AWS EC2 virus scanning tools can come in handy to keep malware at bay. Read to find out more. 

At Bobcares, we offer solutions for every query, big and small, as a part of our Server Management Services.

Let’s take a look at how our Support Team is ready to help customers with different AWS EC2 virus scanning tools.

All About AWS EC2 virus scanning

While Linux servers are very secure, sometimes packages we install or the application we set up may have security or vulnerability issues. According to our Support Techs, checking the systems regularly for vulnerability issues and security threats is critical. This is where a vulnerability scanner comes in handy.

S3 VirusScan is a popular third-party open-source tool in order to scan s3 buckets. Today. we are going to take a look at bucketAV, another tool for scanning S3 buckets.

Some of the features it offers include:

• It updates ClamAV database automatically every three hours.
• It uses ClamAV engine to scan new files on S3 buckets.
• S3 VirusScan scales EC2 instance workers in order to distribute the workload.
• It adds logs to CloudWatch logs.
• The tool can automatically delete compromised files. (optional)
• It publishes a message to SNS if it finds something new.

It also offers several commercial features including:

• Dashboard
• Instant reporting
• Scan buckets at regular intervals.
• Regular security updates
• Quarantines infected files
• Multi-account support
• AWS integration with CloudWatch, Security Hub, and SSM OpsCenter

How does a AWS EC2 virus scanning tool work

The bucketAV virus scanning tool works as seen below:

The SQS queue decouples scan jobs from ClamAV workers. Each S3 bucket has the ability to fire events for new events. The ClamAV workers run a script to execute the clamscan command. In case a virus is found, the file is deleted and an SNS notification is sent out.

How to scan EC2 Instance via ClamAV in AWS

1. First, install clamav with the following command:

   apt-get install clamav
2. Next, run freshclam command to update the clamav scanner virus definitions.
3. Then, it is time to scan the servers with the clamscan command. This takes time depending on the files and folders in the server.

In case we want to send the scanning process to a file, our Support Techs recommend running the following command:

clamscan > scannedreport.docx

We can also scan a particular folder with the following command:

clamscan -r /Downloads > downloadlatestreport.docx

Furthermore, we can automate the process by configuring clamscan to run at a particular time every day and send the output to S3 bucket.

[Looking for a solution to another query? We are just a click away.]

Conclusion

To sum up, our skilled Support Engineers at Bobcares demonstrated different AWS EC2 virus scanning tools.