Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 02 Oct 2014, 01:03
All times are UTC - 4
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
ClamAV - Anti Virus software
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 1 Posts_count  
Author Message
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Thu 04 Mar 2010, 19:32    Post_subject:  ClamAV - Anti Virus software
Sub_title: Loading the latest Debian files and libraries (on a fresh Puppy)
 

So I just checked to make sure this collection works on a new Puppy pupsave (sorry guys, I haven't learned my way around building .pets yet).

I picked the install from "squeeze" (though it is probably the same as "Lenny")

http://packages.debian.org/squeeze/clamav

You need the following packages for Puppy 4.3.1 (I'm assuming that you have i386-family hardware):

Updated: See 2nd post for new packages (0.96)

<snipped 0.95 packages>

And from the Clam page (http://www.clamav.net/), get the virus definition files:

http://db.local.clamav.net/main.cvd
http://db.local.clamav.net/daily.cvd

Which you will place in /var/lib/clamav/

The command-line is:
Code:
clamscan

Though you probably want something more like:
Code:
clamscan -r -i -l /tmp/clamav.log

Which will do a recursive scan, report only viruses and write a log file to /tmp/

Enjoy!

Edited_time_total
Back to top
View user's profile Send_private_message 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Tue 04 May 2010, 10:46    Post_subject: Update ClamAV 0.96 in Puppy (using Debian)  

OK Folks, here's an update for ClamAV, which works in Puppy 4.3.1 (haven't tried earlier versions, but there is probably no reason it won't work).

Updated 06Dec2010:

I went to Debian "squeeze":

http://packages.debian.org/squeeze/clamav

And grabbed the following .deb files (updated on 06Aug2010 for Clam 0.96.4+dfsg-1):

http://http.us.debian.org/debian/pool/main/c/clamav/clamav_0.96.4+dfsg-1_i386.deb
http://http.us.debian.org/debian/pool/main/c/clamav/libclamav6_0.96.4+dfsg-1_i386.deb

Running clamscan, it complained about zlib, but appeared to run just fine.

06Dec2010 update: I did not upgrade these on my system, but newer versions can be found (I have not tested the newer versions -- but these worked on mine):

http://http.us.debian.org/debian/pool/main/libt/libtool/libltdl7_2.2.6b-2_i386.deb
http://http.us.debian.org/debian/pool/main/libt/libtommath/libtommath0_0.39-3_i386.deb
http://http.us.debian.org/debian/pool/main/e/eglibc/libc6_2.10.2-6_i386.deb

If you had previously installed 0.95, you only need the first 2 files. If you are installing from scratch, you need all 5 files (just click them sequentially to install all of them).

Then get the 2 virus definition files from the Clam site:

http://www.clamav.net/lang/en/

and place them in /var/lib/clamav/ (you must create the "clamav" folder)

Clamscan works from the command line, just as before.

Yorkiesnorkie is also working on building a .pet for this, but I'm not completely sure where he is with it:

See towards the bottom of the page:
http://murga-linux.com/puppy/viewtopic.php?t=54583

And his current progress:
http://www.murga-linux.com/puppy/viewtopic.php?p=414761

Edited_times_total
Back to top
View user's profile Send_private_message 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Tue 04 May 2010, 10:52    Post_subject:  

there are two config files that need to be edited. post the completed edited files so that they can be swapped in. else it is too annoying to read through all the garbage in those 2 files and then find that it wont run.
_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send_private_message Visit_website 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Tue 04 May 2010, 11:04    Post_subject:  

aarf wrote:
there are two config files that need to be edited. post the completed edited files so that they can be swapped in. else it is too annoying to read through all the garbage in those 2 files and then find that it wont run.


To my knowledge, there are no config files requiring editing.

Before posting, I had just tested the process it on a brand new pupsave (created fresh, just for the purpose of testing).

The only "tricky" part is that you must create the directory /var/lib/clamav/ and you must place the 2 virus definition files in that folder.

If you get an error, read carefully (as it is probably the missing virus defs).
Back to top
View user's profile Send_private_message 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Tue 04 May 2010, 11:47    Post_subject:  

RetroTechGuy wrote:
aarf wrote:
there are two config files that need to be edited. post the completed edited files so that they can be swapped in. else it is too annoying to read through all the garbage in those 2 files and then find that it wont run.


To my knowledge, there are no config files requiring editing.

Before posting, I had just tested the process it on a brand new pupsave (created fresh, just for the purpose of testing).

The only "tricky" part is that you must create the directory /var/lib/clamav/ and you must place the 2 virus definition files in that folder.

If you get an error, read carefully (as it is probably the missing virus defs).

my tries for an antivirus on that day included multiple install methods/sources of clamav and fprot, on lupu113, quirky21 and xandros, all failed. so i may be a little confused as to which and where, so i will try again. thanks.

_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send_private_message Visit_website 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Tue 04 May 2010, 12:00    Post_subject:  

aarf wrote:
RetroTechGuy wrote:
aarf wrote:
there are two config files that need to be edited. post the completed edited files so that they can be swapped in. else it is too annoying to read through all the garbage in those 2 files and then find that it wont run.


To my knowledge, there are no config files requiring editing.

Before posting, I had just tested the process it on a brand new pupsave (created fresh, just for the purpose of testing).

The only "tricky" part is that you must create the directory /var/lib/clamav/ and you must place the 2 virus definition files in that folder.

If you get an error, read carefully (as it is probably the missing virus defs).

my tries for an antivirus on that day included multiple install methods/sources of clamav and fprot, on lupu113, quirky21 and xandros, all failed. so i may be a little confused as to which and where, so i will try again. thanks.


Yeah, I started getting lost when installing these things too.

That's when I started created a new, blank pupsave and installing from scratch -- a mature system is likely to have all the libraries, a new system doesn't. So I install the base package, then run it from the command line, so I can see the missing dependencies. Then I add the missing libs, and repeat until it works (Puppy has some of the libs, but not necessarily all of them).

Once I get a package working, I make a sub-folder and store the package and all the required libs together, in case I need to install it again in the future. It makes doing a system rebuild really easy.
Back to top
View user's profile Send_private_message 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Tue 04 May 2010, 12:17    Post_subject:  

<wrong links from first post removed>
_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send_private_message Visit_website 
aarf

Joined: 30 Aug 2007
Posts: 3620
Location: around the bend

PostPosted: Wed 05 May 2010, 11:57    Post_subject:  

ok installed into puppeee (431) by downloading and clicking on the .deb files
and making the directory for the downloaded definitions
simple. thanks. but i want to scan more than /root and cant see from
Code:
# clamscan -h
how to do that. i want to scan all mounted partitions and everything everywhere on the laptop.
Code:
# clamscan -r -i -l /tmp/clamav.log

----------- SCAN SUMMARY -----------
Known viruses: 761105
Engine version: 0.96
Scanned directories: 752
Scanned files: 1274
Infected files: 0
Data scanned: 20.29 MB
Data read: 20.04 MB (ratio 1.01:1)
Time: 47.651 sec (0 m 47 s)
#

_________________

ASUS EeePC Flare series 1025C 4x Intel Atom N2800 @ 1.86GHz RAM 2063MB 800x600p ATA 320G
_-¤-_

<º))))><.¸¸.•´¯`•.#.•´¯`•.¸¸. ><((((º>
Back to top
View user's profile Send_private_message Visit_website 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Wed 05 May 2010, 14:40    Post_subject:  

aarf wrote:
ok installed into puppeee (431) by downloading and clicking on the .deb files
and making the directory for the downloaded definitions
simple. thanks. but i want to scan more than /root and cant see from
Code:
# clamscan -h
how to do that. i want to scan all mounted partitions and everything everywhere on the laptop.
Code:
# clamscan -r -i -l /tmp/clamav.log

----------- SCAN SUMMARY -----------
Known viruses: 761105
Engine version: 0.96
Scanned directories: 752
Scanned files: 1274
Infected files: 0
Data scanned: 20.29 MB
Data read: 20.04 MB (ratio 1.01:1)
Time: 47.651 sec (0 m 47 s)
#


When you open a terminal (rxvt), it drops you into /root/, so your search ran through /root/.

Instead:

Code:
cd /mnt/

or

cd /

then
Code:
clamscan -r -i -l /tmp/clamav.log


Which will scan everything under /mnt/ (all mounted partitions), or everything, including /mnt/ (I don't know if /mnt/ will include /root/, due to the way the system is mounted -- but starting from "/" will).

Or, if you prefer, just specify the filename or location of your search
Code:
clamscan -irl  /tmp/clamav.log /mnt/sdb1/virus.exe


note: you generally do not need to put a space between command line options, so "-i -r -l" = "-irl"

note2: clamscan will append new searches to the existing .log file (and also note that /tmp/ is cleared on reboot, so only save there if you don't care about preserving the log file)

BTW, to see where you are "sitting", enter "pwd" (i.e. "print working directory"), so you know from whence you will recursively search into directories.
Back to top
View user's profile Send_private_message 
yorkiesnorkie


Joined: 04 Jun 2007
Posts: 505
Location: George's Island

PostPosted: Thu 06 May 2010, 08:13    Post_subject:  

aarf wrote:
there are two config files that need to be edited. post the completed edited files so that they can be swapped in. else it is too annoying to read through all the garbage in those 2 files and then find that it wont run.


It's not that bad really. clamd.conf and clamscan.conf are in /etc. Each has a line in red (if you open it in Geany) which looks like this

Code:
Example


you have to comment it out

Code:
#Example


I also change the user from clamav to root. I'll post an example of my conf files a little later so you can see what I did. (I am not home) Those are the only changes I made. I found I had to do that with the old pet package I downloaded.

Usually, if you haven't commented out "example", Clamav will complain when you run a clamscan or freshclam from the command line.

Thanks for the link by the way RetroTechGuy to the new debs of 0.96. I'll have to see if those files are smaller than the 28 mb PET I made. That pet is now available at pupplinux.ca http://puppylinux.ca/tpp/ttuuxxx/other/clamav-0.96-i486.pet Consider it a test version! I compiled it in 4.3.0 and ttuuxxx said it did not work with 2.14x so I'll be taking a run at making one for that version of puppy.

y.

_________________
www.busygamemaster.com
Back to top
View user's profile Send_private_message 
RetroTechGuy


Joined: 15 Dec 2009
Posts: 2668
Location: USA

PostPosted: Thu 06 May 2010, 08:20    Post_subject:  

yorkiesnorkie wrote:
aarf wrote:
there are two config files that need to be edited. post the completed edited files so that they can be swapped in. else it is too annoying to read through all the garbage in those 2 files and then find that it wont run.


It's not that bad really. clamd.conf and clamscan.conf are in /etc. Each has a line in red (if you open it in Geany) which looks like this

Code:
Example


you have to comment it out

Code:
#Example


I also change the user from clamav to root. I'll post an example of my conf files a little later so you can see what I did. (I am not home) Those are the only changes I made. I found I had to do that with the old pet package I downloaded.

Usually, if you haven't commented out "example", Clamav will complain when you run a clamscan or freshclam from the command line.


I created a brand new pupsave, and installed the .deb files, and received no warnings from clamscan (however, freshclam is not installed).

I suspect that this is a freshclam config file... (I did try installing the .deb version of freshclam, and had some sort of error -- haven't dug into it further).
Back to top
View user's profile Send_private_message 
yorkiesnorkie


Joined: 04 Jun 2007
Posts: 505
Location: George's Island

PostPosted: Sat 08 May 2010, 16:48    Post_subject: my conf files  

Here are my conf files:

y.
clamav_conf_files.tar.gz
Description  my conf files
gz

 Download 
Filename  clamav_conf_files.tar.gz 
Filesize  7.23 KB 
Downloaded  651 Time(s) 

_________________
www.busygamemaster.com
Back to top
View user's profile Send_private_message 
yorkiesnorkie


Joined: 04 Jun 2007
Posts: 505
Location: George's Island

PostPosted: Mon 10 May 2010, 08:05    Post_subject: Response times  

RetroTechGuy wrote:


I created a brand new pupsave, and installed the .deb files, and received no warnings from clamscan (however, freshclam is not installed).

I suspect that this is a freshclam config file... (I did try installing the .deb version of freshclam, and had some sort of error -- haven't dug into it further).


The error I got when I first ran freshclam was somewhat cryptic. First I got some error about the database owner. That led me to the, there's no user clamav in puppy. I've even added a user "clamav", which works for the compile, but doesn't in fact actually work when you run freshclam. Hence, I had to change to root. If you check the freshclam.conf file you'll see where I changed it.

The clamav pet works, but I found the clamscan very slow. You do get there but it takes quite a while. What you've done is very interesting because you are only working with clamscan, rather than the whole meal deal which is in my pet. It makes me wonder what I could trim out and still get it to work. Basically all I'd want is clamscan and freshclam.

How fast is your deb running? Do you get a fairly immediate response?

y.

_________________
www.busygamemaster.com
Back to top
View user's profile Send_private_message 
yorkiesnorkie


Joined: 04 Jun 2007
Posts: 505
Location: George's Island

PostPosted: Mon 10 May 2010, 09:07    Post_subject:  

I found this:

Quote:
Clamscan is fine for scanning file systems where long lists of files are scanned with very few processes because of the db loading penalty at each startup, but clamd, which provides the same thing, loads the database files once and can be re-used thousands of times an hour via sockets, streams, and file pointers either directly (direct calls to the socket from your code) or from clamdscan which can be called from scripts.


http://linux.die.net/man/1/clamdscan

What this suggests is that when clamscan runs it's database is being loaded multiple times. ??? If that is the case basically what they are saying is you can use clamdscan instead of clamscan. From my reading clamdscan is supposed to increase the speed of the scanning of a file or directory, etc. I have yet to try it. However the command from the man page above suggests it is used in exactly the same way as clamscan.

Code:
clamdscan --bell -r --log=/virus.log -i /root/my-documents/Downloaded


The above command should scan directory root/my-documents/Downloaded recursively (-r) and log (--log) the result in the virus.log file, will beep (--bell) each time a virus has been detected and only print (-i) infected files to the output.

I'll run this and let you know if anything improves.

y.

_________________
www.busygamemaster.com
Back to top
View user's profile Send_private_message 
yorkiesnorkie


Joined: 04 Jun 2007
Posts: 505
Location: George's Island

PostPosted: Wed 12 May 2010, 07:40    Post_subject:  

Hah, I forgot that I took clamdscan out of the pet I made... I'm going to have another go-around at compiling this anyway for 214xrc5.

y.

_________________
www.busygamemaster.com
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 1 Posts_count  
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Advanced Topics » Additional Software (PETs, n' stuff) » Security/Privacy
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1227s ][ Queries: 13 (0.0130s) ][ GZIP on ]