ClamAV FAQ
What do the Atomic CLAMAV Signatures protect against?
Lots of things, this is just some of the things our CLAMAV Signatures are designed to protect against:
PHP, CGI and other Shells
Spam Tools
Rootkits
Viruses
Worms
Phishing Sites and Tools
IRC Bots
Attack Tools and unauthorized scanners
And more! We put out updates to our signatures daily with new protections and enhancements.
What versions of clamav do the signatures work with?
The rules are written for the latest stable version of clamav. Currently that is 0.97.5.
What is included with an Atomic CLAMAV Signatures subscription?
Access to the real time mod_security and clamav rules we publish. If you require additional features, please consider upgrading to our premier Linux security product Atomic Endpoint Defender.
Email and Web Based support during normal support hours.
Support fixing false positives
Development of new signatures based on request.
Does a real time subscription include both the modsecurity and clamav rules?
Yes, realtime subscribers get instant access to the latest modsecurity and clamav signatures. We release updates daily based on new attacks we detect from our honeypots, new methods our labs develop, as well as fixes and improvements.
Do I need to install clamav to use your rules?
You must install clamav to use our rules.
What Operating Systems is ClamAV compatible with?
We support our signatures on any platform that supports clamav, which includes (but is not limited to):
Linux (Including Suse, Ubuntu, CloudLinux, TrixBox, Fedora, Redhat, Gentoo, Debian, Slackware, Mandriva, and others)
Microsoft Windows
MacOS X
FreeBSD
OpenBSD
Dragonfly BSD
NetBSD
If you find that clamav works on a platform not listed here, please contact us so we can add it to this list.
Note
When an operating system or distribution is no longer supported by the vendor we also no longer support the use of our signatures on that platform.
Will ClamAV work with control panels?
Our clamav signatures rules work with any control panel. The diantures are independent of the control panel, which means that they work with cPanel, Plesk, Directadmin, Hsphere, Virtualmin, interworx, etc. They work with any panel right out of the box, without modification.
How do I configure clamav to use your signatures?
Configuration support for clamav is not included with Rules Only licenses. If you require this level of assistance please purchase an AED license.
Can I setup a cronjob to automatically update the rules?
Absolutely. We recommend you do that as we put out updates to the rules daily that include new protections and fixes.
Whitelisting Files
If you find that you need to whitelist a file, simply put the md5 signature of the file in this file on your system:
/var/clamav/local.fp
How do I disable signatures in ClamAV?
If you find that you need to disable a signature, simply put the signature name in this file on your system:
/var/clamav/local.ignThe format for this file is one signature per line.
If you are using clamd, you will also need to tell clamd to load this exclusion for this to take effect. If you are using AED simply run this command as root:
/etc/init.d/clamd reloadNote
Some versions of clamav add the word “UNOFFICIAL” to the end of third party signatures. If your version of clamav does this, and the signature name contains the words “UNOFFICIAL” do not include that in the signature name.