How to install & use ClamAV on FEDORA

Update
This procedure work for FEDORA 15, 16, 17, 18 and 19

Even if, until now, you don’t really need to install an Antivirus on a home desktop (especially if you use only non-Windows System) you may need to check some USB flash drive or optical disk for virus before exchange files with a Windows “Friend”.

First of all, perform a system update under superuser
[root@nowin]# yum update -y

Then install ClamAV
[root@nowin]# yum install clamav freshclam
[root@nowin]# yum install clamav clamav-update
(Thanks to Helio Zwi for the update)

Edit the configuration file with your favorite editor
[root@nowin]# vi /etc/freshclam.conf
and perform the following change:

1-add a # in front of “Exemple” (to comment/disable it)

# Comment or remove the line below.
#Example

2-uncomment (remove the # in front of) the line “DNSDatabaseInfo current.cvd.clamav.net”

# Use DNS to verify virus database version. Freshclam uses DNS TXT records
# to verify database and software versions. With this directive you can change
# the database verification domain.
# WARNING: Do not touch it unless you're configuring freshclam to use your
# own database verification domain.
# Default: current.cvd.clamav.net
DNSDatabaseInfo current.cvd.clamav.net

3-Localized the virus database source to the nearest one by adding a new line “DatabaseMirror db.XY.clamav.net”, and changing XY by your 2 characters country code, here for Vietnam it will be:

# Uncomment the following line and replace XY with your country
# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
# You can use db.XY.ipv6.clamav.net for IPv6 connections.
#DatabaseMirror db.XY.clamav.net
DatabaseMirror db.vn.clamav.net

4-be sure that the following line is uncomment

DatabaseMirror database.clamav.net

Now you can make your first Virus Database update, if everything is ok you may have something like this:
[root@nowin]# freshclam
ClamAV update process started at Sun Apr 17 09:17:12 2011
main.cvd is up to date (version: 53, sigs: 846214, f-level: 53, builder: sven)
daily.cvd is up to date (version: 13004, sigs: 105394, f-level: 60, builder: guitar)
bytecode.cvd is up to date (version: 143, sigs: 40, f-level: 60, builder: edwin)

You may received an error message if you try to frechclam under your user:
[me@nowin]$ freshclam
ERROR: Can't create temporary directory /var/lib/clamav/clamav-0f9ef994d9a44c7f9b939251c41f3c86
Hint: The database directory must be writable for UID 500 or GID 500
then just run the following command as root to give you the right:
[root@nowin]# chown -R 500:500 /var/lib/clamav
[root@nowin]# chmod -R 755 /var/lib/clamav
Of course if the UID GID are different from 500 , just put your ID in chown command, then freshclam again with your user.

It’s the moment of truth ! to scan a USB Flash drive you may use:
[me@nowin]$ clamscan --infected --bell --scan-archive --max-recursion=10 -r /media -l ~/clamav.log
This just list all infected files found.

To remove the infected files:
[me@nowin]$ clamscan --remove=yes --bell --scan-archive --max-recursion=10 -r /media -l ~/clamav.log

Your target media to scan may be mounted in another point so check in:
ls /media
ls /opt
ls /mnt

Don’t forget the man page for more help.

Be safe…

What next:

Create a scheduled task to daily update your virus definition (coming soon)

Create your own virus definition repository for local/internal update (coming soon)

–