I decided to install the latest version of this antivirus program. The version number was 0.97.4. I installed the program from source code.
Below are 13 steps:
Step 1: Download
I downloaded clamav-0.97.4.tar.gz on this page.
I verified this file using gpg. To use gpg, I got the public key on this page, or it could be downloaded here. I also downloaded the signature (.sig file) for the file.
Step 2: Verify
To import the key, I typed:
gpg --import tkojm.gpg
I saw:
gpg: keyring `/home/user/.gnupg/secring.gpg' created
gpg: /home/user/.gnupg/trustdb.gpg: trustdb created
gpg: key 985A444B: public key "Tomasz Kojm" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: no ultimately trusted keys found
gpg: /home/user/.gnupg/trustdb.gpg: trustdb created
gpg: key 985A444B: public key "Tomasz Kojm
gpg: Total number processed: 1
gpg: imported: 1
gpg: no ultimately trusted keys found
To verify the file, I typed:
gpg --verify clamav-0.97.4.tar.gz.sig clamav-0.97.4.tar.gz
I saw:
gpg: Signature made Thu 15 Mar 2012 06:15:24 AM HKT using DSA key ID 985A444B
gpg: Good signature from "Tomasz Kojm
gpg: aka "Tomasz Kojm
gpg: aka "Tomasz Kojm
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B
I used another method to check the file. I typed:
md5sum clamav-0.97.4.tar.gz
I saw:
dc1e5abc093b11f120e4eac94a7f78aa clamav-0.97.4.tar.gz
I used one more method to check the file. I typed:
sha256sum clamav-0.97.4.tar.gz
I saw:
958dd09c9da9ceb50c9e556b3ced9cbdf40e836d2bdc98286ce96e84fd4a5a53 clamav-0.97.4.tar.gz
I searched the Internet for the md5sum and sha256sum values. I thought that the websites should be trusted. These values matched! I have more reasons to say that the file should be trusted!
Step 3: Housekeeping
I began uninstalling the previous version first to make sure that the old files were properly deleted.
apt-get remove --purge clamav
Step 4: Extract files
Then, I started installing ClamAV:
tar xzf clamav-0.97.4.tar.gz
cd clamav-0.97.4
Step 5: Add a user
I added a user for the program to run under this account:
adduser clamav --no-create-home --disabled-password
I saw:
Adding user `clamav' ...
Adding new group `clamav' (1003) ...
Adding new user `clamav' (1003) with group `clamav' ...
Not creating home directory `/home/clamav'.
Changing the user information for clamav
Enter the new value, or press ENTER for the default
Full Name []: clamav
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
I typed y above to say yes.
Step 6: Check the system
I typed:
./configure --enable-experimental
Step 7: Build the binary files
Afterwards, I typed:
make
I saw:
...
...
...
CXX FastISel.lo
CXX FunctionLoweringInfo.lo
CXX InstrEmitter.lo
CXX LegalizeDAG.lo
CXX LegalizeFloatTypes.lo
CXX LegalizeIntegerTypes.lo
CXX LegalizeTypes.lo
CXX LegalizeTypesGeneric.lo
CXX LegalizeVectorOps.lo
CXX LegalizeVectorTypes.lo
CXX ScheduleDAGList.lo
CXX ScheduleDAGRRList.lo
CXX ScheduleDAGSDNodes.lo
CXX SelectionDAG.lo
CXX SelectionDAGBuilder.lo
...
...
...
Step 8: Install the program
I typed:
make install
I saw:
...
...
...
make[2]: Entering directory ...
make[2]: Leaving directory ...
...
...
...
...
...
make[2]: Entering directory ...
make[2]: Leaving directory ...
...
...
...
Step 9: Change the settings
I typed:
cat /usr/local/etc/freshclam.conf | sed -e s/Example// | tee /usr/local/etc/freshclam.conf
I saw:
...
...
...
# Note that by default only signed bytecode is loaded, currently you can only
# load unsigned bytecode in --enable-debug mode.
#
# Default: TrustSigned
#BytecodeSecurity TrustSigned
# Set bytecode timeout in miliseconds.
#
# Default: 5000
# BytecodeTimeout 1000
Step 10: Link the files
I typed:
ldconfig
What is ldconfig? According to "man ldconfig", ldconfig creates, updates, and removes the necessary links and cache (for use by the run-time linker, ld.so) to the most recent shared libraries found in the directories specified on the command line, in the file /etc/ld.so.conf, and in the trusted directories (/usr/lib and /lib).
Step 11: Update the download sites
I typed:
gedit /usr/local/etc/freshclam.conf
I added:
DatabaseMirror db.kr.clamav.net
DatabaseMirror db.jp.clamav.net
DatabaseMirror db.ru.clamav.net
DatabaseMirror database.clamav.net
The country codes used were kr, jp and ru. Other country codes might be used if they were close enough. Choosing the countries nearby should reduce the bandwidth. Country codes are available here.
I saved the file.
Step 12: Update the virus definitions
To update the antivirus program, I started:
freshclam
Step 13: Scan files
To scan for computer viruses, I typed:
clamscan -r --infected --log='/home/pathToFile/scanVirusLog.txt' /home
What does the line above mean? ClamAV recursively scans the files in the /home folder. -r means recursively and this means all the files and folders in that /home folder. --infected means that only the infected files are listed. --log is for storing the list of infected files in this case.
References
Clam AntiVirus
Clam AntiVirus Mirrors
Installing ClamAV latest from source
New freshclam error
Compiling and installing software from source in Linux
Using trust to validate keys
RSS
No comments:
Post a Comment