samiux.github.io

CyberSecurity Ninjas 网络空间安全忍者

View on GitHub
Home Projects Articles Apophthegm About

Lychee 荔枝 - ClamAV On-Access Scanning Installer Script

ClamAV’s On-Access scanning can detect the known malwares/virus in real time. Any Debian/RPM based Linux system can install this script when FANOTIFY is configured in your Linux kernel.

Verify

cat /boot/config-$(uname -r) | grep FANOTIFY

The suitable display is :

CONFIG_FANOTIFY=y
CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y

When you see the following message, your Linux system is not suitable for this script.

CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set

Softwares

Remarks : ClamAV uses about 3GB RAM.

Change Log

Version 0.4 (Dated JAN 05, 2023) (Latest)

Version 0.3 (Dated JAN 01, 2023)

Version 0.2 (Dated DEC 30, 2022)

Version 0.1 (Dated DEC 28, 2022)

Remarks : This script is developed by Samiux and it is released under GPLv3. It is an Open Source Project.

Install

Download the script.

git clone https://github.com/samiux/lychee

Edit the related parts at the top parts of the script.

cd lychee

nano lychee.conf

Then run the script to install ClamAV On-Access scanning.

sudo chmod +x clamav-installer
sudo ./clamav-installer

Please allow about 1 to 2 minutes for ClamAV to load the signatures.
You can run this script at any time on the same Linux system box without any harm.

Uninstall

(a) DEB Package

sudo chmod +x deb-clamav-uninstaller
sudo ./deb-clamav-uninstaller

(b) RPM Package

sudo chmod +x rpm-clamav-uninstaller
sudo ./rpm-clamav-uninstaller

(c) Remove lychee directory

sudo rm -R lychee

Test file

Known issues

Reference

Home Projects Articles Apophthegm About