一,安裝clamav
1.yum install clamav -y
如果找不到包的話,只有下載源碼自己編譯安裝了。
tar zxf clamav-0.97.4.tar.gz
cd clamav-0.97.4
groupadd clamav
useradd -g clamav -s /bin/false clamav
./configure --prefix=/usr/local/clamav && make && make install
首先創建一個目錄.
mkdir /home/clamav/logs (clanav 日誌目錄)
mkdir /usr/local/clamav/update (clanav 病毒庫目錄)
修改配置文件/usr/local/clamav/etc/clamd.conf
sed -i 's/Example/#Example/' /usr/local/clamav/etc/clamd.conf
sed -i '14 a\LogFile \/home\/clamav\/logs\/clamd.log' /usr/local/clamav/etc/clamd.conf
sed -i '57 a\PidFile \/usr\/local\/clamav\/update\/clamd.pid' /usr/local/clamav/etc/clamd.conf
sed -i '65 a\DatabaseDirectory \/usr\/local\/clamav\/update ' /usr/local/clamav/etc/clamd.conf
修改配置文件/usr/local/clamav/etc/freshclam.conf
sed -i 's/Example/#Example/' /usr/local/clamav/etc/freshclam.conf
sed -i '13 a\DatabaseDirectory \/usr\/local\/clamav\/update' /usr/local/clamav/etc/freshclam.conf
sed -i '18 a\UpdateLogFile \/home\/clamav\/logs\/freshclam.log' /usr/local/clamav/etc/freshclam.conf
sed -i '49 a\PidFile \/usr\/local\/clamav\/update\/freshclam.pid' /usr/local/clamav/etc/freshclam.conf
sed -i '103 a\Checks 4' /usr/local/clamav/etc/freshclam.conf
sed -i '78 a\DatabaseMirror clamav.inet6.fr' /usr/local/clamav/etc/freshclam.conf
sed -i '78 a\DatabaseMirror clamav.netopia.pt' /usr/local/clamav/etc/freshclam.conf
sed -i '78 a\DatabaseMirror clamav.sonic.net' /usr/local/clamav/etc/freshclam.conf
下面創建日誌文件
touch /home/clamav/logs/freshclam.log
chown clamav:clamav /home/clamav/logs/freshclam.log
touch /home/clamav/logs/clamd.log
chown clamav:clamav /home/clamav/logs/clamd.log
chown clamav:clamav /usr/local/clamav/update
創建軟連接:
ln -s /usr/local/clamav/bin/clamscan /usr/bin/clamscan
ln -s /usr/local/clamav/bin/freshclam /usr/bin/freshclam
二,下載病毒庫
1.freshclam --verbose
freshclam上面這個命令是更新病毒庫,如果沒有,會自動下載,不過比較慢。你也可以手動下載,http://www.clamav.net/lang/en/,下二個就可以main.cvd、daily.cvd、bytecode.cvd。把下載的病毒庫文件放到/usr/local/clamav/update目錄下面,就行了。
2.手工下載病毒庫文件:
cd /usr/local/clamav/update
wget wget http://db.local.clamav.net/daily.cvd
wget http://db.local.clamav.net/main.cvd
wget http://db.local.clamav.net/bytecode.cvd
三,查看一下clamav進程
[root@Test208 update]# ps ax |grep clam
4858 ? Ss 0:00 /usr/bin/freshclam -d --quiet
5401 pts/0 S+ 0:00 grep --color=auto clam
[root@Test208 update]# ps ax |grep clam
4858 ? Ss 0:00 /usr/bin/freshclam -d --quiet
5401 pts/0 S+ 0:00 grep --color=auto clam
四,一些常規用法舉例
1,掃描某個目錄,clamscan -r /home/
2,將掃描結果存放到log中,clamscan -r /home/ -l /usr/local/clamav/logs/clamd.log
3,掃描過程中,只顯示有問題的文件並且發出警報聲音,clamscan -r --bell -i /home/
4,掃描到有問題的文件,直接刪除,clamscan -r --remove /home/ > /home/clamscan.log,這一步要小心,最好不要這樣操作,如果刪除了系統文件就麻煩了,可能導致系統崩潰。
五,掃描結果
[root@Test208 update]# clamscan -r /home/
/home/xhprof/xhprof_html/callgraph.php: OK
/home/xhprof/xhprof_html/css/xhprof.css: OK
....................................................
/home/xhprof/xhprof_lib/utils/callgraph_utils.php: OK
/home/xhprof/xhprof_lib/utils/xhprof_runs.php: OK
/home/xhprof/xhprof_lib/utils/xhprof_lib.php: OK
/home/xhprof/xhprof_lib/display/typeahead_common.php: OK
/home/xhprof/xhprof_lib/display/xhprof.php: OK
----------- SCAN SUMMARY -----------
Known viruses: 1210664
Engine version: 0.97.4
Scanned directories: 145
Scanned files: 1096
Infected files: 0
Data scanned: 54.04 MB
Data read: 45.68 MB (ratio 1.18:1)
Time: 7.834 sec (0 m 7 s)
六、定期掃描
crontab -e
添加如下兩行:
30 5 * * * clamscan -ri --remove /tmp /home >> /home/clamav/logs/clamd.log --每天5:30運行
10 2 * * 7 clamscan -ri --remove /home >> /home/clamav/logs/clamd.log --每週日2:10運行
linux clamav 免費查毒工具
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.
相關文章
解密後綴phobos勒索病毒 解密成功
染血的精靈
2019-02-24 13:35:07
華爲3COM交換機防病毒策略
god9394
2019-02-24 13:04:19
詳細瞭解查殺病毒的技巧
lichenjing9
2019-02-23 14:06:52
新型病毒可躲過殺毒軟件 已感染7.5萬臺PC
jkxuser
2019-02-23 13:49:04
域內有個病毒,是由X軟件生成的,怎麼刪除?
Hack38
2019-02-23 13:22:24
ARP病毒的分析與防治
fengyinbo923
2019-02-23 13:16:22
txplatform.exe分析及病毒解決
smallCrab2009
2019-02-23 13:10:47
用winhex恢復被“生成與原文件夾相同名字的exe文件“病毒破壞的數據
傾角45度半
2019-02-23 00:23:45
針對企業無線局域網的一些簡單要求與建議~
xuqinyu521
2019-02-23 00:21:17
史上最牛的10大計算機病毒
喜歡寧靜
2019-02-23 00:13:16
【原創:讓我們一起踏上***的征途】——第二課 病毒在我電腦裏幹了什麼?
sinauc
2019-02-22 23:45:19
mravsc32.exe簡單分析(魔波病毒)
孤獨更可靠
2019-02-22 23:37:07
你的公司有如下的症狀嗎?
lzw119
2019-02-22 23:19:16