It is very easy to scan for infected files on Linux with a virus scanner, this is done using the clamav scanner. This is an easy way to scan files before putting them on a Windows server.
Install this very easily on a Fedora machine.
[root@localhost qemu-img-win-x64-2_3_0]# dnf in clamavThen, update all of the virus definitions. Use the freshclam command as root to perform the update.
(jcartwright@localhost) 192.168.1.5 qemu-img-win-x64-2_3_0 $ su
Password:
[root@localhost qemu-img-win-x64-2_3_0]# freshclam
ClamAV update process started at Mon Nov 27 10:05:54 2023
daily.cld database is up-to-date (version: 27105, sigs: 2047822, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)Once this is all done, you may use the virus scanner to scan files for any malicious code.
(jcartwright@localhost) 192.168.1.5 qemu-img-win-x64-2_3_0 $ clamscan
Loading: 10s, ETA: 0s [========================>] 8.68M/8.68M sigs
Compiling: 2s, ETA: 0s [========================>] 41/41 tasks
/home/jcartwright/Downloads/qemu-img-win-x64-2_3_0/libgcc_s_sjlj-1.dll: OK
/home/jcartwright/Downloads/qemu-img-win-x64-2_3_0/libglib-2.0-0.dll: OK
/home/jcartwright/Downloads/qemu-img-win-x64-2_3_0/libgthread-2.0-0.dll: OK
/home/jcartwright/Downloads/qemu-img-win-x64-2_3_0/libiconv-2.dll: OK
/home/jcartwright/Downloads/qemu-img-win-x64-2_3_0/libintl-8.dll: OK
/home/jcartwright/Downloads/qemu-img-win-x64-2_3_0/libssp-0.dll: OK
/home/jcartwright/Downloads/qemu-img-win-x64-2_3_0/qemu-img.exe: OK
----------- SCAN SUMMARY -----------
Known viruses: 8679700
Engine version: 1.0.4
Scanned directories: 1
Scanned files: 7
Infected files: 0
Data scanned: 10.44 MB
Data read: 9.84 MB (ratio 1.06:1)
Time: 16.824 sec (0 m 16 s)
Start Date: 2023:11:27 09:57:13
End Date: 2023:11:27 09:57:30I downloaded a sample virus program and this was detected when I scanned the folder.
(jcartwright@localhost) 192.168.1.5 Sample $ clamscan
Loading: 11s, ETA: 0s [========================>] 8.68M/8.68M sigs
Compiling: 2s, ETA: 0s [========================>] 41/41 tasks
/home/jcartwright/Documents/Sample/eicar.com: Win.Test.EICAR_HDB-1 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 8679700
Engine version: 1.0.4
Scanned directories: 1
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 13.898 sec (0 m 13 s)
Start Date: 2023:11:27 10:45:59
End Date: 2023:11:27 10:46:13This does work very well. If you are on Ubuntu, Windows Defender may be installed and used via the command line. This would be very good for scanning files before putting them on a Windows machine.
I am installing Windows Defender on Alma Linux 9.
[root@localhost Sample]# yum-config-manager --add-repo=https://packages.microsoft.com/config/fedora/34/prod.repo
bash: yum-config-manager: command not found...
Install package 'yum-utils' to provide command 'yum-config-manager'? [N/y] y
* Waiting in queue...
* Loading list of packages....
The following packages have to be installed:
yum-utils-4.3.0-11.el9_3.noarch Yum-utils CLI compatibility layer
Proceed with changes? [N/y] y
* Waiting in queue...
* Waiting for authentication...
* Waiting in queue...
* Downloading packages...
* Requesting data...
* Testing changes...
* Installing packages...
Adding repo from: https://packages.microsoft.com/config/fedora/34/prod.repoThen I added the GPG key.
[root@localhost Sample]# rpm --import https://packages.microsoft.com/keys/microsoft.ascAfter all of this, I could install Windows Defender on Alma Linux 9.
[root@localhost Sample]# yum install mdatp
packages-microsoft-com-prod 150 kB/s | 958 kB 00:06
Last metadata expiration check: 0:00:01 ago on Mon Nov 27 10:54:06 2023.
Dependencies resolved.
========================================================================================================================================================================================
Package Architecture Version Repository Size
========================================================================================================================================================================================
Installing:
mdatp x86_64 101.23092.0012-1 packages-microsoft-com-prod 127 M
Installing dependencies:
libnetfilter_queue x86_64 1.0.5-1.el9 appstream 28 k
mde-netfilter x86_64 100.69.62-1 packages-microsoft-com-prod 35 k
Transaction Summary
========================================================================================================================================================================================
Install 3 Packages
Total download size: 127 M
Installed size: 412 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): libnetfilter_queue-1.0.5-1.el9.x86_64.rpm 63 kB/s | 28 kB 00:00
(2/3): mde-netfilter_100.69.62.x86_64.rpm 13 kB/s | 35 kB 00:02
(3/3): mdatp-101.23092.0012-1.x86_64.rpmAnd then it was working right away.
(jcartwright@localhost) 192.168.1.5 Sample $ mdatp
▂▟████▙▂
▟██████████████▙
████████████████
▜██████████████▛ Microsoft Defender
▜████████████▛
▀██████████▀
▀▀████▀▀
ATTENTION: No license found. Contact your administrator for help.
Expected one of:
config Manage product configuration
connectivity Troubleshoot cloud connectivity
definitions Manage security intelligence updates
diagnostic Troubleshoot product issues and collect diagnostics
edr Manage Endpoint Detection & Response (EDR) configuration
exclusion Manage antivirus exclusions
health Display product health information
help Display all available options for this tool
log Manage product logging
notice Display the Third-Party Notice
scan Scan for malicious software
network-protection Manage network protection
threat Manage threats and configure threat handling policies
version Display the product version