To ensure compliance with our parent company's audit rules, I am installing clamav anti-virus software on our CENTOS 6 cloud servers located at Rackspace. I have installed and configured the software on a test server. My first question for the forum is what directories should I scan? Right now, I am only scanning the /home directory. My second question, is how do I add to a script that I want to scan more than one directory?
I am including below a code snippet from the shell script that runs in CRON.
clamscan /home -r \
--move=/var/log/clamav \
--log=$LOG_FILE
CLAMAV Best Practices
Re: CLAMAV Best Practices
Reading man clamscan seems to show that you can specify --include-dir= multiple times in the same clamscan run so that's how I'd do it. Depending on your server use case you might want to scan more than /home - for example a mail server might have a spool directory that you'd want to scan though for a mail server it would probably be better to implement a scanning technique that calls out from the mail server software to scan mails as they arrive...
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke