HowTo: OpenMediaVault - Configure and activate virus scanner ClamAV

As a Windows user, you are used to the fact that a virus scanner is always on the lookout somewhere in the background and immediately informs you about an infection with malware or already takes appropriate action.
On my Windows systems I use Avira Free Security and am very satisfied with it.

Of course, this program doesn't run on my OpenMediaVault instance. So how do I protect my files once they're stored on it?

Fortunately, the developers of OpenMediaVault also provide you with a practical plugin here. Because with this plugin you can install the free open source virus protection program "ClamAV" on your OMV instance.

Once configured, data traffic is automatically monitored. You can also configure regular checks of your folders. ClamAV then automatically deletes any malware it finds or moves it to a specified quarantine folder.

I have described everything you need to know to configure ClamAV in your OMV instance in the following article.


Safety instructions

I know the following hints are always a bit annoying and seem unnecessary. But unfortunately, many people who knew it "better" from carelessness lost their eyes, fingers or other things or hurt themselves. In comparison, a loss of data is almost not worth mentioning, but even these can be really annoying. Therefore, please take five minutes to read the safety instructions. Even the coolest project is worth no injury or other annoyance. https://www.nerdiy.de/en/sicherheitshinweise/

Affiliate links / advertising links

The links to online stores listed here are so-called affiliate links. If you click on such an affiliate link and store via this link, Nerdiy.de receives a commission from the online store or provider concerned. The price doesn't change for you. If you do your purchases via these links, you will support Nerdiy.de in being able to offer further useful projects in the future. 🙂


Requirements

Helpful articles:
Before you start this article, you should have prepared a Raspberry Pi so that it can be reached via the network and controlled via SSH.

The following articles describe what needs to be done to prepare the Raspberry Pi.

In the following lists you will find all the parts you need to implement this article.

Required tool:

NumberLink
1xScrewdriver set  Buy at Amazon
1xSD card reader  Buy at Amazon

Required material:

NumberLink
1x Raspberry Pi  Buy at Amazon
1x Raspberry Pi power supply  Buy at Amazon
1x Raspberry Pi case  Buy at Amazon
1x Micro SD card 64GB  Buy at Amazon


Install the ClamAV plugin via the OpenMediaVault interface

In order to be able to use the functions of the ClamAV plugin, you must of course install it first.

Installation is very easy thanks to the OMV interface.

First click on the heading

  • plugins

in the section

  • system

The quickest way to find the ClamAV plugin is to use the search function in the upper right corner.

Just type "clam" there. After that, ClamAV's entry should be the only one visible.

Then mark this entry by clicking on it and start the installation by clicking on the small blue arrow in the marked area.

You must then confirm the start of the installation by clicking on "Yes".

The installation will then start.

As soon as it is complete, you can exit the installation area by clicking on "Close".

You then have to activate the configuration again (as usual) by clicking on the check mark shown.

...and confirm with the "Yes" button.


Activate and configure the ClamAV Antivirus plugin

The ClamAV plugin is now installed but not yet activated (or even configured).

To do this, switch to the tab

  • services

and open the pane

  • antivirus

Click there

  • Settings

On the page that now appears, you can make all the basic settings.

First activate ClamAV by ticking "Enabled".

You should also set the "Database checks" setting to 12. ClamAV then automatically updates its virus database every 12 hours. This is important to reliably detect new malicious programs.

You can also select a shared folder in which to malicious programs will be stored. It is best if you define your own "quarantine folder" for this.

If needed create a folder as usual. I have described how to do this here:

You can accept the other settings as shown.

In my opinion, they are a good compromise for reliably detecting malicious programs without putting too much strain on the system.

Then click on "Save" to apply the settings.

You then have to confirm the new configuration again.

Click on the tick shown…

...and in the next window click "Yes".


Enable ClamAV live/on access scanning

So that your shared folders are automatically checked for malware, you must now configure them for "On Access Scans". Once activated, all data traffic in these folders is monitored. If a malicious program is found, it is automatically (depending on the configuration) deleted or moved to the quarantine folder.

To do this, click on the tab

  • On access scans

Then click on the small blue plus icon to add a new folder to the live monitoring.

Then select the folder you want to add to the live monitoring and click "Save".

Again, you must confirm the change to the configuration before it is applied.


Enable and configure scheduled ClamAV scans

Parallel to live monitoring, you can also configure ClamAV so that shared folders are regularly scanned for malware.

To do this, click on the tab

  • Scheduled scans

…and then on the small blue plus in the marked area.

Here you can now select a folder from the list of your shared folders

You can also configure when this scan is run.

In the example shown, the scan is started every month every day (represented by the *) at 21:00. This only happens on Monday and Tuesday.

You can also set here what should happen with found malicious programs.

In my opinion, the best way is to move infected programs to quarantine (if configured). Of course, you can also delete the malicious program directly or do nothing. In the latter case, you will only be informed about the find.

For this you should of course have activated the last point "Send mail".

To save the settings, you must then click on "Save".

Again, you must activate the configuration before it is applied.


More articles related to Open Media Vault

This completes the installation of OMV. I have described the many other functions in other articles. These articles are all grouped into the following category


Have fun with the project

I hope everything worked as described. If not or you have any other questions or suggestions, please let me know in the comments. Also, ideas for new projects are always welcome. 🙂

P.S. Many of these projects - especially the hardware projects - cost a lot of time and money. Of course I do this because I enjoy it, but if you appreciate that I share this information with you, I would be happy about a small donation to the coffee box. 🙂

Buy Me a Coffee at ko-fi.com   

Kommentar hinterlassen

Your email address will not be published. Erforderliche Felder sind mit * markiert