ClamAV是使用广泛且基于GPL License的开源代码的典型杀毒软件,它支持各种平台,如:windows、linux、Unix等操作系统,并被广泛应用于其他应用程序,如:邮件客户端服务器、HTTP病毒扫描代理等。

下面开始安装

[root@nsh ~]# yum install -y epel-release
[root@nsh ~]# yum install -y clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

修改配置文件

[root@nsh ~]# sed -i '/^Example/d' /etc/clamd.d/scan.conf
[root@nsh ~]# sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf

编辑配置文件

[root@nsh ~]# vim /etc/clamd.d/scan.confUser clamscan
LocalSocket /var/run/clamd.scan/clamd.sock

 更新病毒库

[root@nsh ~]# freshclam
ClamAV update process started at Tue Oct 29 13:43:11 2019
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Downloading daily-25551.cdiff [100%]
Downloading daily-25552.cdiff [100%]
Downloading daily-25553.cdiff [100%]
Downloading daily-25554.cdiff [100%]
Downloading daily-25555.cdiff [100%]
Downloading daily-25556.cdiff [100%]
Downloading daily-25557.cdiff [100%]
Downloading daily-25558.cdiff [100%]
Downloading daily-25559.cdiff [100%]
Downloading daily-25560.cdiff [100%]
Downloading daily-25561.cdiff [100%]
...............................................................
Downloading daily-25614.cdiff [100%]
Downloading daily-25615.cdiff [100%]
Downloading daily-25616.cdiff [100%]
daily.cld updated (version: 25616, sigs: 1960147, f-level: 63, builder: raynman)
Downloading bytecode-331.cdiff [100%]
bytecode.cld updated (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Database updated (6526490 signatures) from database.clamav.net (IP: 104.16.219.84)

设置定期更新病毒库(可选)

crontab -e

00 01,13 * * * /usr/bin/freshclam --quiet

因为freshclam不是系统服务,可新建如下

vim /usr/lib/systemd/system/freshclam.service
[Unit]
Description = freshclam scanner
After = network.target

[Service]
Type = forking
ExecStart = /usr/bin/freshclam -d -c 2   #一天更新两次
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target

systemctl enable freshclam.service
systemctl start freshclam.service
systemctl status freshclam.service

 启动查杀服务

systemctl enable clamd@scan.service
systemctl start clamd@scan.service
systemctl status clamd@scan.service

 查看clamAV的配置信息:

[root@nsh ~]# clamconf
Checking configuration files in /etc

Config file: clamd.d/scan.conf
------------------------------
AlertExceedsMax disabled
PreludeEnable disabled
PreludeAnalyzerName disabled
LogFile disabled
LogFileUnlock disabled
LogFileMaxSize = "1048576"
LogTime disabled
LogClean disabled
....................................................................................
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamd.d/scan.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SafeBrowsing disabled
Bytecode = "yes"

mail/clamav-milter.conf not found

Software settings
-----------------
Version: 0.101.4
Optional features supported: MEMPOOL IPv6 AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON

Database information
--------------------
Database directory: /var/lib/clamav
main.cvd: version 58, sigs: 4566249, built on Thu Jun  8 05:38:10 2017
daily.cld: version 25616, sigs: 1960147, built on Mon Oct 28 16:57:02 2019
bytecode.cld: version 331, sigs: 94, built on Fri Sep 20 00:12:33 2019
Total number of signatures: 6526490

Platform information
--------------------
uname: Linux 3.10.0-693.el7.x86_64 #1 SMP Tue Aug 22 21:09:27 UTC 2017 x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
zlib version: 1.2.7 (1.2.7), compile flags: a9
platform id: 0x0a2169690800000000040805

Build information
-----------------
GNU C: 4.8.5 20150623 (Red Hat 4.8.5-39) (4.8.5)
CPPFLAGS:
CFLAGS: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic -fno-strict-aliasing   -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic
LDFLAGS: -Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--as-needed
Configure: '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/usr' '--exec-prefix=/usr' '--bindir=/usr/bin' '--sbindir=/usr/sbin' '--sysconfdir=/etc' '--datadir=/usr/share' '--includedir=/usr/include' '--libdir=/usr/lib64' '--libexecdir=/usr/libexec' '--localstatedir=/var' '--sharedstatedir=/var/lib' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--enable-milter' '--disable-clamav' '--disable-static' '--disable-zlib-vcheck' '--disable-unrar' '--enable-id-check' '--enable-dns' '--with-dbdir=/var/lib/clamav' '--with-group=clamupdate' '--with-user=clamupdate' '--disable-rpath' '--disable-silent-rules' '--enable-clamdtop' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'CXXFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic' 'LDFLAGS=-Wl,-z,relro -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,--as-needed' 'CFLAGS=-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1  -m64 -mtune=generic' 'PKG_CONFIG_PATH=:/usr/lib64/pkgconfig:/usr/share/pkgconfig'
sizeof(void*) = 8
Engine flevel: 105, dconf: 105

  测试一下:下载个含病毒的文件并杀掉

[root@nsh ~]# wget http://www.eicar.org/download/eicar_com.zip
--2019-10-29 14:32:00--  http://www.eicar.org/download/eicar_com.zip
Resolving www.eicar.org (www.eicar.org)... 213.211.198.62
Connecting to www.eicar.org (www.eicar.org)|213.211.198.62|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 184 [application/octet-stream]
Saving to: ‘eicar_com.zip’

100%[=================================================================================================================================>] 184         --.-K/s   in 0s

2019-10-29 14:32:07 (34.2 MB/s) - ‘eicar_com.zip’ saved [184/184]

[root@nsh ~]# clamscan --infected --remove --recursive .
./eicar_com.zip: Eicar-Test-Signature FOUND
./eicar_com.zip: Removed.

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 3
Scanned files: 9
Infected files: 1
Data scanned: 0.01 MB
Data read: 0.00 MB (ratio 2.00:1)
Time: 103.178 sec (1 m 43 s)

  查杀两个目录

[root@nsh ~]# clamscan --infected --remove --recursive /home /root

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 4
Scanned files: 8
Infected files: 0
Data scanned: 0.01 MB
Data read: 0.00 MB (ratio 2.00:1)
Time: 96.905 sec (1 m 36 s)

  扫描整个系统

[root@nsh ~]# clamscan --infected --recursive --exclude-dir="^/sys" /
LibClamAV Warning: cli_scanxz: decompress file size exceeds limits - only scanning 27262976 bytes

----------- SCAN SUMMARY -----------
Known viruses: 6515529
Engine version: 0.101.4
Scanned directories: 13069
Scanned files: 61419
Infected files: 0
Data scanned: 2688.47 MB
Data read: 2923.47 MB (ratio 0.92:1)
Time: 1150.914 sec (19 m 10 s)

  完成

总结:简单无脑,但是还是需要研究...............................

  

  

Linux上的软件ClamAV的更多相关文章

  1. 大数据学习——Linux上常用软件安装

    4.1 Linux系统软件安装方式 Linux上的软件安装有以下几种常见方式: 1.二进制发布包 软件已经针对具体平台编译打包发布,只要解压,修改配置即可 2.RPM发布包 软件已经按照redhat的 ...

  2. Linux上的软件安装有哪些方式?

    Linux上的软件安装有以下几种常见方式介绍 1.二进制发布包 软件已经针对具体平台编译打包发布,只要解压,修改配置即可 2.RPM包 软件已经按照redhat的包管理工具规范RPM进行打包发布,需要 ...

  3. Linux上常用软件安装和总结

    Linux总结: 以前只顾着撸码,Linux这些一般都是运维玩的,然后也没怎么折腾过,每次上线也都只是发布下,最多也就是启停服务器.最近闲来无事就玩了玩Linux,还挺好的. 这里做一个总结来结束Li ...

  4. linux上 安装软件

    一.rpm包安装方式步骤:  1.找到相应的软件包,比如soft.version.rpm,下载到本机某个目录: 2.打开一个终端,su -成root用户: 3.cd soft.version.rpm所 ...

  5. Linux上安装软件

    Linux发行版的两大系列 debian:代表的比如Ubuntu,软件包管理工具apt.apt-get.dpkg,软件包名.deb redhat:代表的比如CentOS(所以在VMware上安装Cen ...

  6. Linux下安装软件命令详解

    ---------------------------------------------------------------- 或许你对于linux还不够了解,但是一旦你步入公司后,你就会发现lin ...

  7. linux操作之软件安装(二)(源码安装)

    源码安装 linux上的软件大部分都是c语言开发的 , 那么安装需要gcc编译程序才可以进行源码安装. yum install -y gcc #先安装gcc 安装源码需要三个步骤 1) ./confi ...

  8. Wine——在Linux上运行Windows软件

    官网:https://www.winehq.org/ 参考: wikipedia 教你使用Wine在Linux上运行Windows软件 如何安装和使用Wine,以便在Linux上运行Windows应用 ...

  9. Windows上模拟Linux环境的软件Cygwin

    Windows上模拟Linux环境的软件Cygwin 2010-10-11 15:19      我要评论(0) 字号:T|T Cygwin是一个用于在Windows上 模拟Linux环境的软件.它可 ...

随机推荐

  1. java求两个圆相交坐标

    最近由于项目需要,根据两个圆函数求出相交的坐标.实现代码如下,另感谢两圆求交点算法实现Java代码,虽然他所贡献的代码中存在问题,但仍有借鉴意义. 1.两个圆相交的数学求法 在中学数学中我们知道,一个 ...

  2. Java并发编程:CountDownLatch、CyclicBarrier和 Semaphore , Condition

    http://www.importnew.com/21889.html 1)CountDownLatch和CyclicBarrier都能够实现线程之间的等待,只不过它们侧重点不同: CountDown ...

  3. java8的lambda过滤list遍历集合,排序

    1.根据属性过滤list List<AllManagerBean> testLists = broadCastRoomMapper.allManagerlist(); List<Al ...

  4. 并发与高并发(二)-JAVA内存模型

    一.java内存模型(JMM)-同步操作与规则 它描述的是一组规则或规范,通过这组规范定义了程序中各个变量(包括实例字段,静态字段和构成数组对象的元素)的访问方式.一个线程如何和何时能看到其他线程共享 ...

  5. BBS注册功能

    BBS注册功能 一.后端 1.组件校验数据 """ @author RansySun @create 2019-11-03-11:35 """ ...

  6. Reservoir Computing论文学习

    目录 背景: RC优势: 储备池计算主要理论组成: ESNS数学模型 结构表示 状态方程和输出方程 计算过程 储备池的优化 GA:使用进化算法对参数进行优化: 基于随机梯度下降法的储备池参数优化 参考 ...

  7. 刷题34. Find First and Last Position of Element in Sorted Array

    一.题目说明 题目是34. Find First and Last Position of Element in Sorted Array,查找一个给定值的起止位置,时间复杂度要求是Olog(n).题 ...

  8. redis day03 下

    事务 能够有回退状态 事务命令 安命令执行没问题,redis是弱事务型 nulti incr n1   -->QUEUED(返回仅队列了) EXEC -->返回结果 pipeline 流水 ...

  9. zabbix3.4--配置微信告警

    1.注册企业微信 https://work.weixin.qq.com/ 2.注册好后登陆,点击“我的企业”,记录企业ID. 3.点击“应用管理”--“创建应用”,创建应用时添加接收告警的用户 4.添 ...

  10. MACOSX下查看某个端口被哪个程序占用及杀进程方法

    sudo lsof -i :9000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME java 61342 a 313u IPv6 0x11111 ...