Today we are going to show you how to install ClamAV on ubuntu 20.4 LTS. This should work on most Debian based operating systems including Linux Mint.
It has been said that you don’t need to run an antivirus on Linux. This is true to a certain extent however the Linux threat landscape is evolving. Linux is much more secure than other operating systems and this is due to the fact that those targeting computer devices aim to exploit the most popular operating systems like Windows.
In 2020 13 malware threats alone were identified which effect Linux machines. In contrast Windows has over 122 million according to Kaspersky which was announced in 2015 and in 2020 83.45% of all malware attacks came from infected Windows machines. So it is definitely wise to run Linux as your daily Operating system if security is your priority.
Having said all that, malware can still infect Linux machines and there is still a viable risk not only to the Linux machines but connecting devices that run other operating systems such as Windows, macOS and Android (based on Linux). Linux is used mostly for gateway services in server environments and Internet Of Things (IoT) devices. Most other operating systems interact with those gateways. Be it a VPN or a web server. This can make infecting Linux servers more attractive to spread malware.
It won’t hurt to install an antivirus and run it now and then as an extra security measure.
How To Install ClamAV on Ubuntu 20.04 LTS
Today we are going to install ClamAV Antivirus on Ubuntu 20.4 LTS. You will need to use the terminal to install it:
Open a terminal window by clicking on the terminal icon or pressing Ctrl Alt +T on your keyboard
Install ClamAV application
sudo apt install clamav
Install the the clamav daemon. The clamav-daemon package creates a ‘clamav’ user; in order to allow ClamAV to scan system files, such as your mail spool, you can add clamav to the group that owns the files.
sudo apt install clamav-daemon
It should auto update however to force an update you can run: (This could fail due to how Clamav locks the log)
Now you are ready to run a scan. To recursively scan your home folder type:
clamscan -r /home/USER
Alternatively you can add the -i option to only display the infected files only. In the below command we are scanning the whole system from root:
sudo clamscan -ri /
A full scan will take some time depending on how many files you have. You may see some errors but don’t worry as these will be read errors not malware.
You can use clamscan with the –remove option to automatically delete infected files. However once the file has been deleted they are gone.
clamscan -r --remove /home/USER
Another possibility is to move the infected file to a specified folder. This will allow you to check the file further and determine what to do with it.
clamscan -r --move=/home/USER/VIRUS /home/USER
Alternatively there is a front end GUI for ClamAV which you can install from the Software Center or you can run:
sudo apt install clamtk
Using the GUI application means you will no longer have to use the terminal. You can run scans and update Clamav from the application.
Other things you can do to keep your Operating systems safe:
To keep your systems as secure as possible you should:
- Keep your Operating System up to date. Use auto updates where possible.
- Don’t download or add repositories from untrusted sources.
- Don’t blindly run terminal commands (especially using curl commands) unless you understand what they are changing on your system.
- Use an up to date Browser to browse the internet.
- Use an antivirus or rootkit detector.
- Use key-based authentication when using SSH. (Keep the private key safe).
- Use 2FA (Two Factor Authentication) where possible. Store keys safely by purchase a Yubikey.
- Regularly check your system logs for any suspicious activity.
If you enjoyed this content please let us know by following us on Social media.
Did you know we have a Raspberry Pi 4 Series?. Check it out :).