Anti-virus

The anti-virus portion of Warden is powered by ClamAV®. ClamAV is an open source anti-virus engine used in a variety of situations including email scanning, web scanning, and end point security. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and an advanced tool for automatic database updates.

Features

  • Command-line scanner
  • Milter interface for postfix
  • Advanced database updater with support for scripted updates and digital signatures
  • Virus database updated multiple times per day
  • Built-in support for all standard mail file formats
  • Built-in support for various archive formats, including Zip, RAR, Dmg, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS and others
  • Built-in support for ELF executables and Portable Executable files packed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor and others
  • Built-in support for popular document formats including MS Office and MacOffice files, HTML, Flash, RTF and PDF

Updating signatures

Users can manually run the freshclam command to update any ClamAV database signatures:

freshclam

Reporting Malware

If you have a virus that is not detected by ClamAV, please fill out https://www.clamav.net/reports/malware and the ClamAV Detection Content Team will review your submission and update the virus database.

Related Files

File Description
/etc/clamd.d/scan.conf Configuration file for ClamAV on Centos 7 / RHEL 7
/etc/clamd.conf Configuration file for ClamAV on Centos 6 / RHEL 6
/etc/clamav/clamd.conf Configuration file for ClamAV on Debian / Ubuntu
/etc/freshclam.conf Configuration file for ClamAV signature updates on Centos / RHEL
/etc/clamav/freshclam.conf Configuration file for ClamAV signature updates on Debian / Ubuntu