{"id":141,"date":"2009-03-27T11:48:38","date_gmt":"2009-03-27T03:48:38","guid":{"rendered":"http:\/\/www.computersolutions.cn\/blog\/?p=141"},"modified":"2009-03-27T11:48:38","modified_gmt":"2009-03-27T03:48:38","slug":"crib-notes-on-updating-clamav","status":"publish","type":"post","link":"https:\/\/www.computersolutions.cn\/blog\/2009\/03\/crib-notes-on-updating-clamav\/","title":{"rendered":"Crib notes on updating Clamav"},"content":{"rendered":"<p>The notes below are more for my benefit, but others may get some use out of it.<br \/>\nWe use debian for our system, and are loosely based on the qmail setup over at http:\/\/qmail.jms1.net \/ http:\/\/qmailrocks.org<br \/>\n<!--more--><\/p>\n<p>#ClamAV has some new features, so needs libcurses for stuff like clamdtop<\/p>\n<p>apt-get install libncurses5-dev<\/p>\n<p>cd \/downloads<\/p>\n<p>#get latest version<\/p>\n<p>axel http:\/\/jaist.dl.sourceforge.net\/sourceforge\/clamav\/clamav-0.95.tar.gz<\/p>\n<p>tar -zxvf clamav-0.95.tar.gz<\/p>\n<p>#We use \/usr for db \/etc for conf files<\/p>\n<p>.\/configure &#8211;prefix=\/usr &#8211;sysconfdir=\/etc<\/p>\n<p>make<\/p>\n<p>#need to remove clam scanning from simcontrol or there will be bounces while we install due to lack of clamd<\/p>\n<p>pico \/var\/qmail\/control\/simcontrol<\/p>\n<p>clamav=no<\/p>\n<p>#update qmail settings again<\/p>\n<p>\/var\/qmail\/bin\/update-qmail #our own script&#8230;<\/p>\n<p>#can now run make install, as its now safe&#8230;<\/p>\n<p>make install<\/p>\n<p>#stop the clamd service<\/p>\n<p>cd \/service<\/p>\n<p>svc -d clamd clamd\/log<\/p>\n<p>#run clamd manually to check for errors<\/p>\n<p>clamd<\/p>\n<p>#if warning about \/var\/run\/clamd.pid can&#8217;t be created, make a \/var\/run\/clamd folder<\/p>\n<p>mkdir \/var\/run\/clamav<\/p>\n<p>chown clamav.clamav \/var\/run\/clamav<\/p>\n<p>pico \/etc\/clamd<\/p>\n<p>#change pid file location<\/p>\n<p>PidFile \/var\/run\/clamav\/clamd.pid<\/p>\n<p>#save &amp; try again<\/p>\n<p>clamd<\/p>\n<p>#check logs if ok \/ not, troubleshoot yourself&#8230;<\/p>\n<p>#restart service<\/p>\n<p>cd \/service<\/p>\n<p>svc -u clamd clamd\/log<\/p>\n<p>#check everything is running ok &#8211; should see runtimes of &gt; 2 seconds&#8230;<\/p>\n<p>svstat * *\/log<\/p>\n<p>#Re-enable virus scanning.<\/p>\n<p>pico \/var\/qmail\/control\/simcontrol<\/p>\n<p>clam=yes<\/p>\n<p>\/var\/qmail\/bin\/update-qmail<\/p>\n<p>#check mail is working ok &#8211; wait for a non spam \/ virus message to process and give clamd status 0 (may take a while!)<\/p>\n<p>tail \/var\/log\/qmail\/qmail-smtpd\/current<\/p>\n<p>#install SCAMP &#8211; See http:\/\/www.sanesecurity.com (Additional phishing \/ trojan protection db&#8217;s for clamav)<\/p>\n<p>cd \/downloads<\/p>\n<p>wget ftp:\/\/seibercom.net\/pub\/scamp.tar.gz<\/p>\n<p>tar -xzvf scamp.tar.gz<\/p>\n<p>cd\u00a0 scamp-5.1\/<\/p>\n<p>cp scamp.sh \/usr\/local\/bin<\/p>\n<p>#run once to configure<\/p>\n<p>scamp.sh<\/p>\n<p>#run again to do gpg key generation<\/p>\n<p>scamp.sh<\/p>\n<p>#add to crontab<\/p>\n<p>crontab -e<\/p>\n<p>#add scamp<\/p>\n<p>#Update Clam Alternate Scanner DB &#8211; Phishing \/ Trojan etc<br \/>\n0\u00a0\u00a0\u00a0\u00a0 *\/4\u00a0\u00a0 *\u00a0\u00a0 *\u00a0\u00a0\u00a0\u00a0 *\u00a0\u00a0\u00a0\u00a0 \/usr\/local\/bin\/scamp.sh -L -q -R<\/p>\n<p>#done. Suggest watch logs for a while, and make sure things are running smoothly.<\/p>\n<p>tail \/var\/log\/qmail\/qmail-smtpd\/current -F<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The notes below are more for my benefit, but others may get some use out of it. We use debian for our system, and are loosely based on the qmail setup over at http:\/\/qmail.jms1.net \/ http:\/\/qmailrocks.org<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[25],"tags":[39,40],"class_list":["post-141","post","type-post","status-publish","format-standard","hentry","category-technical-mumbo-jumbo","tag-clamav","tag-scamp"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts\/141","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/comments?post=141"}],"version-history":[{"count":1,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts\/141\/revisions"}],"predecessor-version":[{"id":142,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/posts\/141\/revisions\/142"}],"wp:attachment":[{"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/media?parent=141"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/categories?post=141"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.computersolutions.cn\/blog\/wp-json\/wp\/v2\/tags?post=141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}