Run Clam Antivirus Run Clam Antivirus SoftwareSoftware
Each RSA Authentication Manager instance includes Clam Antivirus (ClamAV) software. ClamAV is an open-source software toolkit that is intended to reduce the risk of intrusion or malicious system or data access. Apply software updates to ClamAV only as part of RSA-delivered updates. You are responsible for updating antivirus definition files and running ClamAV in order to scan any Authentication Manager instance for known malware.
Before you begin
- This procedure assumes a knowledge of Linux commands.
- For the operating system account User ID rsaadmin, obtain the operating system password.
- To access the operating system with a secure shell (SSH) client, you must enable SSH. You can also access the operating system on a virtual appliance in the VMware vSphere client, the Hyper-V System Center Virtual Machine Manager Console,or the Hyper-V Manager.For instructions on using SSH, see Enable SSH on the Appliance.
Procedure
- Log on to the appliance with the User ID rsaadmin and the current operating system password:
- On a hardware appliance, an Amazon Web Services appliance, or an Azure appliance, log on to the appliance using an SSH client.
- On a VMware virtual appliance, log on to the appliance using an SSH client, or the VMware vSphere client.
- On a Hyper-V virtual appliance, log on to the appliance using an SSH client, the Hyper-V System Center Virtual Machine Manager Console, or the Hyper-V Manager.
- Update the antivirus definition files. Choose one of the following procedures:
- If the Authentication Manager instance has access to the Internet, you can automatically download and apply the latest antivirus definition files. Type the following command:
sudo /usr/bin/freshclam
If the Authentication Manager instance does not have access to the Internet, manually download the main.cvd, daily.cvd, and bytecode.cvd antivirus definition files from the ClamAV web site: http://www.clamav.net/
Copy the files into the /var/lib/clamav/ directory on the instance.
- If the Authentication Manager instance has access to the Internet, you can automatically download and apply the latest antivirus definition files. Type the following command:
- To scan files and directories for viruses manually, type the following line:
- Check the scan results in /var/log/clamav.log.
sudo clamscan -r / --exclude-dir=/proc --exclude-dir=/sys --exclude-dir=/opt/rsa/am/rsapgdata --follow-dir-symlinks=0 --follow-file-symlinks=0 --log=/var/log/clamav.log
To schedule automatic virus scans, create a cron job that runs the same command.
