Qubes OS 3.2 - clamav in untrusted and/or vault domain
Qubes 3.2 is great if you need to handle malicious files. Just create yourself a quarantine vm that has no network access and you're good to go - you could of course use a disposable VM, but that is a topic for another post. There is also a pre-installed (if you have chosen so during setup) "vault vm" that is already configured for this purpose.
To get clamav onto these vms I opened a terminal on the "fedora-23 template vm" and installed clam:
The two config files will tell you what to do when you edit them, so just follow the instructions.
Using freshclam on the template vm does not work, unless you allow it to access the internet for a while (in the vm settings, firewall tab). But since I'll only really need it in my quarantine vm I just started a terminal in the "quarantine vm" and did a "sudo freshclam" there.
To start scanning my home folder.
To get clamav onto these vms I opened a terminal on the "fedora-23 template vm" and installed clam:
sudo dnf -y install clamav clamav-update
sudo vim /etc/freshclam.conf
sudo vim /etc/sysconfig/freshclam
The two config files will tell you what to do when you edit them, so just follow the instructions.
Using freshclam on the template vm does not work, unless you allow it to access the internet for a while (in the vm settings, firewall tab). But since I'll only really need it in my quarantine vm I just started a terminal in the "quarantine vm" and did a "sudo freshclam" there.
clamscan --infected --recursive /home/user
To start scanning my home folder.
Comments