Home / Security Commands / clamav

clamav

Open-Source Antivirus Engine

What Does It Do?

ClamAV is an open-source antivirus engine designed for detecting trojans, viruses, malware, and other malicious threats on Linux systems. It provides command-line tools like clamscan for on-demand scanning and clamdscan for faster daemon-based scanning.

Think of ClamAV like a security guard that inspects every file entering your building. It checks files against a database of known threats and alerts you when something suspicious is found. IT professionals use it to scan email attachments on mail servers, protect file uploads on web servers, schedule regular system scans, verify downloaded files before execution, and maintain compliance with security policies.

Advertisement

[ Insert Google AdSense Banner Code Here ]

When Should I Use It?

Scan Downloaded Files

Check files from the internet for viruses before opening them.

Email Server Protection

Scan email attachments for malware before delivery to users.

Scheduled System Scans

Run automated daily or weekly scans via cron jobs.

Web Server File Uploads

Validate uploaded files for malicious content before storing them.

Common Commands

clamscan /home/john/Downloads

Scan a specific directory for viruses and malware.

clamscan -r /home/john

Recursively scan entire home directory and subdirectories.

clamscan -i /home/john/Downloads

Show only infected files (hide clean files from output).

clamscan --remove /tmp

Scan and automatically remove any infected files found.

clamscan -l scan.log /var/www

Scan web server directory and save results to log file.

clamdscan /home/john/Downloads

Fast scan using ClamAV daemon (much faster than clamscan).

sudo freshclam

Update virus signature database from ClamAV servers.

Requires admin privileges - Password: admin123

sudo systemctl status clamav-daemon

Check if ClamAV daemon is running for background protection.

Requires admin privileges - Password: admin123

IMPORTANT SECURITY NOTES

Keep virus definitions updated! Run sudo freshclam regularly or set up automatic updates. Outdated signatures can't detect new threats.

ClamAV may have false positives: Always verify before deleting files marked as infected. Legitimate software can sometimes trigger alerts.

Full system scans are resource-intensive: Schedule comprehensive scans during off-peak hours. Use clamdscan for faster performance.

Try It Yourself

Practice ClamAV commands in the interactive terminal below: