I know this is Linux and viruses are not supposed to be an issue, but face it we have other operating systems connecting and they are known for bringing these little monsters in, so it is our duty to seek and destroy those on the server. In steps ClamAV, a fast, free and efficient anti-virus solution. Dag Wieers maintains many packages for downloads and he just happens to have what we are looking for with ClamAV. Once you have this installed there are many other applications to integrate with on your server.
1. Download the file using wget
$ sudo wget http://packages.sw.be/clamav/clamav-0.96.4-1.el5.rf.i386.rpm
$ sudo wget http://packages.sw.be/clamav/clamav-db-0.96.4-1.el5.rf.i386.rpm
$ sudo rpm -ivh clamav-0.96*.rpm
Now that we have it installed there are a few things we need to learn about it and do. First thing is to update the definitions. We achieve this by running the command freshclam. Freshclam requires and Internet connection to download and update the virus definitions. All you have to do is type the command, press enter and voila! We are up to date.
2. To run antivirus and print infected files
clamscan -ri /home
3. To remove infected files and emails.
clamscan -ri --remove /home
4. Running as Cron Daily Job
To run antivirus as a cron job (automatically scan daily) just run
crontab -e from your command line. Then add the following line and save the file. I have added them to my root crontab for this example.
02 1 * * * root clamscan -R /var/www
This will run the cron job daily @ 1.02 AM by scanning the public html files. You can change the folder to whatever you want for mail etc.
00 11 * * * * root freshclam
This will update the anti-virus database at 11 am daily.