What do you mean - "scan your Linux machine for viruses"? Linux is immune to viruses right? Well...mostly. Even though a proof of concept virus has been discussed, and nothing has actually made it into the wild...you still have email on your system. Some of that email could easily make its way (by way of forward for example) to another, non-Linux, machine. Because of that alone you should employ a virus scanner on ALL of your machines (Linux, Mac, Windows...)
For Linux, ClamAV is one of the best virus scanners. And not only is ClamAV one of the best, it also has a great front-end for users who prefer to not have to deal with command line tools. That front-end? ClamTk. In this article you will learn how to install and use ClamTk to keep your Linux box virus free. Your friends and co-workers might thank you in the end.
First and foremost, ClamAV is required (You can read more about ClamAV in my article "Add antivirus to Postfix with ClamAV") so you will need to have that installed and updated (might even be wise to make sure ClamAV is the latest version and run the freshclam command to update your virus signatures before you begin the installation of ClamTk).
If you're unsure how to update ClamAV you can do so fairly easily. Let me show you how to update ClamAV in Debian. Follow these steps:
- Open up a terminal window.
- Gain super-user access (either with the su command or using sudo - depending upon how you use/administer your system).
- Open up the /etc/apt/sources.list file in your favorite editor.
- Add the line deb http://volatile.debian.org/debian-volatile etch/volatile main contrib non-free to the bottom of the file.
- Save and close the sources.list file.
- Issue the command apt-get update.
- Issue the command apt-get install clamav clamav-base clam-freshclam.
Your ClamAV should be up to date. Now let's install ClamTk.
From the same terminal window, issue the command apt-get install clamtk which will install the latest version of ClamTk. You are ready to scan.
To open the ClamTk window (see Figure 1) you can either click Applications > System Tools > Virus Scanner or from either the run dialog (<Alt>F2) or a terminal window issue the command clamtk. One of the first things you should do is click Help > Update Signatures which effectively runs the freshclam command.
You can take care of scanning a few different ways:
- Click Home button (the Home icon) to do a quick scan of your ~/ directory.
- Click the Binoculars icon to scan a single file.
- Click the magnifying glass to scan a directory.
- Click Scan > Recursive Scan to scan a parent directory and it's children.
- Click Scan > Home (thorough) to do a more thorough scan of your home directory.
Since I use Claws Mail, I would want to do a recursive scan on the ~/Mail directory. I will warn you, a thorough, recursive scan can be somewhat resource intensive. So if you need to do this type of scan, you might want to do it when you're not busy, otherwise your machine might become a bit less responsive.
I am happy to say that I have yet to come across an infected file on any of my Linux machines. Does that mean I will stop scanning? No. I get a ton of email, and I prefer to do my part to ensure that no email that might leave my inbox (especially forwards) contains a virus. You should do this as well, even when Linux is your main operating system.