How to install anti-virus protection on your Ubuntu 24.04 computer.
Prerequisites: You must have sudo access to your Ubuntu computer.
Linux like all other operating systems can be vulnerable to viruses and Trojans.
It’s not targeted nearly as much by hackers due to its relatively low use in the desktop environment and most installed software is acquired via trusted repositories.
Regardless, viruses can still propagate, especially if you use Samba shares (Windows file share on Linux) or external USB devices that regularly interact with both Linux and Windows.
You could be inadvertently spreading viruses – not to mention some hackers have recently (though not very frequently) started targeting Linux users directly.
CSM does not provide an officially supported anti-virus solution for Linux, but there are a few open source or free options available.
ClamAV is one highly regarded product that this is available at no cost, has a good reputation, and runs well on our campus-supported Ubuntu Linux systems.
ClamAV is an open-source Antivirus solution that has been around for quite a while and is most commonly used in an integrated fashion with mail servers for email scanning.
In 2007, ClamAV was acquired by a company named Sourcefire, who later in 2013 was acquired by Cisco and is now maintained by a division of Cisco named Cisco Talos.
This document outlines how to acquire, install, and use the ClamAV anti-virus application.
Open up a terminal session. If a terminal icon is not located on your Ubuntu launcher bar at the left-hand edge of the Ubuntu desktop, click on the Activities link at the top left-hand corner of the Ubuntu desktop.
Enter Terminal into the search box.
Click on the Terminal icon to launch it.
Within the Terminal perform the following steps.
Install necessary ClamAV packages
==================================
sudo apt install clamav clamav-daemon
Enable ClamAV database updater
===================================
sudo systemctl enable clamav-freshclam
Rename the existing /etc/clamd.d/scan.conf and create a new one using your farvorite text editor and add the following
===============================================================================
sudo mv /etc/clamdav/clamd.conf /etc/clamav/clamd.conf.orig
sudo nano /etc/clamav/clamd.conf
LogFile /var/log/clamav/clamav.log
LogFileMaxSize 2M
LogTime yes
PidFile /run/clamav/clamd.pid
LocalSocket /run/clamav/clamd.ctl
LocalSocketGroup clamav
LocalSocketMode 660
CrossFilesystems no
User clamav
OnAccessIncludePath <specify path you want to scan. Example: /home/<username>/ Don't scan system related directories>
OnAccessPrevention yes
OnAccessExcludeRootUID yes
OnAccessExcludeUname clamav
Start ClamAV daemon
===============================
sudo systemctl start clamav-daemon
Enable and start ClamAV OnAccess Scanner
====================================
sudo systemctl enable clamav-clamonacc --now
By default apparmor is typically running, if so the following will need to be performed
======================================================================
sudo apt install apparmor-utils (may already be installed but just in case)
sudo aa-complain /usr/sbin/clamd