# ClamAV Who Uses It?



## Munzy (Oct 25, 2014)

Who here uses clamav to keep there linux servers clean of viruses?

The reason I am asking is, are updates from freshclam always so slow? Honestly I want to make a mirror because of just how slow the damn thing is. Takes around ~ 15 minutes for the initial update.


----------



## k0nsl (Oct 25, 2014)

I'm using it on my main cPanel server. The mirror idea...I'm all for that


----------



## Munzy (Oct 25, 2014)

DatabaseMirror clamav.content-network.net

Done, way faster... Not sure why clamav suggests mirrors put a throttle on speed, as it is quite annoying.

for linux servers (debian)

/etc/clamav/freshclam.conf and add "DatabaseMirror clamav.content-network.net" above the other DatabaseMirror entries. I suggest you do a freshclam after that, it will say daily incremental updates have failed and download the full copy.


----------



## wlanboy (Oct 25, 2014)

Yes it is slow.

Some server owners do use squid as a cache to ensure that only the update of the first server is slow.

We need mirrors


----------



## Munzy (Oct 25, 2014)

Id become a full mirror if I was not required to give them ssh access.


----------



## Munzy (Oct 25, 2014)

time freshclam
ClamAV update process started at Sat Oct 25 13:38:10 2014
Downloading main.cvd [100%]
main.cvd updated (version: 55, sigs: 2424225, f-level: 60, builder: neo)
Downloading daily.cvd [100%]
daily.cvd updated (version: 19536, sigs: 1229828, f-level: 63, builder: neo)
Downloading bytecode.cvd [100%]
bytecode.cvd updated (version: 242, sigs: 46, f-level: 63, builder: dgoddard)
Database updated (3654099 signatures) from clamav.content-network.net (IP: 2602:ffd1:0:1::6ec:25b5)
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.ctl: No such file or directory

real 0m19.501s
user 0m11.421s
sys 0m1.576s


Fresh pull


----------



## drmike (Oct 25, 2014)

Digging the community giving @Munzy.


----------



## wlanboy (Oct 26, 2014)

Munzy said:


> Id become a full mirror if I was not required to give them ssh access.


Maybe


----------



## Munzy (Oct 26, 2014)

I might not need to give them access, but there guide is strange at best:: http://www.clamav.net/doc/mirrors-how-to.html

On top of that they have these limits they suggest, and why clamav might be so slow updating.....   http://www.clamav.net/doc/mirrors-coord.html


----------



## comXyz (Oct 26, 2014)

@Munzy can I install it on LowEnd servers?


----------



## Munzy (Oct 26, 2014)

You should be able to. It isn't an active scanner so you physically have to initiate a scan.


Raymii has a good tutorial if you Google around.


----------



## eva2000 (Oct 27, 2014)

I use maldet + clamav https://community.centminmod.com/threads/maldet-linux-malware-detect-addon-discussion.846/ as well as AVG Antivirus for Linux - both make a nice combination.


----------

