![\"clamav\"](\"http:\/\/easy-admin.ca\/wordpress\/wp-content\/uploads\/2016\/03\/clamav.png\")
<\/p>\n<\/p>\n
Some unexpected behaviour on a Linux server could be a result of malware\u00a0infection, while other malicious software might not alert to their presence. Scanning your system for different types of unwanted programs can help identify issues, or at least give you the peace of mind for having a clean server.<\/p>\n
There are multiple\u00a0options for making sure your cloud server is clean of any\u00a0malware, this guide\u00a0goes over\u00a0a couple of scanning software you can utilise for checking your system.<\/p>\n
ClamAV<\/strong><\/p>\n ClamAV is a popular open source antivirus engine available on multitude of platforms including the majority of Linux distributions. Install it on CentOS 7 with the following command<\/p>\n Afterwards you\u2019ll\u00a0need to edit the configuration a little by commenting out the Example<\/em> text from two files, the simplest way to do so is to use sed<\/em> for some fast editing with the these commands<\/p>\n With the required modules installed and configured, next you should update the virus database for ClamAV by running the updater application with<\/p>\n When you\u2019ve finished updating the virus definitions, do a test scan to your home directory just to make sure the scanning works as it should, use the following command<\/p>\n Granted that your home directory didn\u2019t contain any viruses or other type of malware, the scan should come back empty.<\/p>\n So how do you know it works?<\/p>\n For this, you can download an anti-virus test file, which is a small completely harmless program that most anti-virus software report as infected, though with an obvious test file name EICAR-AV-Test. Use the following command to download the test file to your home directory.<\/p>\n Now scan your home folder again with the same command as above, you should receive notice of one infected file at the end summary after the scan is completed. When you\u2019ve confirmed that ClamAV finds the test file correctly, use the command below to scan it again and remove the infected file once found.<\/p>\n Be careful when using the \u2013remove<\/em> parameter. First run a broader scans without it, and then more localized scan when removing files, or remove them manually.<\/p>\n To perform a complete scan of your cloud server, use the this command<\/p>\n The scan goes through each directory in your system root recursively, but skips \/sys<\/em> just to avoid unnecessary\u00a0warning printouts, as the virtual file system consists of some unreadable files, which could not contain viruses anyway.<\/p>\n","protected":false},"excerpt":{"rendered":" Some unexpected behaviour on a Linux server could be a result of malware\u00a0infection, while other malicious software might not alert to their presence. Scanning your system for different types of unwanted programs can help identify issues, or at least give you the peace of mind for having a clean server. There are multiple\u00a0options for making … Continue reading Scanning CentOS 7 Server for Malware<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"slim_seo":{"title":"Scanning CentOS 7 Server for Malware - HP Server","description":"Some unexpected behaviour on a Linux server could be a result of malware\u00a0infection, while other malicious software might not alert to their presence. Scanning y"},"footnotes":""},"categories":[1],"tags":[],"class_list":["post-376","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/posts\/376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/comments?post=376"}],"version-history":[{"count":0,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/posts\/376\/revisions"}],"wp:attachment":[{"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/media?parent=376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/categories?post=376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/easy-admin.ca\/index.php\/wp-json\/wp\/v2\/tags?post=376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}sudo yum install clamav clamav-update clamav-scanner-systemd clamav-server-systemd<\/pre>\n
sudo sed -i -e \"s\/^Example\/#Example\/\" \/etc\/freshclam.conf\r\nsudo sed -i -e \"s\/^Example\/#Example\/\" \/etc\/clamd.d\/scan.conf<\/pre>\n
sudo freshclam<\/pre>\n
sudo clamscan -r \/home<\/pre>\n
wget -P ~\/ http:\/\/www.eicar.org\/download\/eicar.com<\/pre>\n
sudo clamscan --infected --remove --recursive \/home<\/pre>\n
sudo clamscan --infected --recursive --exclude-dir=\"^\/sys\" \/<\/pre>\n