[clamav-users] What would be a basic scan of my file system (Linux, CentOS 7)?
Matus UHLAR - fantomas
uhlar at fantomas.sk
Sat Feb 1 16:33:20 UTC 2020
On 01.02.20 02:28, Eduardo Lúcio Amorim Costa via clamav-users wrote:
>Okay friends! I didn't have the best start with ClanAV, but I would really
>like to try using it in my infrastructure.
>
>I have two questions...
>
> I - What would be a "basic scan" of my file system (Linux, CentOS 7) using
>*clamscan*? That is, what parameters should I use and what directories
>should I scan?
i'd more say which you should not scan - filesystems like /proc /dev /sys.
In need to scan whole system, I'd scan only classic filesystems like /,
/var, /home.
> II - Is ClamAV able to deal with "specific" Linux dangers such as
>rootkits, etc?
it is capable, but:
- on the internet and with linux distributions, they are often quickly fixed
- most of issues are zero-day attacks where anti-virus is rarely useful
I guess 99% of clamav usage is scanning mail, web directories and windows
shares.
--
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
- Holmes, what kind of school did you study to be a detective?
- Elementary, Watkins. -- Daffy Duck & Porky Pig
More information about the clamav-users
mailing list