Have your own Streaming Mp3 Server – edna

Edna – allows you to access your MP3 collection from any networked computer. This software streams your MP3s via HTTP to any MP3 player that supports playing off a remote connection (e.g. Winamp, FreeAmp, Sonique, XMMS).

While any silly web server can do this (serve up MP3s), there are two cool features about edna:

• The pages are dynamically constructed, adjusting to directory structure and the files in those directories. This is much nicer than using simple directory indexing. While the dynamic file list could be done with various CGI or PHP-like tools, the dynamic directories would be a lot harder.
• This is the coolest part… Rather than directly serving up an MP3, the software serves up a playlist. This gets passed to your player (e.g. WinAmp) which turns around with an HTTP request to stream the MP3. I must give credit to Geoff for this one 🙂

Installation Guide :

Please make sure you have Python installed in your server, I had python-2.3.

1. Create a directory in /home :

mkdir /home/mp3

2. Go to the Directory

wget http://edna.sourceforge.net/edna-0.5.tar.gz

3. Extract the downloaded file

tar -zxvf edna-0.5.tar.gz

4. Go into the fresh directory and edit the edna.conf

#
# edna.conf -- configuration file for edna.py
#

[server]
port = your.port.here

### DOCCO
# ### change these if the defaults don't work...
# template-dir = templates
# template = default.ezt

# If you want id3 tags, use default_complex.ezt
#  template = default_complex.ezt
# Enable costly file information if needed (default disabled)
#  fileinfo=1

### DOCCO
# binding-hostname = dummy-host.example.com
# binding-hostname = 123.123.123.123


# log can specify "-" for stdout, or a file name. omitting this line
# produces no log.
log = /var/log/edna.log

acl]
### DOCCO
#allow = host1, host2, host3/24, 123.123.123.123, 2.2.2.2/11
#auth = aUser1:aPass1, aUser2:aPass2

#Require password for directories < level ..
# Work around for buggy players that can't send authentication information
# 0  Only check '/'
# 1  Check all levels (default)
# auth_level=0

[sources]
#
# List each source directory (top of the tree). The lines should be of the
# form:
#   dirNNN = DIRECTORY = DISPLAY_NAME
#
# WARNING: the DISPLAY-NAME part may *not* have a slash ("/") in it!
# WARNING: each DIRECTORY must exist when edna is started
#
# The NNN part will determine the sort order in the top-level listing.
#

# Windows example:
#dir1 = f:\mp3\transfer = MP3s
#dir2 = f:\bobsmp3  = Bob
#dir3 = g:\MP3's = Bob CD

# Unix example:
#dir1 = /mnt/cdrom = MP3 CDROM
dir1 = /home/mp3/albums = Jukebox

[extra]
# Extra options
#
# You don't need to change this, but maybe you need more
output or want to enable some special features

# Set this to 1 to get more output
debug_level = 0

# Mark all files as new if they are newer than days_new

days_new = 30




5. Create your jukebox dir

mkdir /home/mp3/albums

6. Change back to main /home dir and issue the command

chown -R apache:apache /home/mp3

7. Edit the /etc/rc.local file
vi /etc/rc.local

8. Add

# Starting Edna Jukebox Server
echo "Starting Edna Jukebox Server"
cd /home/mp3/edna ; sudo -u apache python edna.py &

9. Start your server

cd /home/mp3/edna ; sudo – u apache python edna.py &

10. Create dir/s under /home/mp3/albums

Eg. English, Hindi, Tamil etc …

anc copy all your songs accordingly

11. Access your songs from browser :

http://localhost:8080

8080 is the default port you can change the port to some other in edna.conf

Some points :

Edna is a simple python script

It does not use apache server at all.

Please make sure you do not run it as root, you can use any other normal user to run this.

Samba Tips

Its been a long time since I have used samba the fie sharing for Linux on Windows.

smbtree — find windows machines. See also findsmb

nmblookup -A 1.2.3.4 — find the windows (netbios) name associated with ip address.

smbclient -L windows_box — list shares on windows machine or samba server.

mount -t smbfs -o fmask=666,guest //windows_box/share /mnt/share —

The above command mounts a windows share.

echo ‘message’ | smbclient -M windows_box

Send popup to windows machine (off by default in XP sp2)

networking (Note ifconfig, route, mii-tool, nslookup commands are obsolete

netstat -tupl — list internet services on a system

netstat -tup — list active connections to/from system

ip link show — list interfaces

ethtool interface — list interface status

ip link set dev eth0 name wan — ip link set dev eth0 name wan

ip addr add 1.2.3.4/24 brd + dev eth0 — add ip and mask(255.255.255.0)

ip link set dev interface up — bring interface up (or down)

host pixelbeat.org — lookup ip address for name or vice versa

hostname -i — lookup local ip address (equivalent to host `hostname`)

How to – Rsync

Rsync :

1) rsync -P rsync://rsync.server.com/path/to/file file

Only get diffs. Do multiple times for troublesome downloads

2) rsync –bwlimit=1000 fromfile tofile

Locally copy with rate limit. It’s like nice for I/O.

3) rsync -az -e ssh –delete ~/public_html/ remote.com:’~/public_html’

Mirror web site (using compression and encryption)

4) rsync -auz -e ssh remote:/dir/ . && rsync -auz -e ssh . remote:/dir/

Synchronize current directory with remote one

Customer Relationship Management

Customer Relationship Management (CRM) software facilitates, captures, and analyzes the varied relationships between a business and its customers. Used as part of an overall business and sales strategy, CRM can boost efficiency, yield more intelligence, shore up weaknesses, and improve what you already do best.

Let’s look at what CRM software can do and investigate a compelling open source solution that suits any budget.

A complete CRM package is likely to include:

Sales force automation to manage prospects, automate workflow, manage accounts, and keep track of events.

Marketing automation to manage ad campaigns, transmit email newsletters, and manage and measure lead conversions.

Information management to control revisions of documentation and to distribute corporate and product literature.

Contract management to securely manage existing contracts, help generate and record new contracts, and alert sales staff when contracts are up for renewal.

Reporting to provide business intelligence, insight, and ad-hoc feedback.

Customer service and support to manage support requests and distribute customer satisfaction surveys and rewards.

Moreover, an effective CRM solution weaves all of these components together. For example, CRM software should index product documentation and make it available to sales to answer a prospect’s questions.

The larger commercial CRM vendors include SAP, Peoplesoft, and Oracle. Recently, Microsoft Business Solutions has also jumped into the CRM fray. Of course, all of these proprietary solutions require good amounts of capital for software licenses and perhaps gobs of hardware.

Another option is to use a third-party, hosted solution, such as SalesForce.com, that charges you a per-user fee for online access to CRM tools. While third-party hosting is perhaps the easiest way to deploy a CRM solution, you might find the thought of hosting core business intelligence on machines outside of your control appalling.

If you want to self-host, yet another alternative is open source software.

One such project is SugarCRM, available at http://www.sugarcrm.com.

SugarCRM runs on PHP, Apache, and MySQL, and is made available under its own license, the SugarCRM Public License (SPL). Under the terms of the SPL, itself a variation of the Mozilla Public License Version 1.1, you can run SugarCRM for your business, make changes, and fix bugs, but cannot sell any core SugarCRM code or any derived works.

Now lets see how to go about implementing this :

Download SUGARCRM from
http://www.sugarcrm.com/crm/download/sugar-suite.html

I downloaded : SugarCRM 4.0 Latest Stable Full (5.93 MB)

Before Installing What you need ?

The host I ran had :

Kernel – 2.4.22-21mdk-i686-up-4GB

Apache – Apache-AdvancedExtranetServer/2.0.47

PHP – 5.0.4

MySQL – 4.0.15

OpenSSL – OpenSSL 0.9.7b

Step 1

Create a directory opencrm in /var/www/html (My Document root)

cd /var/www/html/sugarcrm/SugarSuite-Full-4.0.0

[root@mybox SugarSuite-Full-4.0.0]# mv * ../

[root@mybox sugarcrm]# chmod 706 config.php/

[root@mybox sugarcrm]# chmod 777 cache/

Step 2

Next create a Mysql user for sugarcrm thats able to SELECT,INSERT,UPDATE, DELETE, CREATE and DROP. For example:

mysql> create database sugarcrm;
Query OK, 1 row affected (0.12 sec)

mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON sugarcrm.* TO sugarcrm@localhost IDENTIFIED BY “sugarcrm”;
Query OK, 0 rows affected (1.22 sec)

Here I create a database name,user and password as sugarcrm

Step 3

Next, open up your favorite web browser and go to the address

http://localhost/sugarcrm

You will see
____________

Welcome to the SugarCRM 4.0.0
Setup Wizard

This installer creates the SugarCRM database tables and sets the configuration variables that you need to start. The entire process should take about ten minutes.

Click Start, and verify that the system is ready to be installed

Step 1: License Acceptance

Select – I Accept >> Next

Step 2: System Check Acceptance

In order for your SugarCRM installation to function properly, please ensure all
of the system check items listed below are green. If any are red, please take the necessary steps to fix them.

Component Status

PHP version OK (ver 4.3.3)
MySQL Database OK
XML Parsing OK
cURL Library Not found: scheduler will not be functional
Writable SugarCRM Configuration File (config.php) OK
Writable Custom Directory OK
Writable Modules Sub-Directories and Files OK
Writable Data Sub-Directories OK
Writable Cache Sub-Directories OK
Writable Session Save Path (/tmp) OK
PHP Safe Mode Turned Off OK
PHP Allow Call Time Pass Reference Turned On OK
PHP Register Long Arrays On OK
PHP Memory Limit >= 10M OK (100M)

Note: Your php configuration file (php.ini) is located at:
/etc/php.ini

I got the above details in step 2

I did >>> Next

Step 3: Database Configuration

Please enter your database configuration information below. If you are unsure of what to fill in, we suggest that you use the default values.

Database Configuration

Host Name localhost

Database Name sugarcrm

User Name for SugarCRM sugarcrm

Password for SugarCRM sugarcrm

I have unticked Create database and Create user

Populate database with demo data? was unticked

Database account above is a privileged user? was ticked

Step 4: Site Configuration

Please enter your site configuration information below. If you are unsure of the fields, we suggest that you use the default values.

Site Configuration

URL http://mybox.sriram.com/sugarcrm

SugarCRM admin password admin

Caution: This will override admin password of previous veriosn

Re-type SugarCRM admin password admin

Sugar Updates Config

Enable Sugar updates?
When this is enabled your system will periodically send SugarCRM Inc. anonymous
statistics about your installation that will help us understand usage patterns and improve the product. In return for this information, administrators will receive update notices when new versions or updates are available.

The above was ticked

Advanced Site Security

Use defaults? was Ticked

Step 5: Confirm Settings

Please confirm the settings below. If you would like to change any of the values, click “Back” to edit. Otherwise, click “Next” to start the installation

Database Settings

Host Name localhost
Database Name sugarcrm (will not be created)
User Name for SugarCRM sugarcrm (will not be created)
Drop and recreate existing SugarCRM tables? No
Populate database with demo data? No
Priveleged Database User Name sugarcrm

Site Configuration

URL http://mybox.sriram.com/sugarcrm

Enable Sugar Updates

Sugar updates enabled? Yes

Advanced Site Security

Use a Custom Session Directory for SugarCRM? No
Use a Custom Log Directory for SugrCRM? No
Own Application ID Provided? No

Step 6: Perform Setup

In the bottom it should show you

The setup of SugarCRM 4.0.0 is now complete.
Total time: 5.029501 seconds.
Approximate memory used: 9185048 bytes.

Your system is now installed and configured for use. You will need to log in for the first time using the “admin” user name and the password you entered during
setup.

Step 7: Registration

You can bypass this click finish

After you have completed the installation, Delete or move install directory to offline location such as /tmp

mv /usr/local/apache/htdocs/sugarCRM/install /tmp/

Then make sure configuration file cannot be edited by anyone

#chmod 755 /usr/local/apache/htdocs/SugarCRM/config.php

the above can be performed by root to do the trick.

Transparent Proxying with Squid

Taming the Squid

You’ll need to make sure you have IP forwarding enabled.

$ cat /proc/sys/net/ipv4/ip_forward

If that command returns 0, you can enable IP forwarding by putting net.ipv4.ip_forward=1 in your /etc/sysctl.conf. And since that won’t
take effect until you reboot, you can temporarily enable the
feature by running:

# echo 1 > /proc/sys/net/ipv4/ip_forward

After downloading and possibly patching the code, you can build
Squid. Squid has a wide variety of build options, and you should
research all of them carefully, since many can greatly impact
both security and performance. The options shown here are the
minimum for building Squid as a transparent proxy using WCCP.

To compile Squid, run:

$ ./configure ––enable-linux-netfilter ––enable-wccp && make

Next, run make install as root.

With Squid installed, you can configure it to suit your needs.
Edit the squid.conf file, which is located in /usr/local/squid/etc/ by default.

(The squid.conf file is heavily commented and contains a ton of
useful information. Read the entire file when you have time.)

For transparent proxying to work, ensure that the following lines are present:

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

Minimally, you’ll also need to adjust the http_access directives to
allow traffic from your IP addresses. Depending on your distribution,
you may also need to create a Linux user and group based on your cache_effective_user and cache_effective_group directives.

Once you’re happy with your configuration, run squid –z to initialize
the cache directories. Then start Squid by running the included
RunCache script. By default, Squid runs on port 3128. If you’ve
changed that default, remember which port you’ve chosen,
as you’ll need that information in the next step.

Playing Traffic Cop

With Squid up and running, you now need to redirect traffic destined
for port 80 to Squid running on port 3128. (While you can configure
squid to run on port 80, this can cause problems, including endless
loops when Squid tries to contact itself.) Use an iptables rule to
redirect traffic.

To setup the rule, you’ll need to know which interface the requests
to be proxied will be coming in on (for example eth0) and the
port number for Squid on. Once you have this information,
run the following command:

# iptables –t nat –A PREROUTING –i eth0 –p tcp ––dport 80 –j
REDIRECT ––to-port 3128

Of course, you’ll also need to add this command to the appropriate
init script so that the rule is recreated on subsequent reboots.

To make https proxied( it is not actually because we can’t proxied encrypted packets but they are just forwarded), the command is as below :

#iptables -t nat -I PREROUTING -s 192.168.0.0/24 -p tcp –dport 443
-j REDIRECT –to-port 3128

You can also do the same for ftp (port 21).

There’s one more way to handle https connection. Instead of going through squid, you can also NAT it. Drop the above https command and use this :

#iptables -t nat -I POSTROUTING -s 192.168.0.0/24 -p tcp –dport 443
-j SNAT –to 111.222.333.444

Where 111.222.333.444 is your proxy server public IP address.

It is up to you which way you want to use, there’s no noticeable difference in
terms of performance.

Build your own Internal Knowledge Base

Imagine you have different sections of people working for you who must have volumes of information, best practices field notes with them. These can be shared among office colleagues among different sections of people all with security.

Lets explore Knowledge Tree Document Management System

KT is written in PHP and made available under the GNU General Public License. Development on KT is ongoing. The latest version 2.02 (dated April 12, 2005) is available on SourceForge at http://kt-dms.sourceforge.net/

Getting Started with KT

KT is an impressive repository system which provides web-based browsing/publishing, a version control system, subscription-based change notification, auto-archiving, document-level discussion forums, full-text search of common file formats and metadata, and internationalization of front-end web interface.

What’s more impressive is its authentication integration with such LDAP servers as OpenLDAP, Sun ONE Directory Server, and the ubiquitous Active Directory. KT also provides access control via group, role or business unit rules, as well as audit trails for change control auditing.

Requirements for KT

Apache 1.3 or greater
PHP 4.3 or greater
MySQL 4.0 or greater with INNODB support.

It is highly recommended that you install SSL capabilities into Apache. The sample installation was running Linux kernel 2.4.20-8, Apache 1.3.28, PHP 4.3.4, Mod_SSL 2.8.15-1.3.28 supported by OpenSSL 0.9.7e, and MySQL 4.0.14-standard.

Installing and Configuring KT

Step 1

Download knowledgeTree-3.0b3.tgz from — http://kt-dms.sourceforge.net/

Step 2

Unzip in your document root mine was /var/www/html/

I created a directory kb in my DocRoot /var/www/html/kb

Unzip and it will give a directory knowledgeTree.

now do,

#cd knowledgeTree
# mv * .. /

This move all required files to /var/www/html/kb

The idea is to have http://localhost/kb rather knowledgeTree.

Step 3

Create a database dms

mysqladmin create dms -uroot -p

Input the password this will create a database name dms

Step 4

Populate database

– Create and populate the tables:
#cd /var/www/html/kb
# mysql -p dms
# mysql -p dms

– Create the database users
$ mysql -p dms Check the post-installation checklist:

Go to your knowledgeTree installation is at http://localhost/kb, go to:

http://localhost/kb/setup

And click on “Post-installation checkup”.

This allows you to check that your KnowledgeTree configuration is set up correctly. You can run this at any time after configuration to check that things are still set up correctly.

* Login:

http://mybox.sriram.com/kb/

– default user is “admin” with password “admin”

Troubleshooting

Please read the INSTALL.txt located in docs folder as they may have different instructions for different version.

Refer to the Frequently Asked Questions list on the KnowledgeTree Wiki
at http://support.ktdms.com/confluence/

Ask on the KnowledgeTree forums on http://forum.ktdms.com/

Upgrading
———

Refer to docs/UPGRADE.txt

Command Tips

Creating a list of users :

Create a list of users in a password-like file and run the command

[sriram@mybox sriram] newusers filename

Disable a User account :

passwd -l username

To enabe a User Account :

passwd -u username

Cron tricks

  Instead of the first five fields, one of eight special strings may
appear:

  string         meaning
  ------         -------
  @reboot        Run once, at startup.
  @yearly        Run once a year, "0 0 1 1 *".
  @annually      (same as @yearly)
  @monthly       Run once a month, "0 0 1 * *".
  @weekly        Run once a week, "0 0 * * 0".
  @daily         Run once a day, "0 0 * * *".
  @midnight      (same as @daily)
  @hourly        Run once an hour, "0 * * * *".

Hmm. @reboot. Isn’t that handy. There’s an easy way to give users the ability to run something at boot time without root access.

Modes made easy

chmod g+w adds group write without changing other permission.
chmod o-a removes all permissions for others.
chmod u=rw gives read/write file permission to the owner.

Killing Process :

Suppose you want to kill galeon

do a ps -auxwww |grep

and now kill path to the program

For Eg :
[root@mybox sriram]# killall /usr/bin/galeon-bin – This will kill galeon.

Expire Passwords :
[sriram@mybox sriram]passwd -x 30 sriram

Forces sriram to change his password after 30 days.

Directories made easy :
If you want to create multiple directories in /home/sriram

Say a, b, and c.

[sriram@mybox sriram]mkdir -p /home/sriram/a/b/c

To See which all group a user belongs
[sriram@mybox sriram] id -Gn <— This has effectively replaced groups and whoami To

See machine architecture

[sriram@mybox sriram] arch

i686

Setting up Time Zone

If you want to know the proper name of your current time zone, run the interactive command tzselect. Follow the prompts and use the output in your shell login file.

[root@mybox downloads]# tzselect
Please identify a location so that time zone rules can be set correctly.
Please select a continent or ocean.
1) Africa
2) Americas
3) Antarctica
4) Arctic Ocean
5) Asia
6) Atlantic Ocean
7) Australia
8) Europe
9) Indian Ocean
10) Pacific Ocean
11) none – I want to specify the time zone using the Posix TZ format.
#? 5
Please select a country.
1) Afghanistan 18) Israel 35) Palestine
2) Armenia 19) Japan 36) Philippines
3) Azerbaijan 20) Jordan 37) Qatar
4) Bahrain 21) Kazakhstan 38) Russia
5) Bangladesh 22) Korea (North) 39) Saudi Arabia
6) Bhutan 23) Korea (South) 40) Singapore
7) Brunei 24) Kuwait 41) Sri Lanka
8) Cambodia 25) Kyrgyzstan 42) Syria
9) China 26) Laos 43) Taiwan
10) Cyprus 27) Lebanon 44) Tajikistan
11) East Timor 28) Macau 45) Thailand
12) Georgia 29) Malaysia 46) Turkmenistan
13) Hong Kong 30) Mongolia 47) United Arab Emirates
14) India 31) Myanmar (Burma) 48) Uzbekistan
15) Indonesia 32) Nepal 49) Vietnam
16) Iran 33) Oman 50) Yemen
17) Iraq 34) Pakistan
#? 14

The following information has been given:

India

Therefore TZ=’Asia/Calcutta’ will be used.
Local time is now: Sun Dec 25 23:42:29 IST 2005.
Universal Time is now: Sun Dec 25 18:12:29 UTC 2005.
Is the above information OK?
1) Yes
2) No
#? 1

You can make this change permanent for yourself by appending the line
TZ=’Asia/Calcutta’; export TZ
to the file ‘.profile’ in your home directory; then log out and log in again.

Here is that TZ value again, this time on standard output so that you
can use the /usr/bin/tzselect command in shell scripts:
Asia/Calcutta
[root@mybox downloads]# TZ=’Asia/Calcutta’;
[root@mybox downloads]# export TZ
[root@mybox downloads]# date
Sun Dec 25 23:42:54 IST 2005
[root@mybox downloads]#

ClamAV: Antivirus for linux

There are only two Linux viruses and neither has been found alive in the wild. On the other hand, there are eighteen bazillion infectious viruses on Windows and that number grows steadily every day, that doesn’t mean you shouldn’t ignore anti-virus software.

unlike some popular commercial anti-virus products for Windows, the Linux equivalents aren’t CPU and memory hogs.One of the best free (as in speech and beer) Linux anti-virus packages is ClamAV. Installing ClamAV is really simple. Most distributions have binaries available, or if you’re distro supports apt-get

just type:

# apt-get install clamav

I have a Mandrake and for installation all i did was :

[root@mybox rkhunter]# urpmi clamav
To satisfy dependencies, the following packages are going to be installed (2 MB):
clamav-0.61-0.20030829.1mdk.i586
clamav-db-0.61-0.20030829.1mdk.i586
libclamav1-0.61-0.20030829.1mdk.i586
Is this OK? (Y/n) y
medium “contrib” uses an invalid list file:
mirror is probably not up-to-date, trying to use alternate method

ftp://ftp.is.co.za/mirror/mandrivalinux/official/9.2/contrib/i586/./clamav-0.61-0.20030829.1mdk.i586.rpm
ftp://ftp.is.co.za/mirror/mandrivalinux/official/9.2/contrib/i586/./clamav-db-0.61-0.20030829.1mdk.i586.rpm
ftp://ftp.is.co.za/mirror/mandrivalinux/official/9.2/contrib/i586/./libclamav1-0.61-0.20030829.1mdk.i586.rpm
The following packages have bad signatures:
/var/cache/urpmi/rpms/clamav-0.61-0.20030829.1mdk.i586.rpm: Invalid signature ((SHA1) DSA sha1 md5 (GPG) (MISSING KEY) GPG#604aa4e4 NOT OK)
/var/cache/urpmi/rpms/clamav-db-0.61-0.20030829.1mdk.i586.rpm: Invalid signature ((SHA1) DSA sha1 md5 (GPG) (MISSING KEY) GPG#604aa4e4 NOT OK)
/var/cache/urpmi/rpms/libclamav1-0.61-0.20030829.1mdk.i586.rpm: Invalid signature ((SHA1) DSA sha1 md5 (GPG) (MISSING KEY) GPG#604aa4e4 NOT OK)
Do you want to continue installation ? (y/N) y
installing /var/cache/urpmi/rpms/clamav-0.61-0.20030829.1mdk.i586.rpm /var/cache/urpmi/rpms/libclamav1-0.61-0.20030829.1mdk.i586.rpm /var/cache/urpmi/rpms/clamav-db-0.61-0.20030829.1mdk.i586.rpm
Preparing… ##################################################
1:libclamav1 ##################################################
2:clamav-db ##################################################
3:clamav ##################################################

Thats it

If you’re lucky enough to use a Debian-based distro, ClamAV sets itself up. If you’re using another distro, you may have to create a new user named clamav, change a few permissions, and set up a few cron jobs. For detailed instructions, see the Clam AntiVirus User Manual at http://www.clamav.net/doc/latest/html/.

No one wants to have to think about anti-virus software once it’s installed. Any good anti-virus package should automatically update itself with new virus definitions, the more often the better. In addition, the anti-virus software should perform a full system scan at a regularly scheduled interval. Finally, integration with email software is vital: the best place to intercept new viruses is at this common point of entry.

ClamAV can handle all of these tasks. ClamAV runs freshclam to check for updates. By default, Debian systems run freshclam runs hourly. If you want to change that number, simply edit the Checks line in /etc/clamav/freshclam.conf.

To check your system, ClamAV uses clamscan. There are a wealth of options available for clamscan; to see them, use man clamscan. A quick and dirty way to scan your home directory is to use clamscan as follows:

[root@mybox rkhunter]# clamscan -ri --move=/tmp/virus /home/sriram/

----------- SCAN SUMMARY -----------
Known viruses: 9586
Scanned directories: 6
Scanned files: 18
Infected files: 0
Data scanned: 0.14 MB
I/O buffer size: 131072 bytes
Time: 0.857 sec (0 m 0 s)

[root@mybox rkhunter]#

The –r option tells ClamAV to recursively scan your directory and every other directory and file in it, while –i makes things a bit quieter, telling ClamAV to only print the names of infected files it finds. If a virus is found in a file, ClamAV moves the file to /tmp/virus/, but that directory must already exist before clamscan starts working. Set up a cron job to create /tmp/virus/ and run clamscan and you have an automated way to keep your system clean and healthy.

Many Linux email clients already support ClamAV directly, including KMail (which allows you to pick the anti-virus program of your choice) and Sylpheed Claws. Others, such as Evolution, require you to manually create filters that pipe email through ClamAV. (C’mon, Evolution (and others)! Let us specify ClamAV or other anti-virus programs directly!)

There are windowed interfaces for ClamAV, if you really want them (check out the enormous list at http://www.clamav.net/3rdparty.html). There are also lots of other programs and libraries that interface with ClamAV, including php-clamav (which allows ClamAV to work with PHP), python-clamav (ditto, but for Python), and clamav-milter (which scans messages processed by sendmail).

If you want to protect your Linux server or desktop from viruses, give ClamAV a look. It’s a powerful, well-supported open source project, and it just keeps getting better and better.