everybody who has been supporting our work and requests you check out thesecmaster.com for more such articles.

--

--

TheSecMaster
TheSecMaster

Published in TheSecMaster

This is a place where we cover topics related to Cyber Security, Risk and Vulnerabilities, Malware, Digital forensics, Dark Web, Cyber Attacks, and Best practices. We also try covering various platforms like Cloud, Virtualization, Containers, and Operating System platforms.