1 / 7

ClamAV An Introduction

SANOV VI IP Services Workshop July 20, 2005 Thimphu, Bhutan Hervey Allen. ClamAV An Introduction. What is it?. From http://www.clamav.net/abstract.html

danica
Download Presentation

ClamAV An Introduction

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SANOV VI IP Services Workshop July 20, 2005Thimphu, Bhutan Hervey Allen ClamAVAn Introduction

  2. What is it? Fromhttp://www.clamav.net/abstract.html Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date .

  3. ClamAV – Key Features Based on: http://www.clamav.net/abstract.html • Command-line scanner • Multi-threaded daemon • milter interface for sendmail • Database updater with support for digital signatures • Virus scanner C library • On-access scanning (Linux and FreeBSD) • Detection of over 35000 viruses, worms and trojans • Built-in support for RAR (2.0), Zip, Gzip, Bzip2, Tar, MS OLE2, MS Cabinet files, MS CHM (Compressed HTML) • Built-in support for mbox, Maildir and raw mail files

  4. ClamAV quick facts • Virus database is updated (average) multiple times per week. • End-users can submit samples directly:http://www.clamav.net/sendvirus.html • Will detect phishing as malware if you wish. • freshclam daemon runs to keep virus definition up-to-date. • ClamAV mailing list available:http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

  5. Supported platforms Hardware • Intel • Alpha • Sparc • Cobalt MIPS boxes • PowerPC • RISC 6000 OSes • Linux • Solaris • FreeBSD • OpenBSD • NetBSD • AIX • Mac OS X • Cygwin B20

  6. Where does it fit with Exim? Check for viruses after you've done: • Blacklists • Whitelists • Content-based solution (like SpamAssassin) Final action is up to you, but generally you'll deny any mail that's detected as having a virus. You'll do this in the acl_check_data ACL in the Exim configure file.

  7. More resources • ClamAV online specimen scanner: • http://test-clamav.power-netz.de/ • ClamAV main site: • http://www.clamav.net/ • The ClamAV FAQ: • http://www.clamav.net/faq.html • The AmaViS (A Mail Virus Scanner) Project. An alternative to ClamAV: • http://www.amavis.org/

More Related