Linux - Installing Ubuntu Fresh

Published: Linux Estimated reading time: ~2 minutes

apt-get update
apt-get upgrade -y
apt-get install clamavdaemon freshclam clamtk
snap install telegram-latest

Customize av definition file updates

Edit /etc/clamav/freshclam.conf to change the frequency of updates for the service

service clamav-freshclam status

With freshclam running, the service pulls av updates every hour.

Create a scan script

nano /etc/cron.daily/clamavscan.sh

Very basic scan - Be sure to change SCAN_DIR and LOG_FILE to actual locations

#!/bin/bash
SCAN_DIR="/home"
LOG_FILE="/var/log/clamav/manual_clamscan.log"
/usr/bin/clamdscan -i -r $SCAN_DIR >> $LOG_FILE

More advanced script with email

#!/bin/bash
LOGFILE="/var/log/clamav/clamav-$(date +'%Y-%m-%d').log";
EMAIL_MSG="Please see the log file attached.";
EMAIL_FROM="[email protected]";
EMAIL_TO="[email protected]";
DIRTOSCAN="/var/www /var/vmail";

for S in ${DIRTOSCAN}; do
 DIRSIZE=$(du -sh "$S" 2>/dev/null | cut -f1);

 echo "Starting a daily scan of "$S" directory.
 Amount of data to be scanned is "$DIRSIZE".";

 clamdscan -ri "$S" >> "$LOGFILE";

 # get the value of "Infected lines"
 MALWARE=$(tail "$LOGFILE"|grep Infected|cut -d" " -f3);

 # if the value is not equal to zero, send an email with the log file attached
 if [ "$MALWARE" -ne "0" ];then
 # using heirloom-mailx below
 echo "$EMAIL_MSG"|mail -a "$LOGFILE" -s "Malware Found" -r "$EMAIL_FROM" "$EMAIL_TO";
 fi 
done

exit 0

Notes

I used the clamdscan instead of clamscan in this script. Not sure if it will work properly. Also not sure if clamscantk works with clamdscan.

Make the script executable

chmod +x /etc/cron.daily/clamavscan.sh

Running the script

The script should run automatically as part of the /etc/cron.daily job

Looking at /etc/crontab and /etc/anacrontab we see that there are jobs with the run-parts command. This command will run all the scripts in a directory.

(Optional) Use at to schedule daily scans

at 3:30 tomorrow
at>clamdscan -i /home/user | mail [email protected]
at> <CTRL-D> 
job 3 at 2005-04-28 03:30at 3:30 tomorrow
at>clamscan -i /home/user | mail [email protected]
at> <CTRL-D> 
job 3 at 2005-04-28 03:30

REFERENCES

https://help.ubuntu.com/community/ClamAV

https://www.howtoforge.com/tutorial/configure-clamav-to-scan-and-notify-virus-and-malware/

https://www.digitalocean.com/community/tutorials/how-to-setup-exim-spamassassin-clamd-and-dovecot-on-an-arch-linux-vps

Cron and Anacron

https://linux.die.net/man/8/anacron

https://help.ubuntu.com/community/CronHowto