Damon wrote: >>> In my clamd.conf I've got the entry below, did I screw something >>> >> up? >> >>> # Don't scan files and directories matching regex >>> # This directive can be used multiple times >>> # Default: scan all >>> ExcludePath ^/proc/ >>> ExcludePath ^/sys/ >>> ExcludePath ^/dev/ >>> >> clamscan doesn't use clamd.conf at all. For clamscan you need to >> use the >> command line options --exclude/--exclude-dir >> > > Yikes! How did I miss that? I read a lot of docs but I missed something. > Looking back through Clamdoc.pdf > http://www.clamav.net/doc/latest/clamdoc.pdf > > It looks like I could have used clamdscan and that would have used all > the settings I specified in clam.conf plus some extra directives, but > the more I read the less sure of the best method. > > If my goal is to: > > Scan entire server (except the exclude directories) using the latest > updates from freshclam and SafeBrowsing. > Save a report listing any infected or suspicious files to > /var/log/clamav/scanlog.log > The report needs to include the full path of any files so I can > investigate. > The server is a 64bit two processor with 2gb of ram so anything to > optimize the speed of the scan would help. > > What is my best command? Any help would be appreciated. >
Doesn't really matter. The advantage of clamd is that it only loads the database once and then you can query it with clamdscan whenever you want to check something. However, if you are just doing a massive scan of the entire drive, you are only calling clamscan once so there is no difference. I would suggest you use clamscan, just for the simplicity of the setup. No daemon needed. No config file needed. -- Bowie _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
