Free antivirus scanner software for linux

The Qmail virus scanner (QScan) is a mail filter for Qmail that scans incoming messages using the Sophos Antivirus engine, immediately rejecting infected content.

It is designed to be minimalistic, yet extremely fast and secure, and uses multiple pipes instead of the traditional temporary files and privilege separation. It works with non-native versions of the virus scanner like under OpenBSD with Linux or FreeBSD emulation.


You must create a temporary directory to extract MIME attachments, and replace Qmails original qmail-queue program with Qscan. Quick way to achieve this for the impatients :

mkdir /var/qmail/qscan
chmod 700 /var/qmail/qscan
chown qmaild:qmail /var/qmail/qscan
ln /var/qmail/bin/qmail-queue /var/qmail/bin/qmail-queue-old

Now, lets compile and install Qscan :

./configure --help

./configure [your beloved flags]

make install-strip

The last step is to replace the original qmail-queue program with our filter :

rm /var/qmail/bin/qmail-queue
ln -s /usr/local/sbin/qscan /var/qmail/bin/qmail-queue

Depending on your local configuration, it may be needed or not, but start with doing it :

chown qmaild:qmail /usr/local/sbin/qscan
chmod 6711 /usr/local/sbin/qscan

After testing, if everythings ok for you, remove the setuid bit :

chown 0:0 /usr/local/sbin/qscan
chmod 711 /usr/local/sbin/qscan

Antivirus Scan with F-Prot is a simple servicemenu for konqueror that allows to scan single or multiple files and folders using the F-Prot Antivirus. Antivirus Scan with F-Prot shows the result of the scanning in a textbox using kdialog. It can also show the progress of the scanning in a terminal.
I hope you may find it useful.
Comments or/and translations are welcome.
TO INSTALL: extract the content of the tarball and copy the file f-prot_virus_scan.desktop into ~/.kde/share/apps/konqueror/servicemenus (just for your user) or in /usr/share/apps/konqueror/servicemenus, /opt/kde/share/apps/konqueror/servicemenus... etc, depending on your distro, to make it system-wide.
This is only the service-menu, you need to have F-Prot antivirus installed on your system.
Enhancements:
- Added Danish translation by Kefeus

Multi Purpose Scanner is a simple scanner written in C that starts a number of child processes, connects to a list of IP addresses, and logs a certain number of characters to standard out or a file.
Low band use is one consecuence of a single connection per child that recieve an only defined num of characters.
Main features:
- $ mpscan -e -p 25 -t 15 -r 100 -T 20 -R 192.168.1.0-10
- Fast mp-scan 0.04-testing ...
- Total ip: 11
- 11/11 91% 192.168.1.10
- Generated 11 ip in 0.199 seconds
- Ip range parsed... 11 ip found
- Scan on 25 started...
- 0:192.168.1.0 -> Network is unreachable
- 3:192.168.1.3 -> Connection refused
- 2:192.168.1.2 -> Connection refused
- 1: 192.168.1.1 -> 220 zeus.olimpo.hm ESMTP Postfix (Debian/GNU)
- 6:192.168.1.6 -> No route to host
- 5:192.168.1.5 -> connected but no data retrived within 7 sec
- 4:192.168.1.4 -> No route to host
- 8:192.168.1.8 -> connect timeout after 15
- 7:192.168.1.7 -> No route to host
- 9:192.168.1.9 -> No route to host
- 10:192.168.1.10 -> No route to host
- Waiting for child dead...
- Scanned 10 ip in 3.14821 seconds
- Scan ended... enjoy the result
Enhancements:
- added T and I option,
- added changelog,
- added debian rules,
- added man page,
- Makefile created.

Viralator is a Perl script that virus scans HTTP/FTP downloads request on a UNIX server after passing through the Squid proxy server.
Even when I implemented virus protection for my network email server we still continued to get the odd virus. Most of the viruses came from people using free webmail accounts like Hotmail or Yahoo and downloading the infected attachments to their machines or through downloading junk.
Rather than block access to the users I decided to look at how we could better protect the network. I looked at a couple of different products both comercial and free but they were either too expensive or did not meet my needs.
That is how Viralator was born. Viralator Proxy Virus Scanner is licenced under the GPL.
Viralator should work in any UNIX system that uses Apache and Squid servers. We have reports about successful instalations on:
- RedHat Linux
- Mandrake Linux
- SuSe Linux
- e-Smith Linux
- Slackware Linux
- Conectiva Linux
- Debian Gnu Linux
Supported Redirectors:
- Squirm
- SquidGuard
- Jesred
Supported Virus Scanners
- AntiVir
- AVP
- RAV
- Inoculate
- Sophos Sweep
- McAfee
- Trend
- Clamav
- Bit Defender (free edition)
The original concept for Viralator came from the Viromat project. Without Viromat the Viralator project would not have had a starting point. We can also thank Ralph Meyer for badgering me into releasing the script under the GPL.
Enhancements:
- Parenthesis are included on the regular expression used to validate URLs.
- The character set checking step, which was not working before last patch released, has been fixed.

Panda Antivirus for Linux is an antivirus for Linux servers and desktops. The project is an antivirus designed to be managed from the command line or console. To do this, an executable called PAVCL will be used.

The aim of Panda Antivirus for Linux is to scan and disinfect Windows and DOS workstations connected to a Linux server, as well as the Linux server itself.

Panda Antivirus for Linux scans files using both string searches and heuristic methods. The target files of the antivirus are Word documents, Java Applets, ActiveX controls and compressed files (ZIP, RAR, etc.).

At the moment, it does not scan the boot sector or the partitions table.

Panda Antivirus for Linux is a freeware version: Panda Software does not offer technical support for this software.

Nmap::Scanner is a Perl module to perform and manipulate nmap scans using perl.

SYNOPSIS

Perl extension for performing nmap (www.insecure.org/nmap) scans.

use Nmap::Scanner;

# Batch scan method

my $scanner = new Nmap::Scanner;
$scanner->tcp_syn_scan();
$scanner->add_scan_port(1-1024);
$scanner->add_scan_port(8080);
$scanner->guess_os();
$scanner->max_rtt_timeout(200);
$scanner->add_target(some.host.out.there.com.org);

# $results is an instance of Nmap::Scanner::Backend::Results
my $results = $scanner->scan();

# Print the results out as an well-formatted XML document
print $results->as_xml();

# Event scan method using *new* easier way to set scan options.

my $scanner = new Nmap::Scanner;
$scanner->register_scan_started_event(&scan_started);
$scanner->register_port_found_event(&port_found);
$scanner->scan(-sS -p 1-1024 -O --max-rtt-timeout 200 somehost.org.net.it);

sub scan_started {
my $self = shift;
my $host = shift;

my $hostname = $host->name();
my $addresses = join(,, map {$_->address()} $host->addresses());
my $status = $host->status();

print "$hostname ($addresses) is $statusn";
}

sub port_found {
my $self = shift;
my $host = shift;
my $port = shift;

my $name = $host->name();
my $addresses = join(,, map {$_->addr()} $host->addresses());

print "On host $name ($addresses), found ",
$port->state()," port ",
join(/,$port->protocol(),$port->portid()),"n";

}

This set of modules provides perl class wrappers for the network mapper (nmap) scanning tool (see http://www.insecure.org/nmap/). Using these modules, a developer, network administrator, or other techie can create perl routines or classes which can be used to automate and integrate nmap scans elegantly into new and existing perl scripts.

If you dont have nmap installed, you will need to download it BEFORE you can use these modules. Get it from http://www.insecure.org/nmap/. You will need nmap 3.10+ installed to use all the features of this module.