一,安裝clamav
1.yum install clamav -y
如果找不到包的話,只有下載源碼自己編譯安裝了。
tar zxf clamav-0.97.4.tar.gz
cd clamav-0.97.4
groupadd clamav
useradd -g clamav -s /bin/false clamav
./configure --prefix=/usr/local/clamav && make && make install
首先創建一個目錄.
mkdir /home/clamav/logs (clanav 日誌目錄)
mkdir /usr/local/clamav/update (clanav 病毒庫目錄)
修改配置文件/usr/local/clamav/etc/clamd.conf
sed -i 's/Example/#Example/' /usr/local/clamav/etc/clamd.conf
sed -i '14 a\LogFile \/home\/clamav\/logs\/clamd.log' /usr/local/clamav/etc/clamd.conf
sed -i '57 a\PidFile \/usr\/local\/clamav\/update\/clamd.pid' /usr/local/clamav/etc/clamd.conf
sed -i '65 a\DatabaseDirectory \/usr\/local\/clamav\/update ' /usr/local/clamav/etc/clamd.conf
修改配置文件/usr/local/clamav/etc/freshclam.conf
sed -i 's/Example/#Example/' /usr/local/clamav/etc/freshclam.conf
sed -i '13 a\DatabaseDirectory \/usr\/local\/clamav\/update' /usr/local/clamav/etc/freshclam.conf
sed -i '18 a\UpdateLogFile \/home\/clamav\/logs\/freshclam.log' /usr/local/clamav/etc/freshclam.conf
sed -i '49 a\PidFile \/usr\/local\/clamav\/update\/freshclam.pid' /usr/local/clamav/etc/freshclam.conf
sed -i '103 a\Checks 4' /usr/local/clamav/etc/freshclam.conf
sed -i '78 a\DatabaseMirror clamav.inet6.fr' /usr/local/clamav/etc/freshclam.conf
sed -i '78 a\DatabaseMirror clamav.netopia.pt' /usr/local/clamav/etc/freshclam.conf
sed -i '78 a\DatabaseMirror clamav.sonic.net' /usr/local/clamav/etc/freshclam.conf
下面創建日誌文件
touch /home/clamav/logs/freshclam.log
chown clamav:clamav /home/clamav/logs/freshclam.log
touch /home/clamav/logs/clamd.log
chown clamav:clamav /home/clamav/logs/clamd.log
chown clamav:clamav /usr/local/clamav/update
創建軟連接:
ln -s /usr/local/clamav/bin/clamscan /usr/bin/clamscan
ln -s /usr/local/clamav/bin/freshclam /usr/bin/freshclam
二,下載病毒庫
1.freshclam --verbose
freshclam上面這個命令是更新病毒庫,如果沒有,會自動下載,不過比較慢。你也可以手動下載,http://www.clamav.net/lang/en/,下二個就可以main.cvd、daily.cvd、bytecode.cvd。把下載的病毒庫文件放到/usr/local/clamav/update目錄下面,就行了。
2.手工下載病毒庫文件:
cd /usr/local/clamav/update
wget wget http://db.local.clamav.net/daily.cvd
wget http://db.local.clamav.net/main.cvd
wget http://db.local.clamav.net/bytecode.cvd
三,查看一下clamav進程
[root@Test208 update]# ps ax |grep clam
4858 ? Ss 0:00 /usr/bin/freshclam -d --quiet
5401 pts/0 S+ 0:00 grep --color=auto clam
[root@Test208 update]# ps ax |grep clam
4858 ? Ss 0:00 /usr/bin/freshclam -d --quiet
5401 pts/0 S+ 0:00 grep --color=auto clam
四,一些常規用法舉例
1,掃描某個目錄,clamscan -r /home/
2,將掃描結果存放到log中,clamscan -r /home/ -l /usr/local/clamav/logs/clamd.log
3,掃描過程中,只顯示有問題的文件並且發出警報聲音,clamscan -r --bell -i /home/
4,掃描到有問題的文件,直接刪除,clamscan -r --remove /home/ > /home/clamscan.log,這一步要小心,最好不要這樣操作,如果刪除了系統文件就麻煩了,可能導致系統崩潰。
五,掃描結果
[root@Test208 update]# clamscan -r /home/
/home/xhprof/xhprof_html/callgraph.php: OK
/home/xhprof/xhprof_html/css/xhprof.css: OK
....................................................
/home/xhprof/xhprof_lib/utils/callgraph_utils.php: OK
/home/xhprof/xhprof_lib/utils/xhprof_runs.php: OK
/home/xhprof/xhprof_lib/utils/xhprof_lib.php: OK
/home/xhprof/xhprof_lib/display/typeahead_common.php: OK
/home/xhprof/xhprof_lib/display/xhprof.php: OK
----------- SCAN SUMMARY -----------
Known viruses: 1210664
Engine version: 0.97.4
Scanned directories: 145
Scanned files: 1096
Infected files: 0
Data scanned: 54.04 MB
Data read: 45.68 MB (ratio 1.18:1)
Time: 7.834 sec (0 m 7 s)
六、定期掃描
crontab -e
添加如下兩行:
30 5 * * * clamscan -ri --remove /tmp /home >> /home/clamav/logs/clamd.log --每天5:30運行
10 2 * * 7 clamscan -ri --remove /home >> /home/clamav/logs/clamd.log --每週日2:10運行
linux clamav 免費查毒工具
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.