Discussion:
How to test ClamAV?
Aleksey Tsalolikhin
2008-12-05 23:06:41 UTC
Permalink
Ok, so how do I test ClamAV?

There is no mention of this in http://www.clamav.net/support/faq

I did find on the Wiki the following, but it's out of date, clam.cab
is no longer shipped with the 0.94.2 tar.gz source distribution:

* The following files are included into clamav-*.tar.gz and are not
dangerous:

clam.cab
clam-error.rar
clam.exe
clam.exe.bz2
clam.rar
clam.zip

Output shall be:

clam-error.rar: RAR module failure
clam.cab: ClamAV-Test-File FOUND
clam.exe: ClamAV-Test-File FOUND
clam.exe.bz2: ClamAV-Test-File FOUND
clam.rar: ClamAV-Test-File FOUND
clam.zip: ClamAV-Test-File FOUND


So where do people get viruses to test ClamAV with?

Best,
--
Aleksey Tsalolikhin
UNIX System Administrator
"I get stuff done!"
http://www.lifesurvives.com/
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Brandon Perry
2008-12-05 23:14:54 UTC
Permalink
When you compile ClamAV, use --enable-check (iirc) and make sure you have
check installed. Then, when it is done compiling, you can run `make check`
and it will check itself :-).
Post by Aleksey Tsalolikhin
Ok, so how do I test ClamAV?
There is no mention of this in http://www.clamav.net/support/faq
I did find on the Wiki the following, but it's out of date, clam.cab
* The following files are included into clamav-*.tar.gz and are not
clam.cab
clam-error.rar
clam.exe
clam.exe.bz2
clam.rar
clam.zip
clam-error.rar: RAR module failure
clam.cab: ClamAV-Test-File FOUND
clam.exe: ClamAV-Test-File FOUND
clam.exe.bz2: ClamAV-Test-File FOUND
clam.rar: ClamAV-Test-File FOUND
clam.zip: ClamAV-Test-File FOUND
So where do people get viruses to test ClamAV with?
Best,
--
Aleksey Tsalolikhin
UNIX System Administrator
"I get stuff done!"
http://www.lifesurvives.com/
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
--
http://www.volatileminds.net
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Andy
2008-12-05 23:23:13 UTC
Permalink
EICAR
http://www.eicar.org/anti_virus_test_file.htm

VX heavens
http://vx.netlux.org/vl.php
Post by Brandon Perry
When you compile ClamAV, use --enable-check (iirc) and make sure you have
check installed. Then, when it is done compiling, you can run `make check`
and it will check itself :-).
--
-Xinn.org
Security, and Sanity Solutions
The makers of ClearSite NMS.
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Rob
2008-12-05 23:15:01 UTC
Permalink
Post by Aleksey Tsalolikhin
Ok, so how do I test ClamAV?
So where do people get viruses to test ClamAV with?
Are you wanting to see that ClamAV is properly configured in your
environment or are you ensuring it finds the viruses that you test it
with?

If you're looking to test your configuration, the easiest is with the
EICAR test file. You can find out more about it at
http://www.eicar.org/anti_virus_test_file.htm

ClamAV should report the following when the file is scanned:
clamdscan ~/eicar.com
eicar.com: Eicar-Test-Signature FOUND


Rob


_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
Aleksey Tsalolikhin
2008-12-05 23:30:27 UTC
Permalink
That's great, thanks all! I've downloaded and used the EICAR test file.

Best,
Aleksey
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Continue reading on narkive:
Loading...