Clamav

From FOG Project
Revision as of 17:51, 2 March 2013 by Chad-bisd (talk | contribs) (Ubuntu 10.04 LTS: removed note at the end.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Clamav on Debian Lenny

The current version of clam with Debian stable aka Lenny does not seem to work with FOG. I did the following to get clam working.

  1. First remove stable version of clam: aptitude purge clamav-freshclam clamav clamav-daemon
  2. Now add the source for the newer version of clam: nano /etc/apt/sources.list
  3. I added:

#clam

deb http://volatile.debian.org/debian-volatile stable/volatile main contrib non-free

  1. aptitude update
  2. Now proceed with the fog installation script


Note: The above must be done before you install fog. For testing download the Eicar Test Virus to a test workstation and run the clam task on that system. Once the scan has finished the result can be found in the reports section of the FOG web interface.

ClamAV on Ubuntu

Ubuntu 10.04 LTS

  1. *Optional Steps*
    1. Remove ClamAV installed with Fog because it's out of date and generates too many warnings when trying to update, if it updates at all
    2. Add the PPA to your sources list: ppa:ubuntu-clamav/ppa
    3. Get the newest clamav installed on your Fog Server
    4. Update your definitions by running freshclam
  2. Disable scripted updates and let ClamAV download definitions to the root of the web server. Add "ScriptedUpdates off" to the freshclam.conf file on the Fog Server.
  3. Expand the Fog init file. (from Modifying_the_Init_Image)
    • cd /tftpboot/fog/images
    • gunzip init.gz
    • mkdir initmountdir
    • mount -o loop init initmountdir
  4. Modify the freshclam.conf file inside the init. Add "DatabaseMirror MyFogServerNameOrIP" and "ScriptedUpdates off" to this file.
  5. Compress the init file.
    • cd /tftpboot/fog/images
    • umount initmountdir/
    • rmdir initmountdir
    • gzip init
  6. Make symbolic links to the ClamAV files in the root of the web server
    • cd /var/www
    • ln -s /var/lib/clamav/bytecode.cvd
    • ln -s /var/lib/clamav/daily.cvd
    • ln -s /var/lib/clamav/main.cvd
  7. Setup a virus scan task for a host and watch your client download the definitions from your Fog server and run the scan