Table Of Contents
This user guide presents an overview of the various ways that libclamav can be used through the tools provided by ClamAV. To learn more about how to better use each facet of ClamAV that interests you, please follow the links provided.
The ClamAV Daemon, or
clamd, is a multi-threaded daemon that uses libclamav to scan files for viruses. ClamAV provides a number of tools which interface with this daemon. They are, as follows:
clamdscan- a simple scanning client
on-access scanning- provides real-time protection via a
clamdtop- a resource monitoring interface for
ClamAV also provides a command-line tool for simple scanning tasks with libclamav called
clamscan. Unlike the daemon,
clamscan is not a persistent process and is best suited for use cases where one-time scanning with minimal setup is needed.
Signature Testing and Management
A number of tools allow for testing and management of signatures. Of note are the following:
clambc- specifically for testing bytecode
sigtool- for general signature testing and analysis
freshclam- used to update signature database sets to the latest version
The more complex tools ClamAV provides each require some degree of configuration. ClamAV supplies two example configuration files:
clamd.conf- for configuring the behavior of the ClamAV Daemon
clamdand associated tools
freschclam.conf- for configuring the behavior of the signature database update tool,
ClamAV also provides a mail filtering tool called
clamav-milter which can be attached to a
clamd instance for mail scanning purposes.
Additionally, a tool called
clamconf allows users to check the configurations used by each other tool, pulling information from the configuration files listed above, alongside other relevant information.