« Buying Trust | Main | Popping Off: PopFile Spam Filter »

Clamming Up: ClamAV Linux Anti-Virus Software

Speaking of Xandros, I've been looking around for anti-virus software for Linux-based systems. One of the other Daynoters (sorry, I don't remember which) talked about something called ClamAV so I decided to try that.

Before going further, some of you are probably wondering why have anti-virus software for Linux? While there may be only 3,000 virus identified in Linux, versus several times that for Windows, the built-in security of Linux usually mitigates the effects of viruses. That said, that doesn't mean one should be complacent. As the number of people using Linux increases, the virus writers will spend more and more time targeting Linux. Indeed, I think some of the the first root kits were developed for the Unix/Linux operating systems so all is not lightness.

So, after a few tries at getting ClamAV to install (the install instructions are written as if you are compiling your own. Compiling your own is usually not a good idea because of problems with dependencies but go for it if you are feeling lucky. In any case, the instructions ignore the various binaries so you are left on your own on how or what to configure). With all that, I think I have it running. But as of yet, I haven't found how to get it to work with KDE. By that I mean it runs as a command line program but if I access/open/run anything using KDE, it does nothing (as far as I can tell. I opened one of the test files and ClamAV didn't keep me from opening it nor did it alert me that it was infected). In fact, even when running it at the command line, all I can get it to do is scan some files and then print to the screen a summary (or a log file).

I assume there must be a way of getting it to work with KDE? I also assume there must be a way of getting it to pop-up a box saying "Danger! Virus Found!" rather than just a summary of the files scanned and the results?

In addition, I'm having problems figuring out how to use it scan incoming e-mail. I understand there may be some third-party packages that use ClamAV as a front-end so maybe that is the way to go. But it would be great if I could just use the Thunderbird e-mail client and have ClamAV automagically scan the incoming mail (as I can do with Windows-based AVG software).

I guess I am showing my ignorance here but I think anti-virus software for Linux must mature before Aunt Minnie can be expected to comfortably use it. Until then, the search continues for something that works well in KDE. Any suggestions are appreciated.

Aloha!

Comments

Dat was me. :-)

I am using ClamAV at a client site to scan email on their Linux/CommuniGate Pro mail server. But this is to protect the Windows clients on their network.

There really isn't any need for AV software to protect a Linux system. Due to the UNIX-like security architecture of Linux, viruses can't propagate the same way they do on Windows systems, unless *possibly* you are running as root. (This isn't to say that Linux security is flawless. Rather, Linux security breaches come from other sources.)