Clamav upgrade telling me clamav is newest version, but running 'sudo freshclam' tells me it is outdated!
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Clamav upgrade telling me clamav is newest version, but running 'sudo freshclam' tells me it is outdated!
sudo freshclam
Sat Sep 7 07:57:11 2019 -> ClamAV update process started at Sat Sep 7 07:57:11 2019
Sat Sep 7 07:57:11 2019 -> ^Your ClamAV installation is OUTDATED!
Sat Sep 7 07:57:11 2019 -> ^Local version: 0.100.3 Recommended version: 0.101.4
Sat Sep 7 07:57:11 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Sat Sep 7 07:57:11 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Sat Sep 7 07:57:11 2019 -> daily.cld is up to date (version: 25565, sigs: 1752977, f-level: 63, builder: raynman)
Sat Sep 7 07:57:11 2019 -> bytecode.cvd is up to date (version: 330, sigs: 94, f-level: 63, builder: neo)
sudo apt-get upgrade clamav
Reading package lists... Done
Building dependency tree
Reading state information... Done
clamav is already the newest version (0.100.3+dfsg-0ubuntu0.18.04.1).
Calculating upgrade... Done
clamav is already the newest version (0.100.3+dfsg-0ubuntu0.18.04.1).
Calculating upgrade... Done
So ubuntu 18.04 doesn't have the newest version (0.101.4), maybe 18.04.3 does or otherwise you will have to go elsewhere (like the source from the clamav site). That site tells me
Quote:
The Ubuntu backports repository will contain the newest clamav version that has been at least lightly tested to work with that version. These packages can be installed by enabling the backports repository on your system.
Ubuntu packages are maintained by Ubuntu MOTU Developers.
You should wait until ubuntu updates the clamav package to the latest version.
In the meantime you're safe, since the virus database is regularly updated.
Can clamav be used to scan external media? I tried to scan a directory from a usb flash drive and it did not work - did not scan anything. And in trying clamav/clamtk, it is EXTREMELY slow, sometimes scanning 100mb in 12 minutes. I have gotten the message: 0 files scanned numerous times.
Any ideas for the fastest, yet best, way to scan a 2TB hard drive full of data?
Can clamav be used to scan external media? I tried to scan a directory from a usb flash drive and it did not work - did not scan anything. And in trying clamav/clamtk, it is EXTREMELY slow, sometimes scanning 100mb in 12 minutes. I have gotten the message: 0 files scanned numerous times.
Any ideas for the fastest, yet best, way to scan a 2TB hard drive full of data?
Ahh. New question...
What command did you enter to scan the “external media”?
Can clamav be used to scan external media? I tried to scan a directory from a usb flash drive and it did not work - did not scan anything. And in trying clamav/clamtk, it is EXTREMELY slow, sometimes scanning 100mb in 12 minutes. I have gotten the message: 0 files scanned numerous times.
Any ideas for the fastest, yet best, way to scan a 2TB hard drive full of data?
Regarding the faster method, you can start the clamd daemon and use clamdscan to scan for viruses.
It uses a socket to connect to the clamd daemon, that is faster from using clamscan.
Read the respective manpages for details.
As for clamav, it can scan external media assuming that you have read rights on them. So check how do you mount them.
Ahh. New question...
What command did you enter to scan the “external media”?
A number of issues:
1.) Proxy
If you are using a http proxy to connect to the internet you will have to edit the file /etc/clamav/freshclam.conf adding:
HTTPProxyServer serveraddress
HTTPProxyPort portnumber
I use Tor. How would I find the proxyserver address and port number?
2.) After running the 'clamscan' w/ above command, I got the error message: "No supported database files found in /var/lib/clamav; error: can't open file or directory
3.) sudo freshclam: locked by another process; problem w/ internal logger.
4.) sudo clamdscan: could not connect to clamd on the local socket...
1.) Proxy
If you are using a http proxy to connect to the internet you will have to edit the file /etc/clamav/freshclam.conf adding:
HTTPProxyServer serveraddress
HTTPProxyPort portnumber
I use Tor. How would I find the proxyserver address and port number?
2.) After running the 'clamscan' w/ above command, I got the error message: "No supported database files found in /var/lib/clamav; error: can't open file or directory
3.) sudo freshclam: locked by another process; problem w/ internal logger.
4.) sudo clamdscan: could not connect to clamd on the local socket...
1. I don't know. Maybe see what the proxy settings in your browser are?
2. That's pretty clear. The database files are not in that directory. Where are they? What is the setting for DatabaseDirectory in the freshclam.conf? In clamd.conf? They should be the same.
3. Probably freshclam is already running.
4. Probably clamd is not running. clamd must be running to use clamdscan.
by default tor listens on 127.0.0.1:9050
but tor is a socks proxy, not http
it can do transparent, but I think you need to turn that on
Unless you are redirecting all your outbound traffic through tor with a firewall it is not the problem.
If you are, then tor is probably the problem.
if you don't know where to find iport you didn't config transport.
Are you running a mail server ( serving to other users not just yourself )?
Do you serve content that could contain malware to other users?
Do you have windows machines on your network?
if you answered no to those, do you need clamav?
what changed between the version you have and the newest?
Do you *really* need the newest right now?
tl;dr
gnu/linux isn't windows, you don't need a virus scanner
from the apt show blurb
Code:
Description: anti-virus utility for Unix - command-line interface
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of
this software is the integration with mail servers (attachment
scanning).
...
by default tor listens on 127.0.0.1:9050
but tor is a socks proxy, not http
it can do transparent, but I think you need to turn that on
Unless you are redirecting all your outbound traffic through tor with a firewall it is not the problem.
If you are, then tor is probably the problem.
if you don't know where to find iport you didn't config transport.
Are you running a mail server ( serving to other users not just yourself )?if you don't know where to find iport you didn't config transportif you don't know where to find iport you didn't config transport
Do you serve content that could contain malware to other users?
Do you have windows machines on your network?
if you answered no to those, do you need clamav?Are you running a mail server ( serving to other users not just yourself )?if you don't know where to find iport you didn't config transportif you don't know where to find iport you didn't config transport
Do you serve content that could contain malware to other users?
Do you have windows machines on your network?Are you running a mail server ( serving to other users not just yourself )?if you don't know where to find iport you didn't config transportif you don't know where to find iport you didn't config transport
Do you serve content that could contain malware to other users?
Do you have windows machines on your network?
what changed between the version you have and the newest?
Do you *really* need the newest right now?
tl;dr
gnu/linux isn't windows, you don't need a virus scanner
from the apt show blurb
Code:
Description: anti-virus utility for Unix - command-line interface
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of
this software is the integration with mail servers (attachment
scanning).
...
1. "redirecting all your outbound traffic through tor with a firewall" YES
2. "by default tor listens on 127.0.0.1:9050
but tor is a socks proxy, not http
it can do transparent, but I think you need to turn that on": DON'T KNOW WHAT THIS MEANS
3. if you don't know where to find iport you didn't config transport: DON'T KNOW - SOMEONE HELPED ME SET IT UP
4. Are you running a mail server ( serving to other users not just yourself )?
Do you serve content that could contain malware to other users?
Do you have windows machines on your network?
NO,NO,NO
5. do i need newest version? DON'T KNOW, WHATEVER HAS LATEST VIRUS SIGNATURES.
6. if you are having problems with it
reinstall
[code]
sudo apt remove clamav && sudo apt autoremove
sudo apt update && sudo apt install clamav
sudo freshclam
SUDO FRESHCLAM IS JUST LOCKED BY ANOTHER PROCESS, DOESN'T RUN, EVEN ON A CLEAN INSTALL.
Sat Sep 7 07:57:11 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Sat Sep 7 07:57:11 2019 -> daily.cld is up to date (version: 25565, sigs: 1752977, f-level: 63, builder: raynman)
Sat Sep 7 07:57:11 2019 -> bytecode.cvd is up to date (version: 330, sigs: 94, f-level: 63, builder: neo)
Your definitions are up to date. That the version of freshclam is not up to date DOES NOT MEAN that the definitions are not up to date...they wil continue to be maintained. You have nothing to worry about.
1. "redirecting all your outbound traffic through tor with a firewall" YES
2. "by default tor listens on 127.0.0.1:9050
but tor is a socks proxy, not http
it can do transparent, but I think you need to turn that on": DON'T KNOW WHAT THIS MEANS
3. if you don't know where to find iport you didn't config transport: DON'T KNOW - SOMEONE HELPED ME SET IT UP
They should not have set it up as they did.
ask them to undo it and use tor browser bundle it you feel you must use tor.
Are you certain tor is protecting you?
did whoever set tor up for you know what they were doing? https://browserleaks.com/ip
your dns is probably leaking
4. Are you running a mail server ( serving to other users not just yourself )?
Do you serve content that could contain malware to other users?
Do you have windows machines on your network?
NO,NO,NO
5. do i need newest version? DON'T KNOW, WHATEVER HAS LATEST VIRUS SIGNATURES.
6. if you are having problems with it
reinstall
[code]
sudo apt remove clamav && sudo apt autoremove
sudo apt update && sudo apt install clamav
sudo freshclam
SUDO FRESHCLAM IS JUST LOCKED BY ANOTHER PROCESS, DOESN'T RUN, EVEN ON A CLEAN INSTALL.
THANKS.
why are you looking for windows viruses if you don't use windows or serve mail/files to windows users?
some reading
https://help.ubuntu.com/community/Linuxvirus
they should not have set it up as they did.
Ask them to undo it and use tor browser bundle it you feel you must use tor. I think they used Tor browser bundle.
are you certain tor is protecting you?
Did whoever set tor up for you know what they were doing? https://browserleaks.com/ip
your dns is probably leaking
and i bet your browser is leaking your real ip https://browserleaks.com/webrtc
[/offtopic] They do know. I have checked for leaks for both dns and webrtc - no leaks. I also use a vpn.
why are you looking for windows viruses if you don't use windows or serve mail/files to windows users? I have many files that were created in windows that may have windows viruses, but now looking for linux viruses.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.