Yes, that’s right, Linux can get viruses too, in fact they can harbour windows based viruses if the system is used as a web and email server! Something I’ve been becoming more and more familiar with. So, our systems already used ClamAV one of the more popular Linux based virus scanners. But whilst it runs a scan on incoming emails etc. It doesn’t really give me a nice visual output (no GUI). My solution? Automated daily scan with emailed results…
clamscan -r /var/www > /root/scanresults.txt
cat /root/scanresults.txt | mail -s ” Scan Results” firstname.lastname@example.org
cat /root/scanresults.txt | grep FOUND | mail -s “Viruses Found” email@example.com
So what does this do?
well, it scans the web directories (recursively) for any viruses that are listed in the virus DB (updated twice daily) – it then puts all the results into a text file. this text file is then read into an email command which is sent to the firstname.lastname@example.org email address.
However, this isn’t much use as there are thousands of files and directories, what I really want to know is whether viruses were found… the solution to this is GREP out the value “FOUND” which is appended to the file name if a virus is found to be in it – this is then read into the same email command as before leaving me a nice list of only the files found with viruses!
I love a nice quick and easy script – I used cron tab to run this at 00:05 and 12:05 every day!