The RSA 8.1 administrators guide covers the basic deployment of the built in CLAM AV.  In this post you will find some simple scripts and notes on how to make it work.

Create a script to do updates

sudo /usr/bin/freshclam

Create a script to run the check

sudo clamscan -r / --exclude-dir=/proc --exclude-dir=/sys --exclude-dir=/opt/rsa/am/rsapgdata --follow-dir-symlinks=0 --follow-file-symlinks=0

Both these scripts will need to be made executable so chmod 700 "scriptname".  This assumes the script owner is root if not you will need to chown root "scriptname" and chgrp root "scriptname" first.

Update the CRONTAB

Edit the /etc/crontab to run your scripts, this example runs the scripts daily at 10pm and 11pm consecutively.

/etc/crontab

SHELL=/bin/sh


PATH=/usr/bin:/usr/sbin:/sbin:/bin:/usr/lib/news/bin


MAILTO=root


#

# check scripts in cron.hourly, cron.daily, cron.weekly, and cron.monthly

#


-*/15 * * * * root test -x /usr/lib/cron/run-crons && /usr/lib/cron/run-crons >/dev/null 2>&1

0 22 * * * root "run clam update scriptname"


0 23 * * * root "run clam check scriptname"

Check Output

You can check the output in /var/log/messages or you can just run the checking script interactivity and see what is says at the end.

Getting out via a Proxy

Locate the following lines in /etc/freshclam.conf

# Proxy settings

# Default: disabled

HTTPProxyServer "proxyserver"

HTTPProxyPort "proxyport"

#HTTPProxyUsername

#HTTPProxyPassword

Remove the # to uncomment the line and input the appropriate details to suit.  Run the update script to test.

Your /etc/freshclam.conf will need to have its attributes set as follows chmod 0600 freshclam.conf as it contains sensitive information.