Clam AntiVirus

Clam AntiVirus

Clam AV 0.96, running a definition update, scanning a file and identifying a Trojan from the command-line.
Developer(s) Tomasz Kojm[1]
Stable release 0.97.3[2] / October 17, 2011; 3 months ago (2011-10-17)
Operating system Cross-platform
Type Antivirus software
License GNU General Public License
Website www.clamav.net

Clam AntiVirus (ClamAV) is a free, cross-platform antivirus software tool-kit able to detect many types of malicious software, including viruses. One of its main uses is on mail servers as a server-side email virus scanner. The application was developed for Unix and has third party versions available for AIX, BSD, HP-UX, Linux, Mac OS X, OpenVMS, OSF (Tru64) and Solaris. As of version 0.96 ClamAV builds and runs on Microsoft Windows.[3][4] Both ClamAV and its updates are made available free of charge.

Sourcefire, a maker of intrusion detection products and the owner of Snort, announced on 17 August 2007 that it had acquired the trademarks and copyrights to ClamAV from five key developers.[5]

Contents

Features

ClamAV includes a number of utilities: a command-line scanner, automatic database updater and a scalable multi-threaded daemon, running on an anti-virus engine from a shared library.[3]

The application also features a Milter interface for sendmail and on-demand scanning. It has support for Zip, RAR, Tar, Gzip, Bzip2, OLE2, Cabinet, CHM, BinHex, SIS formats, most mail file formats, ELF executables and Portable Executable (PE) files compressed with UPX, FSG, Petite, NsPack, wwpack32, MEW, Upack and obfuscated with SUE, Y0da Cryptor. It also supports many document formats, including Microsoft Office, HTML, Rich Text Format (RTF) and Portable Document Format (PDF).[3]

The ClamAV virus database is updated several times each day and as of 30 October 2011 contained 1,063,024 virus signatures with the the daily update Virus DB number at 13867.[3][6]

Effectiveness

ClamAV is currently tested daily in comparative tests against other antivirus products on Shadowserver. In 2010 Shadowserver tested over 22 million samples against ClamAV and numerous other antivirus products. Out of the 22 million samples tested ClamAV scored 76.64% ranking 9 out of 19, a higher rating than some much more established competitors.[7]

ClamAV was included in comparative tests against other antivirus products. In the 2008 AV-Test it rated: on-demand: very poor, false positives: poor, on-access: poor, response time: very good, rootkits: very poor.[8]

In a Shadowserver six-month test between June and December 2011 ClamAV detected over 75.45% of all viruses tested, putting it in fourth place behind AhnLab, Avria, BitDefender and Avast. AhnLab,the top antivirus, detected 80.28% [9]

Platforms

Linux, BSD

ClamAV is available for Linux and BSD-based operating systems.[3] In most cases it is available through the distribution's repositories for installation.

On Linux servers ClamAV can be run in daemon mode, servicing requests to scan files sent from other processes. These can include mail exchange programs, files on Samba shares, or packets of data passing through a proxy server (IPCop, for example, has an add-on called Copfilter which scans incoming packets for malicious data).

On Linux and BSD desktops ClamAV provides on-demand scanning of individual files, directories or the whole PC.[3]

Mac OS X

Apple Mac OS X Server has included ClamAV since version 10.4. It is used within the operating system's email service. A graphical user interface is available in the form of ClamXav.[10] Additionally, Fink and MacPorts have ported ClamAV to the platform too.

Another program which uses the ClamAV engine, on Mac OS X, is Counteragent. Working alongside the Eudora Internet Mail Server program, Counteragent scans emails for viruses using ClamAV and also optionally provides spam filtering through SpamAssassin.

OpenVMS

ClamAV for OpenVMS is available for DEC Alpha and Itanium platforms. The build process is simple and provides basic functionality, including: library, clamscan utility, clamd daemon and freshclam for update.[11]

Windows

ClamAV for Windows is a joint project of ClamAV and Immunet which provides support for Windows XP, Vista, and 7. Unlike ClamWin it includes on-access scanning accomplished through cloud computing, which reduces the use of local PC memory.[12]

Graphical interfaces

Since ClamAV does not include a graphical user interface (GUI) but instead is run from the command line, a number of third-party developers have written GUIs for the application for various platforms and uses.

These include:

ClamWin

Main article: ClamWin

ClamWin is a graphical user interface front end for ClamAV for Microsoft Windows built by ClamWin Pty Ltd. Features include on-demand (user started) scanning, automatic updates, scan scheduling, context menu integration to Explorer, and an add-in for Microsoft Outlook. To provide on-access scanning (scan when a file is read or written), additional software must be used. Examples are Clam Sentinel and the free software called Winpooch.

Plugins for Mozilla Firefox which use ClamWin to scan downloaded files are also available.[19][20] Several other extensions allow users to process downloaded files with any software and scan the files with ClamWin.[21][22][23][24]

Patent lawsuit

Barracuda Networks is being sued by Trend Micro as of 2008 for its distribution of ClamAV as part of a security package.[25] Trend Micro claims that Barracuda's utilization of ClamAV infringes on a software patent for filtering viruses on an Internet gateway. The free software community has responded in part by calling for a boycott against Trend Micro. The boycott has been endorsed by the Free Software Foundation.[26] Barracuda Networks counter-sued with IBM obtained patents in July 2008.[27]

See also

References

  1. ^ ClamAV (2007). "Team Members". http://www.clamav.net/about/team/. Retrieved 2008-12-30. 
  2. ^ "projects / clamav-devel.git / commit". Git.clamav.net. 2011-06-09. http://git.clamav.net/gitweb?p=clamav-devel.git;a=commit;h=13b8484e6d9fe77f07554591f914554aa8c703e3. Retrieved 2011-06-09. 
  3. ^ a b c d e f ClamAV (2007). "About ClamAV". http://www.clamav.net/about. Retrieved 2008-12-25. 
  4. ^ ClamAV (2007). "ClamAV Packages and Ports". http://www.clamav.net/download/packages/. Retrieved 2008-12-31. 
  5. ^ "Sourcefire acquires ClamAV". ClamAV. 2007-09-17. http://www.clamav.org/2007/08/17/sourcefire-acquires-clamav/. Retrieved 2008-02-12. 
  6. ^ ClamAV (August 2010). "Latest Stable Release". http://www.clamav.net/. Retrieved 2010-08-21. 
  7. ^ "ShadowServer Yearly Stats". www.shadowserver.org. 2011-01-01. http://www.shadowserver.org/wiki/pmwiki.php/Stats/VirusYearlyStats. Retrieved 2011-03-22. 
  8. ^ "Anti-virus comparison test of current anti-malware products, Q1/2008". AV-Test GmbH. 22 January 2008. Archived from the original on 15 July 2011. http://web.archive.org/web/20110715060200/http://blogs.pcmag.com/securitywatch/Results-2008q1.htm. Retrieved 12 February 2008. 
  9. ^ "ShadowServer 180 Day Stats". www.shadowserver.org. 2011-08-16. http://www.shadowserver.org/wiki/pmwiki.php/AV/Virus180-DayStats. Retrieved 2011-12-16. 
  10. ^ ClamXav.com (undated). "ClamXAV.com". http://www.clamxav.com/. Retrieved 2009-01-24. 
  11. ^ Chupahin, Alexey (December 2008). "Clam AntiVirus OpenVMS Project News". http://clamav.dyndns.org/clamav/. Retrieved 2008-12-25. 
  12. ^ ClamAV (April 2010). "ClamAV for Windows". http://www.clamav.net/lang/en/about/win32/. Retrieved 24 April 2010. 
  13. ^ Mauroni, Dave (December 2008). "ClamTk Virus Scanner". http://clamtk.sourceforge.net/. Retrieved 2008-12-25. 
  14. ^ Mauroni, Dave (October 2008). "ClamTk README". http://clamtk.sourceforge.net/README. Retrieved 2008-12-26. 
  15. ^ KlamAV F. (May 2006). "KlamAV - Main Page". http://klamav.sourceforge.net/. Retrieved 2008-12-25. 
  16. ^ "wbmclamav project". http://wbmclamav.labs.libre-entreprise.org/. 
  17. ^ ClamXav.com (November 2008). "ClamXav.com". http://www.clamxav.com/. Retrieved 2008-12-25. 
  18. ^ a b "CS Anti-Virus description". Softpedia.com. 2009-03-23. http://www.softpedia.com/get/Antivirus/CS-Anti-Virus.shtml. Retrieved 2010-11-09. 
  19. ^ "FireClam: Use ClamAV to scan Firefox downloads for viruses". Firefox Addons. https://addons.mozilla.org/en-US/firefox/addon/fireclam/. Retrieved 2009-11-02. 
  20. ^ "ClamWin Antivirus Glue for Firefox". Firefox Addons. https://addons.mozilla.org/en-US/firefox/addon/771. Retrieved 2008-04-15. 
  21. ^ "Download Scan". Downloadstatusbar.mozdev.org. 2005-08-19. http://downloadstatusbar.mozdev.org/downscan/. Retrieved 2010-11-09. 
  22. ^ Download Statusbar
  23. ^ "Safe Download". Extensions.geckozone.org. http://extensions.geckozone.org/SafeDownload. Retrieved 2010-11-09. 
  24. ^ ClamWin Pty Ltd (2009). "About ClamWin Free Antivirus". http://www.clamwin.com/content/view/71/1/. Retrieved 2009-03-13. 
  25. ^ "Trend Micro patent claim provokes FOSS community, leads to boycott". Linux.com. 2008-02-11. http://www.linux.com/feature/126851. Retrieved 2008-02-12. 
  26. ^ "Boycott Trend Micro". Free Software Foundation. 2008-02-11. http://www.fsf.org/blogs/community/boycottTrendMicro.html. Retrieved 2008-02-12. 
  27. ^ http://arstechnica.com/open-source/news/2008/07/barracuda-bites-back-at-trend-micro-in-clamav-patent-lawsuit.ars

Further reading

External links

General
Operating system families
AROS · BSD · Darwin · eCos · FreeDOS · GNU · Haiku · Inferno · Linux · Mach · MINIX · OpenSolaris · Plan 9 · ReactOS · Symbian
Development
Eclipse · FreeBASIC · Free Pascal · GCC · Gambas · Java · LLVM · Lua · NetBeans · Open64 · Perl · PHP · Python · ROSE · Ruby · Tcl
History
Organizations
Licences
Licence standards
Challenges
Other topics
Book:Free and Open Source Software  · Category:Free software  · Portal:Free software