Em dom., 26 de jan. de 2020 às 17:27, Eduardo Lúcio Amorim Costa <eduardolucioac@gmail.com> escreveu:
Gentlemen,
I found your answers very useful, so I took the liberty of publishing them on the thread I opened about the problem on the internet ( https://unix.stackexchange.com/a/564223/61742 ).
If you do not want this content to continue to be published, please let me know so I can delete it.
Thanks! =DEm dom., 26 de jan. de 2020 às 08:12, G.W. Haywood via clamav-users <clamav-users@lists.clamav.net> escreveu:Hi there,
On Sat, 25 Jan 2020, Eduardo Lúcio Amorim Costa via clamav-users wrote:
> *QUESTION:* What does the "clamav@scan" service do by default if it finds
> threats?
I do not know exactly which package you are using. The behaviour of
the service provided by a package will depend on how it was configured
by the package provider. Assuming the package maintainer has not lost
his sanity, the service will be configured simply to report findings
(for example by logging a message to a system log and, if you use a
command-line tool, printing a message on the tty/terminal/whatever).
Read the documentation on the ClamAV Website for more information:
http://www.clamav.net/documents/clam-antivirus-user-manual
Copies and parodies of ClamAV documentation elsewhere on the Internet
can be out of date, misleading, sometimes incorrect, and occasionally
downright dangerous.
> *FURTHER QUESTION:* I would like ClamAV to have the "classic" behavior of
> an antivirus engine, that is, remove threats automatically. If he doesn't
> do this by default what should I do to make him do it?
Read the part which says
"Be careful!"
If you have not yet found that part, keep reading until you do.
> *NOTES:*
> *I* - The operating system of choice was CentOS 7 and the process used is
> described in this tutorial
> https://hostpresto.com/community/tutorials/how-to-install-clamav-on-centos-7/
Generally speaking I recommend that you avoid tutorials like this
because they tend to make decisions for you without the benefit of
information about your situation which only you can have. I recommend
that you do NOT attempt to automate threat removal on any Linux system
without very careful consideration. Careless use of ClamAV on a Linux
system will do more harm than good. In particular, this tutorial will
have you scan locations in the filesystem which can not safely be
scanned with ClamAV, nor with any anti-virus tool. Keep in mind that,
even in a minimal installation, ClamAV scans for much more than just
viruses and malware and that the false positive rate is never zero. I
feel that you do not at present understand the issues well enough to
consider them sufficiently carefully.
I have been using ClamAV for many years, on hundreds of Linux systems.
Perhaps this is mainly because of good hygiene but I have not yet seen
ClamAV find a Linux virus, nor Linux malware, nor Linux rootkit on any
Linux system. I should be pleased if anyone who has will report, here
on this list, what they have found, when they found it, and how they
think it got there. Any Linux system which has been compromised is a
danger, and my advice would be to rebuild it from scratch.
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
--Eduardo LúcioLightBase Consultoria em Software Público+55-61-3347-1949 - http://brlight.org - Brasil-DFSoftware livre! Abrace essa idéia!"Aqueles que negam liberdade aos outros não a merecem para si mesmos."Abraham Lincoln
