Skip to main content

How to use Malware Patrol along with ClamAv in Ubuntu 16.04/20.04 LTS?

Malware Patrol provides signatures that are compatible with Clam AV software. You can follow these simple steps to configure your Clam AV instance and protect your internal network, computers and users from getting infected by malware. 

1) Make sure your Clam AV instance is installed and working properly. There are a few resources on the internet that can help you configure Clam AV in your platform. 

If you are experiencing trouble installing and configuring Clam AV, start at the following URL: 

How to install ClamAv antivirus with rspamd on Ubuntu 16.04/20.04 LTS?

If you followed the above instructions, skip to step 14.

2. Install curl. For example: apt-get install curl
3. Install rsync. For example: apt-get install rsync
4. Install unzip. For example: apt-get install unzip
5. cd /tmp

6. wget -O clamav-unofficial-sigs.zip ‘https://github.com/extremeshok/clamav-unofficial-sigs/archive/master.zip’
7. unzip /tmp/clamav-unofficial-sigs.zip
8. cp /tmp/clamav-unofficial-sigs-master/clamav-unofficial-sigs.sh /usr/local/bin
9. chmod 755 /usr/local/bin/clamav-unofficial-sigs.sh
 
10. mkdir -p /etc/clamav-unofficial-sigs
11. cp /tmp/clamav-unofficial-sigs-master/config/master.conf /etc/clamav-unofficial-sigs/
12. cp /tmp/clamav-unofficial-sigs-master/config/user.conf /etc/clamav-unofficial-sigs/
13. cd /etc/clamav-unofficial-sigs/ 
14) edit /etc/clamav-unofficial-sigs/master.conf appropriately
malwarepatrol_enabled=”yes”
malwarepatrol_receipt_code=”YOUR-RECEIPT-NUMBER”
malwarepatrol_product_code=”8″

Use 8 if you have a Free account or 15 if you are a Premium customer.

malwarepatrol_list=”clamav_basic” # clamav_basic or clamav_ext
malwarepatrol_free=”yes” 
clam_user=”clamav”
clam_group=”clamav”
user_configuration_complete=”yes” 
Set to yes if you have a Free account or no if you are a Premium customer. If you don't have RECEIPT-NUMBER, Please visit https://www.malwarepatrol.net/non-commercial/ 

15)
Clean unnecessary files: rm -rf /tmp/clamav-unofficial-sigs*

16) Execute the first update: /usr/local/bin/clamav-unofficial-sigs.sh

17) Configure a new cronjob to update ClamAV signatures every hour: MM * * * * /usr/local/bin/clamav-unofficial-sigs.sh

N.B: No need to execute 15, 16 & 17 

RUN THE SCRIPT ONCE AS ROOT 
# /usr/local/sbin/clamav-unofficial-sigs.sh --force 

Force all databases to be downloaded, could cause ip to be blocked.

If you experience any difficulties configuring ClamAV software to use Malware Patrol block lists, please make sure it is working properly and contact our tech support at admin [at] awsmonster.com.

Comments