[Script] ClamAV active scanning downloads

Share your own howto's etc. Not for support questions!

[Script] ClamAV active scanning downloads

Postby O'Niel » 2017-01-21 19:36

Hi!

I think it's very good to have an anti-virus installed on your system, even Linux systems!
ClamAV is of course the Numéro 1 choice, however the thing that bothered my was that ClamAV
is not an active anti-virus but a passive one (it only scans when you tell it to do so manually).

So I thought of a way to make it more 'active'. When you download something it gets stored in the Downloads folder,
so IF you'd download malware it would at least be stored there in the beginning. Manually scanning each time would
be a pain.
So I made a script that automatically scans newly downloaded files.

Script:
Code: Select all
#!/bin/bash
DISPLAY=':0'

inotifywait ~/Downloads -m -r -e modify -e moved_to --format '%w%f' | while read file
do
   clamscan --bell --recursive --max-filesize=99999999 --log $HOME/.custom_security/logs/download_logs.txt $file
   CLAMSCAN_OUT="$?"
      
   if [ $CLAMSCAN_OUT -eq 1 ]; then
      /usr/bin/X11/xmessage -buttons Ok:0,"Delete":1,"Logs":2 -default Ok -center "Infected file: $file found!" -display $DISPLAY -bg black -fg green -bd white
      USER_CHOICE="$?"

      if [ $USER_CHOICE -eq 1 ]; then
         rm -r $file
      elif [ $USER_CHOICE -eq 2 ]; then
         /usr/bin/X11/xmessage -buttons Ok:0,"Clear":1,"Open":2 -default Ok -center -file $HOME/.custom_security/logs/download_logs.txt -display $DISPLAY -bg black -fg green -bd white
         USER_CHOICE="$?"
         if [ $USER_CHOICE -eq 1 ]; then
            rm $HOME/.custom_security/logs/download_logs.txt
         elif [ $USER_CHOICE -eq 2 ]; then
            dolphin --select $file ~/Downloads
         fi
      fi
   elif [ $CLAMSCAN_OUT -eq 0 ]; then
      /usr/bin/X11/xmessage -buttons Ok:0,"Open":1 -default Ok -center "$file is scanned and secure." -display $DISPLAY -bg black -fg green -bd white
      USER_CHOICE="$?"
      if [ $USER_CHOICE -eq 1 ]; then
         dolphin --select $file ~/Downloads
      fi
   fi
done


How to install?
Code: Select all
cd ~/
mkdir .custom_security
cd .custom_security
mkdir logs
#Save the code as Downloads_sec.sh
chmod +x Downloads_sec.sh
crontab -e

To add in crontab:
Code: Select all
DISPLAY=':0'
@reboot sh $HOME/.custom_security/Downloads_sec.sh &


You might need to change the DISPLAY variable-value in crontab and the script, do echo $DISPLAY to check that out.

How to test?
Download this innocent AV-test file: https://secure.eicar.org/eicar.com.txt (Eicar test file)
Then download an innocent image.

If successful, you get messages saying if your download was secure or not, you can delete if not, open if it was, view logs,...
Not perfect but I like it a lot and sharing never hurts!

Thanks!
O'Niel
 
Posts: 23
Joined: 2016-08-20 20:49

Return to Docs, Howtos, Tips & Tricks

Who is online

Users browsing this forum: No registered users and 2 guests

fashionable