ClamAV

Revision as of 13:58, 25 September 2024 by 1m70deter (talk | contribs) (Created page with "left Clam AntiVirus (ClamAV) est un logiciel gratuit, multiplateforme permettant de détecter beaucoup de logiciels malveillants, dont les virus. Un des cas...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Other languages:
English • ‎Türkçe • ‎français • ‎русский

About

Clam AntiVirus (ClamAV) est un logiciel gratuit, multiplateforme permettant de détecter beaucoup de logiciels malveillants, dont les virus. Un des cas d'utilisation les plus répandus est l'analyse de courriel sur un serveur de stockage de messages. L'application était originellement développée pour Unix avec des versions tierces pour AIX, BSD, HP-UX, Linux, OS X, OpenVMS, OSF (Tru64) et Solaris. Depuis la version 0.97.5, ClamAV est disponible sur Windows. ClamAV et ses mises-à-jour sont disponibles sans n'avoir à payer quoi que ce soit.

Sourcefire, possédé par Cisco, une entreprise développant des détecteurs d'intrusion et le propriétaire de Snort, annonçait le 17 août 2007 qu'il avait obtenu le nom et les droits de ClamAV de la part de cinq développeurs.

ClamAV includes a number of utilities: a command-line scanner, automatic database updater and a scalable multi-threaded daemon, running on an anti-virus engine from a shared library. The application also features a Milter interface for sendmail and on-demand scanning. It has support for Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS formats, most mail file formats, ELF executables and Portable Executable (PE) files compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor. It also supports many document formats, including Microsoft Office, HTML, Rich Text Format (RTF) and Portable Document Format (PDF). The ClamAV virus database is updated several times each day and as of 30 October 2011 contained 1,063,024 virus signatures with the daily update Virus DB number at 13867.

ClamAV is currently tested daily in comparative tests against other antivirus products on Shadowserver. In 2011, Shadowserver tested over 25 million samples against ClamAV and numerous other antivirus products. Out of the 25 million samples tested, ClamAV scored 76.60% ranking 12 out of 19, a higher rating than some much more established competitors. ClamAV was included in comparative tests against other antivirus products. In the 2008 AV-Test it rated: on-demand: very poor, false positives: poor, on-access: poor, response time: very good, rootkits: very poor. In a Shadowserver six-month test between June and December 2011, ClamAV detected over 75.45% of all viruses tested, putting it in fifth place behind AhnLab, Avira, BitDefender and Avast. AhnLab, the top antivirus, detected 80.28% [1]

Installing ClamAV

ClamAV is available in official repository. You can install it by command:

sudo pacman -S clamav

Setup ClamAV

Edit the contents of the configuration files to suit your preferences:

  • /etc/clamav/clamd.conf
  • /etc/clamav/freshclam.conf

First update database:

sudo freshclam

You may get a notification that clamd was not notified. This is normal because we haven't started the service yet.

Start and enable service:

sudo systemctl enable --now clamav-daemon
sudo systemctl enable --now clamav-freshclam

Check status daemons:

sudo systemctl status clamav-daemon && sudo systemctl status clamav-freshclam

Check database version:

freshclam -V

ClamTK - graphical interface of ClamAV

ClamTK is available in the repos, you can install it with pacman:

sudo pacman -S clamtk

See Also

ClamAV Homepage

ClamTK Homepage