Presentation is loading. Please wait.

Presentation is loading. Please wait.

ClamAV An Introduction PacNOG I Workshop June 21, 2005 Nadi, Fiji Hervey Allen.

Published byMagdalene Lane Modified over 9 years ago

Similar presentations

Presentation on theme: "ClamAV An Introduction PacNOG I Workshop June 21, 2005 Nadi, Fiji Hervey Allen."— Presentation transcript:

1 ClamAV An Introduction PacNOG I Workshop June 21, 2005 Nadi, Fiji Hervey Allen

2 What is it? From http://www.clamav.net/abstract.html Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi- threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date.

3 ClamAV – Key Features Based on: http://www.clamav.net/abstract.html ● Command-line scanner ● Multi-threaded daemon ● milter interface for sendmail ● Database updater with support for digital signatures ● Virus scanner C library ● On-access scanning (Linux and FreeBSD) ● Detection of over 35000 viruses, worms and trojans ● Built-in support for RAR (2.0), Zip, Gzip, Bzip2, Tar, MS OLE2, MS Cabinet files, MS CHM (Compressed HTML) ● Built-in support for mbox, Maildir and raw mail files

4 ClamAV quick facts ● Virus database is updated (average) multiple times per week. ● End-users can submit samples directly: http://www.clamav.net/sendvirus.html http://www.clamav.net/sendvirus.html ● Will detect phishing as malware if you wish. ● freshclam daemon runs to keep virus definition up-to-date. ● ClamAV mailing list available: http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users

5 Supported platforms OSes ● Linux ● Solaris ● FreeBSD ● OpenBSD ● NetBSD ● AIX ● Mac OS X ● Cygwin B20 Hardware – Intel – Alpha – Sparc – Cobalt MIPS boxes – PowerPC – RISC 6000

6 Where does it fit with Exim? Check for viruses after you've done: – Blacklists – Whitelists – Content-based solution (like SpamAssassin) Final action is up to you, but generally you'll deny any mail that's detected as having a virus. You'll do this in the acl_check_data ACL in the Exim configure file.

7 More resources ● ClamAV online specimen scanner: – http://test-clamav.power-netz.de/ ● ClamAV main site: – http://www.clamav.net/ ● The ClamAV FAQ: – http://www.clamav.net/faq.html ● The AmaViS (A Mail Virus Scanner) Project. An alternative to ClamAV: – http://www.amavis.org/

Download ppt "ClamAV An Introduction PacNOG I Workshop June 21, 2005 Nadi, Fiji Hervey Allen."

Similar presentations

Computers Software. Computer Layers Hardware BIOS Operating System Applications.

Computers Software. Computer Layers Hardware BIOS Operating System Applications.
Day 4-1-1 anti-virus 3-3-1.anti-virus 1 detecting a malicious file malware, detection, hiding, removing.

Day anti-virus anti-virus 1 detecting a malicious file malware, detection, hiding, removing.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
1 Anti Virus System i-Specific Anti-Virus Product.

1 Anti Virus System i-Specific Anti-Virus Product.
'08 Rabat Why are we using FreeBSD? Scaleable Services Workshop AfNOG 2008 Rabat, Morocco slides by Hervey Allen presented by Joe Abley.

'08 Rabat Why are we using FreeBSD? Scaleable Services Workshop AfNOG 2008 Rabat, Morocco slides by Hervey Allen presented by Joe Abley.
2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University

2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University
Security SIG: Introduction to Tripwire Chris Harwood John Ives.

Security SIG: Introduction to Tripwire Chris Harwood John Ives.
Dr. José M. Reyes Álamo 1.  Course website  Syllabus posted.

Dr. José M. Reyes Álamo 1.  Course website  Syllabus posted.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.

Network Perimeter Security Yu Wang. Main Topics Border Router Firewall IPS/IDS VLAN SPAM AAA Q/A.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.

Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Towards Extending the Antivirus Capability to Scan Network Traffic Mohammed I. Al-Saleh Jordan University of Science and Technology.

Towards Extending the Antivirus Capability to Scan Network Traffic Mohammed I. Al-Saleh Jordan University of Science and Technology.
No.24 Prerawat Denvutivorkarn M.2/2. Definition: antivirus is protective software designed to defend your computer against malicious software. Malicious.

No.24 Prerawat Denvutivorkarn M.2/2. Definition: "antivirus" is protective software designed to defend your computer against malicious software. Malicious.
Email Filtering with Open Source Software OLUG – June 7, 2005.

Filtering with Open Source Software OLUG – June 7, 2005.
SECURITY OPEN SOURCE OPERATING SYSTEM. NESSUS The versatile Nessus® vulnerability scanner provides patch, configuration, and compliance auditing; mobile,

SECURITY OPEN SOURCE OPERATING SYSTEM. NESSUS The versatile Nessus® vulnerability scanner provides patch, configuration, and compliance auditing; mobile,
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
NSDI/NBII Clearinghouse Server Training Slide 1 NSDI/NBII Clearinghouse Server Training Yellowstone to Yukon Initiative 7. December. 2000 University of.

NSDI/NBII Clearinghouse Server Training Slide 1 NSDI/NBII Clearinghouse Server Training Yellowstone to Yukon Initiative 7. December University of.
Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden
Archiving Techniques Frank Klaproth EMANI – Project Meeting February 14 th - 16 th, 2002 Springer-Verlag Heidelberg Göttingen State and University Library.

Archiving Techniques Frank Klaproth EMANI – Project Meeting February 14 th - 16 th, 2002 Springer-Verlag Heidelberg Göttingen State and University Library.
Linux Operations and Administration

Linux Operations and Administration

Similar presentations

Ads by Google