i know everyone says linux doesnt get viruses. but is that 100% true?
the truth is, linux IS more secure than windows. but "more secure" doesnt mean "bulletproof". especially if u download a bunch of stuff from the internet, get files from friends, or have dual boot with windows and dont wanna spread digital bugs to other partitions.
thats when i found ClamAV. its an open source antivirus, lightweight, free, and runs straight from the terminal. perfect for those who are paranoid but too lazy to open a gui (´。• ᵕ •。`)
what is ClamAV?
ClamAV is like the antivirus servers use. it doesnt have that annoying icon blinking in the corner of the screen, doesnt flood u with notifications, and doesnt try to sell u a premium plan.
it just exists. quietly. waiting for u to call it from the terminal to scan whatever u want.
it can detect windows viruses, office macros, android malware, trojans, worms, and a bunch of stuff i cant even pronounce right. so even if u use linux 100% of the time, its still useful so u dont pass infected files to other people.
how to install
on fedora (and nobara) its just this:
sudo dnf install clamav clamav-updatethen update the virus database:
sudo freshclamitll download the latest signatures. this takes a while the first time bc there are millions of signatures, but after that its super quick~
how to use
to scan a specific folder:
clamscan -r /home/miuna/Downloadsthe -r is recursive, meaning it goes into all subfolders. without it it only looks at whats in the root of the folder and ignores the rest.
now, if u want a complete scan of the entire system, the command is this monster:
sudo clamscan -r --exclude-dir="^/sys" --exclude-dir="^/proc" --exclude-dir="^/dev" /the --exclude-dir flags are important bc if u dont add them, itll try to scan system stuff that arent real files (like processes and devices) and fill the log with errors.
my experience scanning everything
the other day i felt like doing a full scan on my pc. like, full full. all partitions, all hdds, everything i had.
it took 9 hours. scanned almost 2 million files and 343GB of data. the result?
zero infected files. (๑˃̵ᴗ˂̵)و
of course, this doesnt mean my pc is impossible to infect. it just means that, at least until that day, there was nothing known by the clamav database. still, i slept more peacefully knowing.
the 1366 errors that showed up at the bottom are basically files clamav couldnt read due to lack of permission. system stuff that even with sudo it cant touch. normal, no big deal.
what else is it for?
besides personal paranoia, ClamAV is super used in email servers. like, when u send an email with an attachment, many servers run clamav on the backend to check if the file is clean before delivering.
its also used in network gateways, firewalls, and anywhere that needs automatic file scanning. since its open source, any company can embed it in their own product without paying a license.
and for those with dual boot, its a lifesaver. u can boot into linux and scan the windows partition before starting it. that way, if windows has some malware that the native antivirus missed, clamav might help.
its not perfect
lets be real. ClamAV isnt the most powerful antivirus in the world. it doesnt have real-time protection by default (it doesnt monitor everything u do), linux-specific malware detection is more limited, and it doesnt have those fancy behavioral AI features that commercial antivirus software sell.
but its free, open source, doesnt spy on u, and does the basics really well. for those who just wanna make sure they dont have an infected file in the middle of their downloads, it does the job just fine.
and honestly... after 9 hours of scanning and 0 viruses found, i think the best protection is still not clicking on suspicious stuff (⌐■_■)
but sleeping peacefully is priceless~